def test_deprecated_hash_algorithm(self): with pytest.raises(HttpSigException) as e: sign.HeaderSigner(key_id='Test', secret=self.key_2048, sign_algorithm=PSS("sha256", salt_length=0)) self.assertEqual( str(e.value), "Hash algorithm: sha256 is deprecated. Please use: sha512")
def test_none_key_id(self): with self.assertRaises(ValueError) as e: sign.HeaderSigner(key_id=None, secret=self.key_2048, headers=[ '(request-target)', 'host', 'date', 'content-type', 'digest', 'content-length' ]) self.assertEqual(str(e.exception), "key_id can't be empty")
def test_empty_secret(self): with self.assertRaises(ValueError) as e: sign.HeaderSigner(key_id='Test', secret='', headers=[ '(request-target)', 'host', 'date', 'content-type', 'digest', 'content-length' ]) self.assertEqual(str(e.exception), "secret can't be empty")
def test_huge_key_id(self): with self.assertRaises(ValueError) as e: sign.HeaderSigner(key_id='x' * 1000000, secret=self.key_2048, headers=[ '(request-target)', 'host', 'date', 'content-type', 'digest', 'content-length' ]) self.assertEqual(str(e.exception), "key_id cant be larger than 100000 chars")
def test_hmac(self): hs = sign.HeaderSigner(key_id='pda', algorithm='hmac-sha256', secret='secret', headers=['(request-target)', 'Date']) unsigned = { 'Date': 'today', 'accept': 'llamas' } signed = hs.sign(unsigned, method='GET', path='/path?query=123') auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'pda') self.assertEqual(params['algorithm'], 'hmac-sha256') self.assertEqual(params['signature'], 'SFlytCGpsqb/9qYaKCQklGDvwgmrwfIERFnwt+yqPJw=')
def test_default(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key) unsigned = { 'Date': self.header_date } signed = hs.sign(unsigned) self.assertIn('Date', signed) self.assertEqual(unsigned['Date'], signed['Date']) self.assertIn('Authorization', signed) auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'Test') self.assertEqual(params['algorithm'], 'rsa-sha256') self.assertEqual(params['signature'], 'jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=') # noqa: E501
def test_missing_header_digest(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key_2048, sign_algorithm=PSS("sha512", salt_length=0), headers=[ '(request-target)', 'host', 'date', 'content-type', 'digest', 'content-length' ]) unsigned = { 'Host': self.header_host, 'Date': self.header_date, 'Content-Type': self.header_content_type, 'Content-Length': self.header_content_length, } with self.assertRaises(ValueError) as e: hs.sign(unsigned, method=self.test_method, path=self.test_path) self.assertEqual(str(e.exception), 'missing required header "digest"')
def test_default(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key) unsigned = {'Date': 'Thu, 05 Jan 2012 21:31:40 GMT'} signed = hs.sign(unsigned) self.assertIn('Date', signed) self.assertEqual(unsigned['Date'], signed['Date']) self.assertIn('Authorization', signed) auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'Test') self.assertEqual(params['algorithm'], 'rsa-sha256') self.assertEqual( params['signature'], 'ATp0r26dbMIxOopqw0OfABDT7CKMIoENumuruOtarj8n/97Q3htHFYpH8yOSQk3Z5zh8UxUym6FYTb5+A0Nz3NRsXJibnYi7brE/4tx5But9kkFGzG+xpUmimN4c3TMN7OFH//+r8hBf7BT9/GmHDUVZT2JzWGLZES2xDOUuMtA=' )
def test_other_default(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key_1024, sign_algorithm=PSS(hash_algorithm="sha512", salt_length=0)) unsigned = {'Date': self.header_date} signed = hs.sign(unsigned) self.assertIn('Date', signed) self.assertEqual(unsigned['Date'], signed['Date']) self.assertIn('Authorization', signed) auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'Test') self.assertEqual(params['algorithm'], 'hs2019') self.assertEqual( params['signature'], 'Gw8FOaXNxqwJHXwJ30OKiMFpK5zP916CFtzK7/biKi9NppjGAlpUfFKqp5kK+bFRyXxqUzQ1x5cbSeFzRWnqodNNO60ApYbOVD7ePqJfZ3DJFAxYOMzoECzc+lyVskSHKC0Ue8aYiV66gXTuY7hrEIqUsK3To/DhSNgO8csdzwg=' )
def test_default(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key_2048, sign_algorithm=PSS(hash_algorithm="sha512", salt_length=0)) unsigned = {'Date': self.header_date} signed = hs.sign(unsigned) self.assertIn('Date', signed) self.assertEqual(unsigned['Date'], signed['Date']) self.assertIn('Authorization', signed) auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'Test') self.assertEqual(params['algorithm'], 'hs2019') self.assertEqual( params['signature'], 'T8+Cj3Zp2cBDm2r8/loPgfHUSSFXXyZJNxxbNx1NvKVz/r5T4z6pVxhl9rqk8WfYHMdlh2aT5hCrYKvhs88Jy0DDmeUP4nELWRsO1BF0oAqHfcrbEikZQL7jA6z0guVaLr0S5QRGmd1K5HUEkP/vYEOns+FRL+JrFG4dNJNESvG5iyKUoaXfoZCFdqtzLlIteEAL7dW/kaX/dE116wfpbem1eCABuGopRhuFtjqLKVjuUVwyP/zSYTqd9j+gDhinkAifTJPxbGMh0b5LZdNCqw5irT9NkTcTFRXDp8ioX8r805Z9QhjT7H+rSo350U2LsAFoQ9ttryPBOoMPCiQTlw==' ) # noqa: E501
def test_all(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key, headers=[ '(request-target)', 'host', 'date', 'content-type', 'content-md5', 'content-length' ]) unsigned = { 'Host': 'example.com', 'Date': 'Thu, 05 Jan 2012 21:31:40 GMT', 'Content-Type': 'application/json', 'Content-MD5': 'Sd/dVLAcvNLSq16eXua5uQ==', 'Content-Length': '18', } signed = hs.sign(unsigned, method='POST', path='/foo?param=value&pet=dog') self.assertIn('Date', signed) self.assertEqual(unsigned['Date'], signed['Date']) self.assertIn('Authorization', signed) auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'Test') self.assertEqual(params['algorithm'], 'rsa-sha256') self.assertEqual( params['headers'], '(request-target) host date content-type content-md5 content-length' ) self.assertEqual( params['signature'], 'G8/Uh6BBDaqldRi3VfFfklHSFoq8CMt5NUZiepq0q66e+fS3Up3BmXn0NbUnr3L1WgAAZGplifRAJqp2LgeZ5gXNk6UX9zV3hw5BERLWscWXlwX/dvHQES27lGRCvyFv3djHP6Plfd5mhPWRkmjnvqeOOSS0lZJYFYHJz994s6w=' )
def test_all(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key_2048, sign_algorithm=PSS("sha512", salt_length=0), headers=[ '(request-target)', 'host', 'date', 'content-type', 'digest', 'content-length' ]) unsigned = { 'Host': self.header_host, 'Date': self.header_date, 'Content-Type': self.header_content_type, 'Digest': self.header_digest, 'Content-Length': self.header_content_length, } signed = hs.sign(unsigned, method=self.test_method, path=self.test_path) self.assertIn('Date', signed) self.assertEqual(unsigned['Date'], signed['Date']) self.assertIn('Authorization', signed) auth = parse_authorization_header(signed['authorization']) params = auth[1] self.assertIn('keyId', params) self.assertIn('algorithm', params) self.assertIn('signature', params) self.assertEqual(params['keyId'], 'Test') self.assertEqual(params['algorithm'], 'hs2019') self.assertEqual( params['headers'], '(request-target) host date content-type digest content-length') self.assertEqual( params['signature'], 'bxWyLDB/Tuhzxd/tWG2g60l3Goyk9XJZzj2ouNKizZuZoe1Ngj+19N11bhK7FABHJ7lSzH5g6fp5LkN894ivIv6N29L2sPssuAkqgzNXyvYkp4KWOr5j7sVpApmRH7gf7THljcXosmrYk5gdBTspixpJJJ5LGkkPKCRAFurmi/LqopSH6cJbLJNIccTu2dTMGEeDOqqNterVmfonpZyPeBsEEwoeOo6d8zgHzB/1Xxk7dfELFbA1c0LE5kZbwEIEFPmS01YFz6EJW7Aj8kzvzwQRyvgDobi25niGOy/D7JVHvtDjBIaJedFuFJSb8rZ2DGryBQ6NwchMp3f2MUoTGg==' ) # noqa: E501
def test_unsupported_hash_algorithm(self): with pytest.raises(HttpSigException) as e: sign.HeaderSigner(key_id='Test', secret=self.key_2048, sign_algorithm=PSS("sha123", salt_length=0)) self.assertEqual(str(e.value), "Unsupported hash algorithm")