def test_validate_digest_uri(self):
     request = make_request(SCRIPT_NAME="/my", PATH_INFO="/page")
     """:type : pyramid.testing.DummyRequest"""
     params = dict(scheme="Digest", realm="testrealm", username="******",
                   nonce="abcdef", response="123456", qop="auth",
                   uri="/my/page", cnonce="98765", nc="0001")
     self.failUnless(utils.validate_digest_uri(params, request))
     # Using full URI still works
     params["uri"] = "http://localhost/my/page"
     self.failUnless(utils.validate_digest_uri(params, request))
     # Check that query-string is taken into account.
     params["uri"] = "http://localhost/my/page?test=one"
     self.failIf(utils.validate_digest_uri(params, request))
     request.environ["QUERY_STRING"] = "test=one"
     self.failUnless(utils.validate_digest_uri(params, request))
     params["uri"] = "/my/page?test=one"
     self.failUnless(utils.validate_digest_uri(params, request))
     # Check that only MSIE is allow to fudge on the query-string.
     params["uri"] = "/my/page"
     request.environ["HTTP_USER_AGENT"] = "I AM FIREFOX I HAVE TO DO IT PROPERLY"
     self.failIf(utils.validate_digest_uri(params, request))
     request.environ["HTTP_USER_AGENT"] = "I AM ANCIENT MSIE PLZ HELP KTHXBYE"
     self.failUnless(utils.validate_digest_uri(params, request))
     self.failIf(utils.validate_digest_uri(params, request, msie_hack=False))
     params["uri"] = "/wrong/page"
     self.failIf(utils.validate_digest_uri(params, request))
Example #2
0
 def test_validate_digest_uri(self):
     request = make_request(SCRIPT_NAME="/my", PATH_INFO="/page")
     """:type : pyramid.testing.DummyRequest"""
     params = dict(scheme="Digest",
                   realm="testrealm",
                   username="******",
                   nonce="abcdef",
                   response="123456",
                   qop="auth",
                   uri="/my/page",
                   cnonce="98765",
                   nc="0001")
     self.failUnless(utils.validate_digest_uri(params, request))
     # Using full URI still works
     params["uri"] = "http://localhost/my/page"
     self.failUnless(utils.validate_digest_uri(params, request))
     # Check that query-string is taken into account.
     params["uri"] = "http://localhost/my/page?test=one"
     self.failIf(utils.validate_digest_uri(params, request))
     request.environ["QUERY_STRING"] = "test=one"
     self.failUnless(utils.validate_digest_uri(params, request))
     params["uri"] = "/my/page?test=one"
     self.failUnless(utils.validate_digest_uri(params, request))
     # Check that only MSIE is allow to fudge on the query-string.
     params["uri"] = "/my/page"
     request.environ[
         "HTTP_USER_AGENT"] = "I AM FIREFOX I HAVE TO DO IT PROPERLY"
     self.failIf(utils.validate_digest_uri(params, request))
     request.environ[
         "HTTP_USER_AGENT"] = "I AM ANCIENT MSIE PLZ HELP KTHXBYE"
     self.failUnless(utils.validate_digest_uri(params, request))
     self.failIf(utils.validate_digest_uri(params, request,
                                           msie_hack=False))
     params["uri"] = "/wrong/page"
     self.failIf(utils.validate_digest_uri(params, request))
 def test_a_custom_case_by_manual(self):
     request = make_request(SCRIPT_NAME="/api", PATH_INFO="/cat/438/family")
     """:type : pyramid.testing.DummyRequest"""
     params = dict(scheme="Digest", realm="VNPDC", username="******",
                   nonce="3490728e9:DnHXJy/sjddhh4sSJH4Xeg==",
                   response="ef3a8cdd6c0400468cdc8b867fbcdfb3",
                   algorithm="MD5",
                   qop="auth",
                   uri="/api/cat/438/family",
                   cnonce="4a5a1d0942f54daa",
                   nc="00000001")
     self.assertTrue(utils.validate_digest_uri(params, request))
Example #4
0
 def test_a_custom_case_by_manual(self):
     request = make_request(SCRIPT_NAME="/api", PATH_INFO="/cat/438/family")
     """:type : pyramid.testing.DummyRequest"""
     params = dict(scheme="Digest",
                   realm="VNPDC",
                   username="******",
                   nonce="3490728e9:DnHXJy/sjddhh4sSJH4Xeg==",
                   response="ef3a8cdd6c0400468cdc8b867fbcdfb3",
                   algorithm="MD5",
                   qop="auth",
                   uri="/api/cat/438/family",
                   cnonce="4a5a1d0942f54daa",
                   nc="00000001")
     self.assertTrue(utils.validate_digest_uri(params, request))