Python server_authenticator_factory Examples

Example #1

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_PLAIN_bad_pass_no_authzid(self):
     if "PLAIN" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no PLAIN support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("PLAIN", pwdb)
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("PLAIN", authenticator, {})
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #2

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_PLAIN_good_pass_no_authzid(self):
     if "PLAIN" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no PLAIN support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("PLAIN", pwdb)
     ok, props = self.try_with_gsasl("PLAIN", authenticator, {})
     self.assertTrue(ok)
     self.assertFalse(props.get("authzid"))

Example #3

 def test_PLAIN_bad_pass_no_authzid(self):
     if "PLAIN" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no PLAIN support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("PLAIN", pwdb)
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("PLAIN", authenticator, {})
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #4

 def test_PLAIN_good_pass_no_authzid(self):
     if "PLAIN" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no PLAIN support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("PLAIN", pwdb)
     ok, props = self.try_with_gsasl("PLAIN", authenticator, {})
     self.assertTrue(ok)
     self.assertFalse(props.get("authzid"))

Example #5

 def test_SCRAM_SHA_1_bad_pass_no_authzid(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = {}
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("SCRAM-SHA-1", authenticator, auth_prop,
                             ["--no-cb"])
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #6

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_SCRAM_SHA_1_good_pass_authzid(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = { }
     ok, props = self.try_with_gsasl("SCRAM-SHA-1", authenticator, auth_prop,
                                     [ "--no-cb", "--authorization-id=zid"])
     self.assertTrue(ok)
     self.assertEqual(props.get("authzid"), "zid")

Example #7

 def test_SCRAM_SHA_1_good_pass_no_authzid(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = {"enabled_mechanisms": ["SCRAM-SHA-1"]}
     ok, props = self.try_with_gsasl("SCRAM-SHA-1", authenticator,
                                     auth_prop, ["--no-cb"])
     self.assertTrue(ok)
     self.assertIsNone(props.get("authzid"))

Example #8

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_SCRAM_SHA_1_bad_pass_no_authzid(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = { }
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("SCRAM-SHA-1", authenticator,
                                             auth_prop, [ "--no-cb"])
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #9

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_SCRAM_SHA_1_good_pass_downgrade(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = { "enabled_mechanisms": ["SCRAM-SHA-1", "SCRAM-SHA-1-PLUS"]}
     cb_data = b"0123456789ab"
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("SCRAM-SHA-1", authenticator, auth_prop,
                                 extra_data = standard_b64encode(cb_data))
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #10

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_SCRAM_SHA_1_PLUS_bad_pass_no_authzid(self):
     if "SCRAM-SHA-1-PLUS" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no SCRAM-SHA-1-PLUS support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1-PLUS",
                                                                     pwdb)
     cb_data = b"0123456789ab"
     auth_prop = { "channel-binding": {"tls-unique": cb_data} }
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("SCRAM-SHA-1-PLUS", authenticator, auth_prop,
                                 extra_data = standard_b64encode(cb_data))
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #11

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_SCRAM_SHA_1_PLUS_good_pass_authzid(self):
     if "SCRAM-SHA-1-PLUS" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no SCRAM-SHA-1-PLUS support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1-PLUS",
                                                                     pwdb)
     cb_data = b"0123456789ab"
     auth_prop = { "channel-binding": {"tls-unique": cb_data} }
     ok, props = self.try_with_gsasl("SCRAM-SHA-1-PLUS", authenticator,
                                     auth_prop, ["--authorization-id=zid"],
                                 extra_data = standard_b64encode(cb_data))
     self.assertTrue(ok)
     self.assertEqual(props.get("authzid"), "zid")

Example #12

 def test_SCRAM_SHA_1_quoting(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("pi=3,14", "good")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = {}
     ok, props = self.try_with_gsasl(
         "SCRAM-SHA-1",
         authenticator,
         auth_prop, ["--no-cb", "--authorization-id=e=2,72"],
         username="******")
     self.assertTrue(ok)
     self.assertEqual(props.get("authzid"), "e=2,72")

Example #13

 def test_SCRAM_SHA_1_good_pass_downgrade(self):
     if "SCRAM-SHA-1" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no SCRAM-SHA-1 support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("SCRAM-SHA-1", pwdb)
     auth_prop = {"enabled_mechanisms": ["SCRAM-SHA-1", "SCRAM-SHA-1-PLUS"]}
     cb_data = b"0123456789ab"
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("SCRAM-SHA-1",
                             authenticator,
                             auth_prop,
                             extra_data=standard_b64encode(cb_data))
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #14

 def test_SCRAM_SHA_1_PLUS_bad_pass_no_authzid(self):
     if "SCRAM-SHA-1-PLUS" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no SCRAM-SHA-1-PLUS support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory(
         "SCRAM-SHA-1-PLUS", pwdb)
     cb_data = b"0123456789ab"
     auth_prop = {"channel-binding": {"tls-unique": cb_data}}
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("SCRAM-SHA-1-PLUS",
                             authenticator,
                             auth_prop,
                             extra_data=standard_b64encode(cb_data))
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #15

 def test_SCRAM_SHA_1_PLUS_good_pass_authzid(self):
     if "SCRAM-SHA-1-PLUS" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no SCRAM-SHA-1-PLUS support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory(
         "SCRAM-SHA-1-PLUS", pwdb)
     cb_data = b"0123456789ab"
     auth_prop = {"channel-binding": {"tls-unique": cb_data}}
     ok, props = self.try_with_gsasl("SCRAM-SHA-1-PLUS",
                                     authenticator,
                                     auth_prop, ["--authorization-id=zid"],
                                     extra_data=standard_b64encode(cb_data))
     self.assertTrue(ok)
     self.assertEqual(props.get("authzid"), "zid")

Example #16

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_DIGEST_MD5_bad_pass_no_authzid(self):
     if "DIGEST-MD5" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no DIGEST-MD5 support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("DIGEST-MD5", pwdb)
     auth_prop = {
                     "service-type": "xmpp",
                     "service-domain": "pyxmpp.jajcus.net",
                     "service-hostname": "test.pyxmpp.jajcus.net",
                   }
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("DIGEST-MD5", authenticator, auth_prop,
                         [ "--service=xmpp", "--realm=jajcus.net",
                             "--host=test.pyxmpp.jajcus.net",
                             "--service-name=pyxmpp.jajcus.net",
                             "--quality-of-protection=qop-auth"])
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #17

File: sasl__gsasl.py Project: Ansen/openshift-xmpptalk-ircbindxmpp-bundle

 def test_DIGEST_MD5_good_pass_no_authzid(self):
     if "DIGEST-MD5" not in gsasl_client_mechanisms:
         raise unittest.SkipTest( "GSASL has no DIGEST-MD5 support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("DIGEST-MD5", pwdb)
     auth_prop = {
                     "service-type": "xmpp",
                     "service-domain": "pyxmpp.jajcus.net",
                     "service-hostname": "test.pyxmpp.jajcus.net",
                   }
     ok, props = self.try_with_gsasl("DIGEST-MD5", authenticator, auth_prop,
                         [ "--service=xmpp", "--realm=jajcus.net",
                             "--host=test.pyxmpp.jajcus.net",
                             "--service-name=pyxmpp.jajcus.net",
                             "--quality-of-protection=qop-auth"])
     self.assertTrue(ok)
     self.assertIsNone(props.get("authzid"))

Example #18

 def test_DIGEST_MD5_bad_pass_no_authzid(self):
     if "DIGEST-MD5" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no DIGEST-MD5 support")
     pwdb = PasswordDatabase("username", "bad")
     authenticator = sasl.server_authenticator_factory("DIGEST-MD5", pwdb)
     auth_prop = {
         "service-type": u"xmpp",
         "service-domain": u"pyxmpp.jajcus.net",
         "service-hostname": u"test.pyxmpp.jajcus.net",
     }
     with self.assertRaises(OurSASLError) as err:
         self.try_with_gsasl("DIGEST-MD5", authenticator, auth_prop, [
             "--service=xmpp", "--realm=jajcus.net",
             "--host=test.pyxmpp.jajcus.net",
             "--service-name=pyxmpp.jajcus.net",
             "--quality-of-protection=qop-auth"
         ])
     self.assertEqual(err.exception.args[0], "not-authorized")

Example #19

 def test_DIGEST_MD5_good_pass_authzid(self):
     if "DIGEST-MD5" not in gsasl_client_mechanisms:
         raise unittest.SkipTest("GSASL has no DIGEST-MD5 support")
     pwdb = PasswordDatabase("username", "good")
     authenticator = sasl.server_authenticator_factory("DIGEST-MD5", pwdb)
     auth_prop = {
         "service-type": u"xmpp",
         "service-domain": u"pyxmpp.jajcus.net",
         "service-hostname": u"test.pyxmpp.jajcus.net",
     }
     ok, props = self.try_with_gsasl(
         "DIGEST-MD5", authenticator, auth_prop, [
             "--service=xmpp", "--realm=jajcus.net",
             "--host=test.pyxmpp.jajcus.net",
             "--service-name=pyxmpp.jajcus.net",
             "--quality-of-protection=qop-auth", "--authorization-id=zid"
         ])
     self.assertTrue(ok)
     self.assertEqual(props.get("authzid"), "zid")