def test_multiple_application_are_supported(self):
apps = "foo-1.1,bar-2.0,baz-2.1"
manager = SignedTokenManager(timeout=0.2, applications=apps)
# this should work as we have an application specified
request = FakeRequest({"application": "foo", "version": "1.1"})
token, secret, extra = manager.make_token(request, {"email": "tester"})
# asking for an unknown application should raise a 404
request = FakeRequest({"application": "undefined"})
self.assertRaises(HTTPNotFound, manager.make_token, request,
{"email": "tester"})
def test_multiple_application_are_supported(self):
apps = "foo-1.1,bar-2.0,baz-2.1"
manager = SignedTokenManager(timeout=0.2, applications=apps)
# this should work as we have an application specified
request = FakeRequest({"application": "foo", "version": "1.1"})
token, secret, extra = manager.make_token(request, {"email": "tester"})
# asking for an unknown application should raise a 404
request = FakeRequest({"application": "undefined"})
self.assertRaises(HTTPNotFound, manager.make_token, request,
{"email": "tester"})
def test_token_validation(self):
manager = SignedTokenManager(timeout=0.2)
token, secret = manager.make_token({"email":"tester"})
# Proper token == valid.
data, secret2 = manager.parse_token(token)
self.assertEquals(data["repoze.who.userid"], "tester")
self.assertEquals(secret, secret2)
# Bad signature == not valid.
bad_token = token[:-1] + ("X" if token[-1] == "Z" else "Z")
self.assertRaises(ValueError, manager.parse_token, bad_token)
bad_token = ("X"*50).encode("base64").strip()
self.assertRaises(ValueError, manager.parse_token, bad_token)
# Modified payload == not valid.
bad_token = "admin" + token[6:]
self.assertRaises(ValueError, manager.parse_token, bad_token)
# Expired token == not valid.
time.sleep(0.2)
self.assertRaises(ValueError, manager.parse_token, token)
def test_token_validation(self):
manager = SignedTokenManager(timeout=0.2)
request = FakeRequest()
token, secret, _ = manager.make_token(request, {"email": "tester"})
# Proper token == valid.
data, secret2 = manager.parse_token(token)
self.assertEquals(data["repoze.who.userid"], "tester")
self.assertEquals(secret, secret2)
# Bad signature == not valid.
bad_token = token[:-1] + ("X" if token[-1] == "Z" else "Z")
self.assertRaises(ValueError, manager.parse_token, bad_token)
bad_token = ("X" * 50).encode("base64").strip()
self.assertRaises(ValueError, manager.parse_token, bad_token)
# Modified payload == not valid.
bad_token = "admin" + token[6:]
self.assertRaises(ValueError, manager.parse_token, bad_token)
# Expired token == not valid.
time.sleep(0.2)
self.assertRaises(ValueError, manager.parse_token, token)
def test_token_dont_validate_without_a_userid(self):
manager = SignedTokenManager()
token, secret = manager.make_token({"permissions":"all"})
self.assertRaises(ValueError, manager.parse_token, token)
def test_token_dont_validate_without_a_userid(self):
manager = SignedTokenManager()
request = FakeRequest()
token, secret, _ = manager.make_token(request, {"permissions": "all"})
self.assertRaises(ValueError, manager.parse_token, token)
def test_specifying_no_applications_works(self):
manager = SignedTokenManager(timeout=0.2)
manager.make_token(FakeRequest(), {"email": "tester"})
def test_specifying_no_applications_works(self):
manager = SignedTokenManager(timeout=0.2)
manager.make_token(FakeRequest(), {"email": "tester"})
