def test_decode_token(self): # Check invalid tokens with self.assertRaises(TokenException): auth_utils.decode_token(None) with self.assertRaises(TokenException): auth_utils.decode_token("asfafsasf1241243124") good_user = { "username": "******", "roles": ["role"] } token = auth_utils.create_token(good_user) try: auth_utils.decode_token(token) except Exception: self.fail("Should not be here") # test modified token not acceptable tokenlist = list(token) if tokenlist[0] != '?': tokenlist[0] = '?' else: tokenlist[0] = 'a' token = "".join(tokenlist) with self.assertRaises(TokenException): auth_utils.decode_token(token)
def test_get_authenticated_user(self): headername = "Authorization" request = testing.DummyRequest() good_user = {"username": "******", "roles": ["role"]} token = auth_utils.create_token(good_user) request.headers[headername] = token self.assertIsNone(auth_utils.get_authenticated_user( request)) # with current impl. we don't have the user "user"
def test_get_authenticated_user(self): headername = "Authorization" request = testing.DummyRequest() good_user = { "username": "******", "roles": ["role"] } token = auth_utils.create_token(good_user) request.headers[headername] = token self.assertIsNone(auth_utils.get_authenticated_user(request)) # with current impl. we don't have the user "user"
def test_valid_token(self): request = testing.DummyRequest() with self.assertRaises(HTTPBadRequest): auth_utils.valid_token(request) headername = "Authorization" request.headers[headername] = "asfasfasfasf" with self.assertRaises(HTTPBadRequest): auth_utils.valid_token(request) good_user = {"username": "******", "roles": ["role"]} token = auth_utils.create_token(good_user) request.headers[headername] = token auth_utils.valid_token(request)
def authenticate(request): """Registers a new token for the user""" authentitcationrequest = AuthenticationRequest().deserialize(request.json) user = userdao.find_by_username(authentitcationrequest["username"]) if user is None: raise HTTPBadRequest logger.debug("Creating new token for user {}".format(user["username"])) if verify_password_hash(authentitcationrequest["password"], user["password"]): token = auth_utils.create_token(user) logger.debug("Token created: {}".format(token)) return {'token': token} raise HTTPBadRequest
def test_valid_token(self): request = testing.DummyRequest() with self.assertRaises(HTTPBadRequest): auth_utils.valid_token(request) headername = "Authorization" request.headers[headername] = "asfasfasfasf" with self.assertRaises(HTTPBadRequest): auth_utils.valid_token(request) good_user = { "username": "******", "roles": ["role"] } token = auth_utils.create_token(good_user) request.headers[headername] = token auth_utils.valid_token(request)
def test_decode_token(self): # Check invalid tokens with self.assertRaises(TokenException): auth_utils.decode_token(None) with self.assertRaises(TokenException): auth_utils.decode_token("asfafsasf1241243124") good_user = {"username": "******", "roles": ["role"]} token = auth_utils.create_token(good_user) try: auth_utils.decode_token(token) except Exception: self.fail("Should not be here") # test modified token not acceptable tokenlist = list(token) if tokenlist[0] != '?': tokenlist[0] = '?' else: tokenlist[0] = 'a' token = "".join(tokenlist) with self.assertRaises(TokenException): auth_utils.decode_token(token)
def test_create_token(self): with self.assertRaises(TokenException): auth_utils.create_token(None) bad_user = {"username": None, "roles": ["cool"]} with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = {"username": "******", "roles": []} with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = {"username": "******", "roles": None} with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = { "username": "******", } with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = {"roles": ["role"]} with self.assertRaises(TokenException): auth_utils.create_token(bad_user) good_user = {"username": "******", "roles": ["role"]} token = auth_utils.create_token(good_user) self.assertIsNotNone(token) try: tokenuser = auth_utils.decode_token(token) self.assertEqual(good_user["username"], tokenuser["user"]) except TokenException: self.fail()
def test_create_token(self): with self.assertRaises(TokenException): auth_utils.create_token(None) bad_user = { "username": None, "roles": ["cool"] } with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = { "username": "******", "roles": [] } with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = { "username": "******", "roles": None } with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = { "username": "******", } with self.assertRaises(TokenException): auth_utils.create_token(bad_user) bad_user = { "roles": ["role"] } with self.assertRaises(TokenException): auth_utils.create_token(bad_user) good_user = { "username": "******", "roles": ["role"] } token = auth_utils.create_token(good_user) self.assertIsNotNone(token) try: tokenuser = auth_utils.decode_token(token) self.assertEqual(good_user["username"], tokenuser["user"]) except TokenException: self.fail()