def test_creating_authheader(self): "Test the creation of the auth header" ms = Signature(self.rfc_credentials, host="example.com", port=80, method="GET") ms.update(uri="/resource/1?b=1&a=2", timestamp="1336363200", nonce="dj83hs9s") expected_authheader = 'MAC nonce="dj83hs9s", mac="6T3zZzy2Emppni6bzL7kdRxUWL4=", id="h480djs93hd8", ts="1336363200"' header = ms.get_header() self.assertEqual(expected_authheader, header)
def test_nonmac_credentials(self): "Tests that sending a non-mac authentication fails" c = Client() ms = Signature(self.rfc_credentials, host="example.com", port=80, method="GET") ms.update(uri="/protected_resource") header = ms.get_header() response = c.get("/protected_resource", HTTP_AUTHORIZATION="Basic " + header[4:]) self.assertEqual(response.status_code, 401) # Make sure we don't have an error string self.assertEqual(response['WWW-Authenticate'], "MAC")
class TestNonce(TestCase): "Tests the nonce-evasion procedures" urls = "auth_mac.tests.urls" def setUp(self): # Create a user to authorise with self.user = User.objects.create_user("testuser", "*****@*****.**") self.user.save() # And, create a MAC access credentials for this user self.rfc_credentials = Credentials(user=self.user, identifier="h480djs93hd8", key="489dks293j39") self.rfc_credentials.save() self.signature = Signature(self.rfc_credentials, method="GET", port=80, host="example.com", uri="/protected_resource") self.timestamp = datetime.datetime.utcnow() now = self.timestamp-datetime.datetime(1970,1,1) self.timestamp = to_utc(self.timestamp) self.now = now.days * 24*3600 + now.seconds def test_nonceexists(self): "Test the failure of a pre-existing nonce" nonce = Nonce(nonce="NONCE", timestamp=self.timestamp, credentials=self.rfc_credentials) nonce.save() self.signature.update(timestamp=self.now, nonce="NONCE") c = Client() response = c.get("/protected_resource", HTTP_AUTHORIZATION=self.signature.get_header(), HTTP_HOST="example.com") self.assertEqual(response.status_code, 401) self.assertIn("NONCE".upper(), response["WWW-Authenticate"].upper()) def test_duplicate(self): "Test sending the same nonce and timestamp through fails" c = Client() self.signature.update(nonce="A_NONCE", timestamp=self.now) response = c.get("/protected_resource", HTTP_AUTHORIZATION=self.signature.get_header(), HTTP_HOST="example.com") self.assertEqual(response.status_code, 200) response = c.get("/protected_resource", HTTP_AUTHORIZATION=self.signature.get_header(), HTTP_HOST="example.com") self.assertEqual(response.status_code, 401) self.assertIn("NONCE".upper(), response["WWW-Authenticate"].upper())
def test_workingcredentials(self): "Tests that we can read a resource with working credentials" c = Client() ms = Signature(self.rfc_credentials, host="example.com", port=80, method="GET") ms.update(uri="/protected_resource") c.get("/protected_resource", HTTP_AUTHORIZATION=ms.get_header())