def test_good_man_http_header_middleware(self):
signature = sign(self.params, self.salt)
request = self.factory.get('/some/private/view/', self.params, **self.get_auth_header(self.code, signature))
user_as_response = self.get_user_as_response(request)
self.assertFalse(user_as_response is None, msg='fake_view returned None instead of good_user')
self.assertEqual(user_as_response, self.good_user, msg='wrong user returned')
def test_bad_user_request_params_attempt(self):
signature = sign(self.params, 'BAD SALT')
self.params['code'] = self.code
self.params['sign'] = signature
# middleware testing...
request = self.factory.get('/some/private/view/', data=self.params)
user_as_response = self.get_user_as_response(request)
self.assertTrue(user_as_response is None) # no user is in request
def test_params_names_settings(self):
with patch_settings('signn', 'codee'):
signature = sign(self.params, self.salt)
self.params['codee'] = self.code
self.params['signn'] = signature
request = self.factory.get('/some/private/view/', data=self.params)
user_as_response = self.get_user_as_response(request)
self.assertFalse(user_as_response is None, msg='fake_view returned None instead of good_user')
self.assertEqual(user_as_response, self.good_user, msg='wrong user returned')
def test_good_man_request_params_middleware(self):
signature = sign(self.params, self.salt)
self.params['code'] = self.code
self.params['sign'] = signature
params_copy = deepcopy(self.params)
# middleware testing...
request = self.factory.get('/some/private/view/', data=self.params)
user_as_response = self.get_user_as_response(request)
self.assertFalse(user_as_response is None, msg='fake_view returned None instead of good_user')
self.assertEqual(user_as_response, self.good_user, msg='wrong user returned')
# params were not hurt...
self.assertEqual(params_copy, self.params, msg='params were likely hurt in the middleware')
def test_bad_user_http_header_attempt(self):
signature = sign(self.params, 'BAD SALT')
request = self.factory.get('/some/private/view/', self.params, **self.get_auth_header(self.code, signature))
user_as_response = self.get_user_as_response(request)
self.assertTrue(user_as_response is None) # no user is in request
def test_good_man_params_signature_ok(self):
signature = sign(self.params, self.salt)
self.assertTrue(self.hk.signature_ok(self.params, signature))
def sign(params, salt, date=None):
return client.sign(params, salt, date)
