def test_remove_keys(self): all_keys = [KeyMaster.PUB_KEY, KeyMaster.SIG_KEY, KeyMaster.TIME_KEY] signed = KeyMaster.sign(self.payload, self.private_key) for key in all_keys: self.assertIn(key, signed) cleaned = KeyMaster.remove_keys(signed) for key in all_keys: self.assertNotIn(key, cleaned)
def test_check_keys_valid_payload_has_key(self): class MockHost(object): def __init__(self, id): self.id = id class MockKey(object): def __init__(self, host, key): self.host = host self.key = key h = MockHost(uuid.uuid1()) keys = [] for _ in range(10): keys.append(MockKey(host=h, key=str(uuid.uuid1()))) keys.append(MockKey(host=h, key=self.private_key)) signed = KeyMaster.sign(self.payload, self.private_key) self.assertTrue(KeyMaster.check_keys(signed, keys))
def when_i_send_a_request_for_all_of_the_stream_logs_with_group1_group2(step, field, value): payload = {field: value} payload[KeyMaster.PUB_KEY] = world.streams[0]["public_key"] payload[KeyMaster.TIME_KEY] = time.time() signed = KeyMaster.sign(payload, world.streams[0]["private_key"]) response = client.get("/api/logs?" + urllib.urlencode(signed)) world.response = response
def when_i_send_requests_to_add_new_log_entries_to_the_stream(step): world.responses = [] for tr in step.hashes: tr[KeyMaster.TIME_KEY] = time.time() payload = KeyMaster.sign(tr, world.streams[0]["private_key"]) tr[KeyMaster.SIG_KEY] = payload["_signature"] response = client.post("/api/logs", data=payload) world.responses.append(response)
def manage_logs(): payload = dict(request.values.items()) if '_public_key' not in payload: abort(400) stream = db.Stream.find_one({'public_key': payload['_public_key']}) if not KeyMaster.check(payload, stream['private_key']): abort(400) log_data = KeyMaster.remove_keys(payload) if request.method == 'GET': resp = u'[' + ', '.join([log.to_json() for log in db[stream['log_collection']].Log.find(log_data)]) + ']' elif request.method == 'POST': log = db[stream['log_collection']].Log() for key, value in log_data.items(): log[key] = value try: log.save() resp = json.dumps({'status': 'success'}) except: resp = json.dumps({'status': 'error'}) else: abort(400) return Response(resp, status='200', mimetype='application/json')
def test_authenticate_invalid_request_invalid_private_key(self): signed_payload = KeyMaster.sign(self.payload, self.private_key) self.assertFalse(KeyMaster.check(signed_payload, 'anotherkey'))
def test_check_valid_request(self): signed_payload = KeyMaster.sign(self.payload, self.private_key) self.assertTrue(KeyMaster.check(signed_payload, self.private_key))
def test_sign_invalid_payload_missing_public_key(self): del self.payload[KeyMaster.PUB_KEY] self.assertFalse(KeyMaster.sign(self.payload, self.private_key))
def test_sign_invalid_payload_missing_timestamp(self): del self.payload[KeyMaster.TIME_KEY] self.assertFalse(KeyMaster.sign(self.payload, self.private_key))
def test_sign_valid_payload(self): signed_payload = KeyMaster.sign(self.payload, self.private_key) self.assertIn(KeyMaster.SIG_KEY, signed_payload)
def test_check_invalid_payload(self): self.assertFalse(KeyMaster.check('wrongwongiswrong', 'gonnachoke'))
def test_sign_invalid_payload(self): self.assertFalse(KeyMaster.sign('wrongwongiswrong', 'gonnachoke'))