def test_deprecated_hash_algorithm(self):
with pytest.raises(HttpSigException) as e:
sign.HeaderSigner(key_id='Test',
secret=self.key_2048,
sign_algorithm=PSS("sha256", salt_length=0))
self.assertEqual(
str(e.value),
"Hash algorithm: sha256 is deprecated. Please use: sha512")
def test_none_key_id(self):
with self.assertRaises(ValueError) as e:
sign.HeaderSigner(key_id=None,
secret=self.key_2048,
headers=[
'(request-target)', 'host', 'date',
'content-type', 'digest', 'content-length'
])
self.assertEqual(str(e.exception), "key_id can't be empty")
def test_empty_secret(self):
with self.assertRaises(ValueError) as e:
sign.HeaderSigner(key_id='Test',
secret='',
headers=[
'(request-target)', 'host', 'date',
'content-type', 'digest', 'content-length'
])
self.assertEqual(str(e.exception), "secret can't be empty")
def test_huge_key_id(self):
with self.assertRaises(ValueError) as e:
sign.HeaderSigner(key_id='x' * 1000000,
secret=self.key_2048,
headers=[
'(request-target)', 'host', 'date',
'content-type', 'digest', 'content-length'
])
self.assertEqual(str(e.exception),
"key_id cant be larger than 100000 chars")
def test_hmac(self):
hs = sign.HeaderSigner(key_id='pda', algorithm='hmac-sha256', secret='secret', headers=['(request-target)', 'Date'])
unsigned = {
'Date': 'today',
'accept': 'llamas'
}
signed = hs.sign(unsigned, method='GET', path='/path?query=123')
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'pda')
self.assertEqual(params['algorithm'], 'hmac-sha256')
self.assertEqual(params['signature'], 'SFlytCGpsqb/9qYaKCQklGDvwgmrwfIERFnwt+yqPJw=')
def test_default(self):
hs = sign.HeaderSigner(key_id='Test', secret=self.key)
unsigned = {
'Date': self.header_date
}
signed = hs.sign(unsigned)
self.assertIn('Date', signed)
self.assertEqual(unsigned['Date'], signed['Date'])
self.assertIn('Authorization', signed)
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'Test')
self.assertEqual(params['algorithm'], 'rsa-sha256')
self.assertEqual(params['signature'], 'jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=') # noqa: E501
def test_missing_header_digest(self):
hs = sign.HeaderSigner(key_id='Test',
secret=self.key_2048,
sign_algorithm=PSS("sha512", salt_length=0),
headers=[
'(request-target)', 'host', 'date',
'content-type', 'digest', 'content-length'
])
unsigned = {
'Host': self.header_host,
'Date': self.header_date,
'Content-Type': self.header_content_type,
'Content-Length': self.header_content_length,
}
with self.assertRaises(ValueError) as e:
hs.sign(unsigned, method=self.test_method, path=self.test_path)
self.assertEqual(str(e.exception), 'missing required header "digest"')
def test_default(self):
hs = sign.HeaderSigner(key_id='Test', secret=self.key)
unsigned = {'Date': 'Thu, 05 Jan 2012 21:31:40 GMT'}
signed = hs.sign(unsigned)
self.assertIn('Date', signed)
self.assertEqual(unsigned['Date'], signed['Date'])
self.assertIn('Authorization', signed)
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'Test')
self.assertEqual(params['algorithm'], 'rsa-sha256')
self.assertEqual(
params['signature'],
'ATp0r26dbMIxOopqw0OfABDT7CKMIoENumuruOtarj8n/97Q3htHFYpH8yOSQk3Z5zh8UxUym6FYTb5+A0Nz3NRsXJibnYi7brE/4tx5But9kkFGzG+xpUmimN4c3TMN7OFH//+r8hBf7BT9/GmHDUVZT2JzWGLZES2xDOUuMtA='
)
def test_other_default(self):
hs = sign.HeaderSigner(key_id='Test',
secret=self.key_1024,
sign_algorithm=PSS(hash_algorithm="sha512",
salt_length=0))
unsigned = {'Date': self.header_date}
signed = hs.sign(unsigned)
self.assertIn('Date', signed)
self.assertEqual(unsigned['Date'], signed['Date'])
self.assertIn('Authorization', signed)
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'Test')
self.assertEqual(params['algorithm'], 'hs2019')
self.assertEqual(
params['signature'],
'Gw8FOaXNxqwJHXwJ30OKiMFpK5zP916CFtzK7/biKi9NppjGAlpUfFKqp5kK+bFRyXxqUzQ1x5cbSeFzRWnqodNNO60ApYbOVD7ePqJfZ3DJFAxYOMzoECzc+lyVskSHKC0Ue8aYiV66gXTuY7hrEIqUsK3To/DhSNgO8csdzwg='
)
def test_default(self):
hs = sign.HeaderSigner(key_id='Test',
secret=self.key_2048,
sign_algorithm=PSS(hash_algorithm="sha512",
salt_length=0))
unsigned = {'Date': self.header_date}
signed = hs.sign(unsigned)
self.assertIn('Date', signed)
self.assertEqual(unsigned['Date'], signed['Date'])
self.assertIn('Authorization', signed)
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'Test')
self.assertEqual(params['algorithm'], 'hs2019')
self.assertEqual(
params['signature'],
'T8+Cj3Zp2cBDm2r8/loPgfHUSSFXXyZJNxxbNx1NvKVz/r5T4z6pVxhl9rqk8WfYHMdlh2aT5hCrYKvhs88Jy0DDmeUP4nELWRsO1BF0oAqHfcrbEikZQL7jA6z0guVaLr0S5QRGmd1K5HUEkP/vYEOns+FRL+JrFG4dNJNESvG5iyKUoaXfoZCFdqtzLlIteEAL7dW/kaX/dE116wfpbem1eCABuGopRhuFtjqLKVjuUVwyP/zSYTqd9j+gDhinkAifTJPxbGMh0b5LZdNCqw5irT9NkTcTFRXDp8ioX8r805Z9QhjT7H+rSo350U2LsAFoQ9ttryPBOoMPCiQTlw=='
) # noqa: E501
def test_all(self):
hs = sign.HeaderSigner(key_id='Test',
secret=self.key,
headers=[
'(request-target)', 'host', 'date',
'content-type', 'content-md5',
'content-length'
])
unsigned = {
'Host': 'example.com',
'Date': 'Thu, 05 Jan 2012 21:31:40 GMT',
'Content-Type': 'application/json',
'Content-MD5': 'Sd/dVLAcvNLSq16eXua5uQ==',
'Content-Length': '18',
}
signed = hs.sign(unsigned,
method='POST',
path='/foo?param=value&pet=dog')
self.assertIn('Date', signed)
self.assertEqual(unsigned['Date'], signed['Date'])
self.assertIn('Authorization', signed)
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'Test')
self.assertEqual(params['algorithm'], 'rsa-sha256')
self.assertEqual(
params['headers'],
'(request-target) host date content-type content-md5 content-length'
)
self.assertEqual(
params['signature'],
'G8/Uh6BBDaqldRi3VfFfklHSFoq8CMt5NUZiepq0q66e+fS3Up3BmXn0NbUnr3L1WgAAZGplifRAJqp2LgeZ5gXNk6UX9zV3hw5BERLWscWXlwX/dvHQES27lGRCvyFv3djHP6Plfd5mhPWRkmjnvqeOOSS0lZJYFYHJz994s6w='
)
def test_all(self):
hs = sign.HeaderSigner(key_id='Test',
secret=self.key_2048,
sign_algorithm=PSS("sha512", salt_length=0),
headers=[
'(request-target)', 'host', 'date',
'content-type', 'digest', 'content-length'
])
unsigned = {
'Host': self.header_host,
'Date': self.header_date,
'Content-Type': self.header_content_type,
'Digest': self.header_digest,
'Content-Length': self.header_content_length,
}
signed = hs.sign(unsigned,
method=self.test_method,
path=self.test_path)
self.assertIn('Date', signed)
self.assertEqual(unsigned['Date'], signed['Date'])
self.assertIn('Authorization', signed)
auth = parse_authorization_header(signed['authorization'])
params = auth[1]
self.assertIn('keyId', params)
self.assertIn('algorithm', params)
self.assertIn('signature', params)
self.assertEqual(params['keyId'], 'Test')
self.assertEqual(params['algorithm'], 'hs2019')
self.assertEqual(
params['headers'],
'(request-target) host date content-type digest content-length')
self.assertEqual(
params['signature'],
'bxWyLDB/Tuhzxd/tWG2g60l3Goyk9XJZzj2ouNKizZuZoe1Ngj+19N11bhK7FABHJ7lSzH5g6fp5LkN894ivIv6N29L2sPssuAkqgzNXyvYkp4KWOr5j7sVpApmRH7gf7THljcXosmrYk5gdBTspixpJJJ5LGkkPKCRAFurmi/LqopSH6cJbLJNIccTu2dTMGEeDOqqNterVmfonpZyPeBsEEwoeOo6d8zgHzB/1Xxk7dfELFbA1c0LE5kZbwEIEFPmS01YFz6EJW7Aj8kzvzwQRyvgDobi25niGOy/D7JVHvtDjBIaJedFuFJSb8rZ2DGryBQ6NwchMp3f2MUoTGg=='
) # noqa: E501
def test_unsupported_hash_algorithm(self):
with pytest.raises(HttpSigException) as e:
sign.HeaderSigner(key_id='Test',
secret=self.key_2048,
sign_algorithm=PSS("sha123", salt_length=0))
self.assertEqual(str(e.value), "Unsupported hash algorithm")