def test_prepare_properties(self):
px_blocker = PXBlocker()
vid = 'bf619be8-94be-458a-b6b1-ee81f154c282'
px_uuid = '8712cef7-bcfa-4bb6-ae99-868025e1908a'
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
context.vid = vid
context.uuid = px_uuid
message = px_blocker.prepare_properties(context, self.config)
expected_message = {
'blockScript':
'/fake_app_id/captcha/captcha.js?a=&u=8712cef7-bcfa-4bb6-ae99-868025e1908a&v=bf619be8-94be-458a-b6b1-ee81f154c282&m=0',
'vid': 'bf619be8-94be-458a-b6b1-ee81f154c282',
'jsRef': '',
'hostUrl': '/fake_app_id/xhr',
'customLogo': None,
'appId': 'PXfake_app_id',
'uuid': '8712cef7-bcfa-4bb6-ae99-868025e1908a',
'logoVisibility': 'hidden',
'jsClientSrc': '/fake_app_id/init.js',
'firstPartyEnabled': 'true',
'refId': '8712cef7-bcfa-4bb6-ae99-868025e1908a',
'cssRef': ''
}
self.assertDictEqual(message, expected_message)
expected_message[
'blockScript'] = '/fake_app/captcha/captcha.js?a=&u=8712cef7-bcfa-4bb6-ae99-868025e1908a&v=bf619be8-94be-458a-b6b1-ee81f154c282&m=0'
self.assertNotEqual(message, expected_message)
def test_is_json_response(self):
px_blocker = PXBlocker()
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
self.assertFalse(px_blocker.is_json_response(context))
context.headers['Accept'] = 'application/json'
self.assertTrue(px_blocker.is_json_response(context))
def test_handle_verification_failed(self):
config = PxConfig({
'app_id': 'PXfake_app_id',
'whitelist_routes': ['whitelisted']
})
builder = EnvironBuilder(headers=self.headers, path='/whitelisted')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
context.score = 100
response = self.request_handler.handle_verification(context, request)
self.assertEqual(response.status, '403 Forbidden')
def test_prepare_risk_body(self):
config = PxConfig({'app_id': 'app_id', 'enrich_custom_parameters': self.enrich_custom_parameters})
builder = EnvironBuilder(headers=self.headers, path='/')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
context.s2s_call_reason = 'no_cookie'
body = px_api.prepare_risk_body(context, config)
self.assertEqual(body['additional'].get('custom_param1'), '1')
self.assertEqual(body['additional'].get('custom_param2'), '5')
self.assertFalse(body['additional'].get('custom'))
def test_handle_monitor(self):
config = PxConfig({
'app_id': 'PXfake_app_id',
'auth_token': '',
'module_mode': px_constants.MODULE_MODE_MONITORING
})
request_handler = PxRequestVerifier(config)
builder = EnvironBuilder(headers=self.headers, path='/')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, request_handler.config)
context.score = 100
response = request_handler.handle_verification(context, request)
self.assertEqual(response, True)
def test_send_reverse_xhr_request(self, mock):
content = 'xhr content'
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/xhr/api/v1/collector',
method='POST')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
headers = {
'host': self.config.collector_host,
px_constants.FIRST_PARTY_HEADER: '1',
px_constants.ENFORCER_TRUE_IP_HEADER: context.ip,
px_constants.FIRST_PARTY_FORWARDED_FOR: '127.0.0.1'
}
mock.post(
url=
'https://collector-pxfake_app_id.perimeterx.net/api/v1/collector',
text=content,
request_headers=headers,
status_code=200,
reason='OK')
px_proxy = PxProxy(self.config)
status, headers, body = px_proxy.send_reverse_xhr_request(
config=self.config, ctx=context, body=content)
self.assertEqual(content, body)
def test_send_reverse_captcha_request(self, mock):
content = 'captcha js content'
builder = EnvironBuilder(
headers=self.headers,
path='/fake_app_id/captcha/captcha.js',
query_string=
'a=c&u=cfe74220-f484-11e8-9b14-d7280325a290&v=0701bb80-f482-11e8-8a31-a37cf9620569&m=0'
)
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
headers = {
'host': px_constants.CAPTCHA_HOST,
px_constants.FIRST_PARTY_HEADER: '1',
px_constants.ENFORCER_TRUE_IP_HEADER: context.ip,
px_constants.FIRST_PARTY_FORWARDED_FOR: '127.0.0.1'
}
mock.get(
url=
'https://captcha.px-cdn.net/PXfake_app_id/captcha.js?a=c&u=cfe74220-f484-11e8-9b14-d7280325a290&v=0701bb80-f482-11e8-8a31-a37cf9620569&m=0',
text=content,
request_headers=headers,
status_code=200,
reason='OK')
px_proxy = PxProxy(self.config)
status, headers, body = px_proxy.send_reverse_captcha_request(
config=self.config, ctx=context)
self.assertEqual(content, body)
def __call__(self, environ, start_response):
context = None
try:
start = time.time()
if environ.get('px_disable_request'):
return self.app(environ, start_response)
request = Request(environ)
context, verified_response = self.verify(request)
pxhd_callback = create_custom_pxhd_callback(
context, start_response)
self._config.logger.debug("PerimeterX Enforcer took: {} ms".format(
(time.time() - start) * 1000))
px_activities_client.send_activities_in_thread()
if verified_response is True:
return self.app(environ, pxhd_callback)
return verified_response(environ, pxhd_callback)
except Exception as err:
self._config.logger.error(
"Caught exception, passing request. Exception: {}".format(err))
if context:
self.report_pass_traffic(context)
else:
self.report_pass_traffic(PxContext(Request({}), self._config))
return self.app(environ, start_response)
def test_verify_static_url(self):
builder = EnvironBuilder(headers=self.headers, path='/fake.css')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
response = self.request_handler.verify_request(context, request)
self.assertEqual(response, True)
def verify(self, request):
config = self.config
logger = config.logger
logger.debug('Starting request verification')
ctx = None
try:
if not config._module_enabled:
logger.debug('Request will not be verified, module is disabled')
return ctx, True
ctx = PxContext(request, config)
return ctx, self._request_verifier.verify_request(ctx, request)
except Exception as err:
logger.error("Caught exception222, passing request. Exception: {}".format(err))
if ctx:
self.report_pass_traffic(ctx)
else:
self.report_pass_traffic(PxContext(Request({}), config))
return ctx, True
def test_specific_enforced_routes_with_unenforced_route(self):
config = PxConfig({
'app_id': 'PXfake_app_id',
'auth_token': '',
'module_mode': px_constants.MODULE_MODE_BLOCKING,
'enforced_specific_routes': ['/profile'],
})
headers = {
'X-FORWARDED-FOR': '127.0.0.1',
'remote-addr': '127.0.0.1',
'content_length': '100'
}
request_handler = PxRequestVerifier(config)
builder = EnvironBuilder(headers=headers, path='/')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, request_handler.config)
context.score = 100
response = request_handler.verify_request(context, request)
self.assertEqual(response, True)
def test_bypass_monitor_header_configured_but_missing(self):
config = PxConfig({
'app_id': 'PXfake_app_id',
'auth_token': '',
'module_mode': px_constants.MODULE_MODE_MONITORING,
'bypass_monitor_header': 'x-px-block'
})
headers = {
'X-FORWARDED-FOR': '127.0.0.1',
'remote-addr': '127.0.0.1',
'content_length': '100'
}
request_handler = PxRequestVerifier(config)
builder = EnvironBuilder(headers=headers, path='/')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, request_handler.config)
context.score = 100
response = request_handler.handle_verification(context, request)
self.assertEqual(response, True)
def test_validation_error_token(self):
self.headers[
px_constants.MOBILE_SDK_ORIGINAL_HEADER] = '3:bd078865fa9627f626d6f7d6828ab595028d2c0974ds065ab6f6c5afsaa9f80c4593cd:OCIluokZHHvqrWyu8zrWSH8Vu7AefCjrd4CMx/NXsX58LzeV40EZIlPG4gsNMoAYzH88s/GoZwv+DpQa76C21A==:1000:zwT+Rht/YGDNWKkzHtJAB7IiI00u4fOePL/3xWMs1nZ93lzW1XvAMGR2hLlHBmOv8O0CpylEQOZZTK1uQMls6O28Y8aQnTo5DETLkrbhpwCVeNjOcf8GVKTckITwuHfXbEcfHbdtb68s1+jHv1+vt/w/6HZqTzanaIsvFVp8vmA='
self.headers[px_constants.MOBILE_SDK_HEADER] = '2'
builder = EnvironBuilder(headers=self.headers)
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
verified = px_original_token_validator.verify(context, self.config)
self.assertFalse(verified)
self.assertEqual(context.original_token_error, 'validation_failed')
def test_verify_cookie_high_score(self):
config = self.config
self.headers['cookie'] = '_px3=bf46ceff75278ae166f376cbf741a7639060581035dd4e93641892c905dd0d67:EGFGcwQ2rum7KRmQCeSXBAUt1+25mj2DFJYi7KJkEliF3cBspdXtD2X03Csv8N8B6S5Bte/4ccCcETkBNDVxTw==:1000:x9x+oI6BISFhlKEERpf8HpZD2zXBCW9lzVfuRURHaAnbaMnpii+XjPEd7a7EGGUSMch5ramy3y+KOxyuX3F+LbGYwvn3OJb+u40zU+ixT1w5N15QltX+nBMhC7izC1l8QtgMuG/f3Nts5ebnec9j2V7LS5Y1/5b73rd9s7AMnug='
builder = EnvironBuilder(headers=self.headers)
env = builder.get_environ()
request = Request(env)
ctx = PxContext(request, PxConfig({'app_id': 'fake_app_id'}))
verified = px_cookie_validator.verify(ctx, config)
self.assertTrue(verified)
self.assertEqual('none', ctx.s2s_call_reason)
del self.headers['cookie']
def test_verify_no_cookie(self):
config = self.config
builder = EnvironBuilder(headers= self.headers)
env = builder.get_environ()
request = Request(env)
ctx = PxContext(request, PxConfig({'app_id': 'fake_app_id'}))
verified = px_cookie_validator.verify(ctx, config)
self.assertFalse(verified)
self.assertEqual('no_cookie', ctx.s2s_call_reason)
def test_verify_whitelist(self):
config = PxConfig({
'app_id': 'PXfake_app_id',
'whitelist_routes': ['whitelisted']
})
builder = EnvironBuilder(headers=self.headers, path='/whitelisted')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
response = self.request_handler.verify_request(context, request)
self.assertEqual(response, True)
def test_verify_valid_cookie(self):
config = self.config
self.headers['cookie'] = '_px3=bd078865fa9627f626d6f7d6828ab595028d2c0974065ab6f6c5a9f80c4593cd:OCIluokZHHvqrWyu8zrWSH8Vu7AefCjrd4CMx/NXsX58LzeV40EZIlPG4gsNMoAYzH88s/GoZwv+DpQa76C21A==:1000:zwT+Rht/YGDNWKkzHtJAB7IiI00u4fOePL/3xWMs1nZ93lzW1XvAMGR2hLlHBmOv8O0CpylEQOZZTK1uQMls6O28Y8aQnTo5DETLkrbhpwCVeNjOcf8GVKTckITwuHfXbEcfHbdtb68s1+jHv1+vt/w/6HZqTzanaIsvFVp8vmA='
builder = EnvironBuilder(headers=self.headers)
env = builder.get_environ()
request = Request(env)
ctx = PxContext(request, PxConfig({'app_id': 'fake_app_id'}))
verified = px_cookie_validator.verify(ctx, config)
self.assertTrue(verified)
self.assertEqual('none', ctx.s2s_call_reason)
del self.headers['cookie']
def test_cookie_decryption_failed_px_cookie_raw(self):
config = self.config
false_cookie = '_px3=774958bcc233ea1a876b92ababf47086d8a4d95165bbd6f98b55d7e61afd2a05:ow3Er5dskpt8ZZ11CRiDMAueEi3ozJTqMBnYzsSM7/8vHTDA0so6ekhruiTrXa/taZINotR5PnTo78D5zM2pWw==:1000:uQ3Tdt7D3mSO5CuHDis3GgrnkGMC+XAghbHuNOE9x4H57RAmtxkTcNQ1DaqL8rx79bHl0iPVYlOcRmRgDiBCUoizBdUCjsSIplofPBLIl8WpfHDDtpxPKzz9I2rUEbFgfhFjiTY3rPGob2PUvTsDXTfPUeHnzKqbNTO8z7H6irFnUE='
self.headers['cookie'] = false_cookie
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
ctx = PxContext(request, config)
verified = px_cookie_validator.verify(ctx, config)
self.assertEqual(ctx.px_cookie_raw, false_cookie)
del self.headers['cookie']
def test_handle_ratelimit(self):
px_blocker = PXBlocker()
vid = 'bf619be8-94be-458a-b6b1-ee81f154c282'
px_uuid = '8712cef7-bcfa-4bb6-ae99-868025e1908a'
config = PxConfig({'app_id': 'PXfake_app_id'})
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
context.vid = vid
context.uuid = px_uuid
context.block_action = 'r'
message, _, _ = px_blocker.handle_blocking(context, config)
blocking_message = None
working_dir = os.path.dirname(os.path.realpath(__file__))
with open(working_dir + '/px_blocking_messages/ratelimit.txt',
'r') as myfile:
blocking_message = myfile.read()
self.assertEqual(message, blocking_message)
def test_verify_request_fp_client_passed(self):
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
response = Response("client data")
with mock.patch('perimeterx.px_proxy.PxProxy.handle_reverse_request',
return_value=response):
response = self.request_handler.verify_request(context, request)
self.assertEqual(response.data, "client data")
def test_verify_expired_cookie(self):
config = self.config
cookie_value = '0d67bdf4a58c524b55b9cf0f703e4f0f3cbe23a10bd2671530d3c7e0cfa509eb:HOiYSw11ICB2A+HYx+C+l5Naxcl7hMeEo67QNghCQByyHlhWZT571ZKfqV98JFWg7TvbV9QtlrQtXakPYeIEjQ==:1000:+kuXS/iJUoEqrm8Fo4K0cTebsc4YQZu+f5bRGX0lC1T+l0g1gzRUuKiCtWTar28Y0wjch1ZQvkNy523Pxr07agVi/RL0SUktmEl59qGor+m4FLewZBVdcgx/Ya9kU0riis98AAR0zdTpTtoN5wpNbmztIpOZ0YejeD0Esk3vagU='
self.headers['cookie'] = '_px3=' + cookie_value
builder = EnvironBuilder(headers=self.headers)
env = builder.get_environ()
request = Request(env)
ctx = PxContext(request, PxConfig({'app_id': 'fake_app_id'}))
verified = px_cookie_validator.verify(ctx, config)
self.assertFalse(verified)
self.assertEqual('cookie_expired', ctx.s2s_call_reason)
self.assertEqual('', ctx.px_orig_cookie)
del self.headers['cookie']
def test_verify_hmac_validation(self):
config = self.config
cookie_value = '774958bcc232343ea1a876b92ababf47086d8a4d95165bbd6f98b55d7e61afd2a05:ow3Er5dskpt8ZZ11CRiDMAueEi3ozJTqMBnYzsSM7/8vHTDA0so6ekhruiTrXa/taZINotR5PnTo78D5zM2pWw==:1000:uQ3Tdt7D3mSO5CuHDis3GgrnkGMC+XAghbHuNOE9x4H57RAmtxkTcNQ1DaqL8rx79bHl0iPVYlOcRmRgDiBCUoizBdUCjsSIplofPBLIl8WpfHDDtpxPKzz9I2rUEbFFjiTY3rPGob2PUvTsDXTfPUeHnzKqbNTO8z7H6irFnUE='
self.headers['cookie'] = '_px3=' + cookie_value
builder = EnvironBuilder(headers=self.headers)
env = builder.get_environ()
request = Request(env)
ctx = PxContext(request, PxConfig({'app_id': 'fake_app_id'}))
verified = px_cookie_validator.verify(ctx, config)
self.assertFalse(verified)
self.assertEqual('cookie_validation_failed', ctx.s2s_call_reason)
self.assertEqual('', ctx.px_orig_cookie)
del self.headers['cookie']
def test_send_risk_request(self):
config = PxConfig({'app_id': 'app_id',
'enrich_custom_parameters': self.enrich_custom_parameters,
'auth_token': 'auth'})
builder = EnvironBuilder(headers=self.headers, path='/test_path')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
uuid_val = str(uuid.uuid4())
response = ResponseMock({'score': 100, 'uuid': uuid_val, 'action': 'c'})
with mock.patch('perimeterx.px_httpc.send', return_value=response):
response = px_api.send_risk_request(context, config)
self.assertEqual({'action': 'c', 'score': 100, 'uuid': uuid_val}, response)
def test_is_static_file(self):
config = PxConfig({'app_id': 'fake_app_id'})
headers = {
'X-FORWARDED-FOR':
'127.0.0.1',
'remote-addr':
'127.0.0.1',
'content_length':
'100',
'cookie':
'_px3=bd078865fa9627f626d6f7d6828ab595028d2c0974065ab6f6c5a9f80c4593cd:OCIluokZHHvqrWyu8zrWSH8Vu7AefCjrd4CMx/NXsX58LzeV40EZIlPG4gsNMoAYzH88s/GoZwv+DpQa76C21A==:1000:zwT+Rht/YGDNWKkzHtJAB7IiI00u4fOePL/3xWMs1nZ93lzW1XvAMGR2hLlHBmOv8O0CpylEQOZZTK1uQMls6O28Y8aQnTo5DETLkrbhpwCVeNjOcf8GVKTckITwuHfXbEcfHbdtb68s1+jHv1+vt/w/6HZqTzanaIsvFVp8vmA='
}
builder = EnvironBuilder(headers=headers, path='/sample.css')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
self.assertTrue(px_utils.is_static_file(context))
builder = EnvironBuilder(headers=headers, path='/sample.html')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
self.assertFalse(px_utils.is_static_file(context))
def test_should_reverse_request(self):
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
px_proxy = PxProxy(self.config)
should_reverse = px_proxy.should_reverse_request(context.uri)
self.assertTrue(should_reverse)
should_reverse = px_proxy.should_reverse_request(context.uri)
self.assertTrue(should_reverse)
should_reverse = px_proxy.should_reverse_request(context.uri)
self.assertTrue(should_reverse)
def test_testing_mode_handling(self):
config = PxConfig({
'app_id': 'fake_app_id'
})
headers = {'X-FORWARDED-FOR': '127.0.0.1',
'remote-addr': '127.0.0.1',
'content_length': '100',
'cookie': '_px3=bd078865fa9627f626d6f7d6828ab595028d2c0974065ab6f6c5a9f80c4593cd:OCIluokZHHvqrWyu8zrWSH8Vu7AefCjrd4CMx/NXsX58LzeV40EZIlPG4gsNMoAYzH88s/GoZwv+DpQa76C21A==:1000:zwT+Rht/YGDNWKkzHtJAB7IiI00u4fOePL/3xWMs1nZ93lzW1XvAMGR2hLlHBmOv8O0CpylEQOZZTK1uQMls6O28Y8aQnTo5DETLkrbhpwCVeNjOcf8GVKTckITwuHfXbEcfHbdtb68s1+jHv1+vt/w/6HZqTzanaIsvFVp8vmA='}
builder = EnvironBuilder(headers=headers)
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
data, headers, status = px_testing_mode_handler.testing_mode_handling(context, config, {})
response_json = '{"vid": "", "ip": "127.0.0.1", "decoded_px_cookie": "", "is_made_s2s_api_call": false, "http_method": "GET", "px_cookie_hmac": "", "uuid": "", "http_version": "1.1", "hostname": "localhost", "risk_rtt": 0, "score": -1, "pxde": {}, "module_mode": 0, "pxde_verified": false, "cookie_origin": "cookie", "s2s_call_reason": "none", "sensitive_route": false, "px_cookies": {"_px3": "bd078865fa9627f626d6f7d6828ab595028d2c0974065ab6f6c5a9f80c4593cd:OCIluokZHHvqrWyu8zrWSH8Vu7AefCjrd4CMx/NXsX58LzeV40EZIlPG4gsNMoAYzH88s/GoZwv+DpQa76C21A==:1000:zwT+Rht/YGDNWKkzHtJAB7IiI00u4fOePL/3xWMs1nZ93lzW1XvAMGR2hLlHBmOv8O0CpylEQOZZTK1uQMls6O28Y8aQnTo5DETLkrbhpwCVeNjOcf8GVKTckITwuHfXbEcfHbdtb68s1+jHv1+vt/w/6HZqTzanaIsvFVp8vmA="}, "uri": "/", "full_url": "http://localhost/", "headers": {"Remote-Addr": "127.0.0.1", "Host": "localhost", "X-Forwarded-For": "127.0.0.1"}, "block_action": "", "user_agent": "", "block_reason": ""}'
self.assertEqual(data, response_json)
def test_verify(self):
self.headers[
px_constants.MOBILE_SDK_ORIGINAL_HEADER] = '3:bd078865fa9627f626d6f7d6828ab595028d2c0974065ab6f6c5a9f80c4593cd:OCIluokZHHvqrWyu8zrWSH8Vu7AefCjrd4CMx/NXsX58LzeV40EZIlPG4gsNMoAYzH88s/GoZwv+DpQa76C21A==:1000:zwT+Rht/YGDNWKkzHtJAB7IiI00u4fOePL/3xWMs1nZ93lzW1XvAMGR2hLlHBmOv8O0CpylEQOZZTK1uQMls6O28Y8aQnTo5DETLkrbhpwCVeNjOcf8GVKTckITwuHfXbEcfHbdtb68s1+jHv1+vt/w/6HZqTzanaIsvFVp8vmA='
self.headers[px_constants.MOBILE_SDK_HEADER] = '2'
builder = EnvironBuilder(headers=self.headers)
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
verified = px_original_token_validator.verify(context, self.config)
self.assertTrue(verified)
self.assertEqual(context.vid, 'ce305f10-f17e-11e8-90f2-e7a14f96c498')
self.assertEqual(context.decoded_original_token,
{'a': 'a', 's': 0, 'u': 'ce308620-f17e-11e8-90f2-e7a14f96c498', 't': 1663653730456,
'v': 'ce305f10-f17e-11e8-90f2-e7a14f96c498'})
self.assertEqual(context.original_uuid, 'ce308620-f17e-11e8-90f2-e7a14f96c498')
self.assertEqual(context.original_token_error, '')
def test_verify(self):
config = PxConfig({'app_id': 'app_id',
'enrich_custom_parameters': self.enrich_custom_parameters,
'auth_token': 'auth'})
builder = EnvironBuilder(headers=self.headers, path='/test_path')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, config)
uuid_val = str(uuid.uuid4())
data_enrichment = {'timestamp': 10033200222}
response = {'score': 100, 'uuid': uuid_val, 'action': 'c', 'data_enrichment': data_enrichment}
with mock.patch('perimeterx.px_api.send_risk_request', return_value=response):
api_response = px_api.verify(context, config)
self.assertEqual('s2s_high_score', context.block_reason)
self.assertEqual('c', context.block_action)
self.assertTrue(api_response)
self.assertEqual(data_enrichment, context.pxde)
def test_send_reverse_client_request(self, mock):
content = 'client js content'
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
headers = {
'host': px_constants.CLIENT_HOST,
px_constants.FIRST_PARTY_HEADER: '1',
px_constants.ENFORCER_TRUE_IP_HEADER: context.ip,
px_constants.FIRST_PARTY_FORWARDED_FOR: '127.0.0.1'
}
mock.get(url='https://client.perimeterx.net/PXfake_app_id/main.min.js',
text=content,
request_headers=headers,
status_code=200,
reason='OK')
px_proxy = PxProxy(self.config)
status, headers, body = px_proxy.send_reverse_client_request(
config=self.config, ctx=context)
self.assertEqual(content, body)
def test_handle_challenge(self):
px_blocker = PXBlocker()
vid = 'bf619be8-94be-458a-b6b1-ee81f154c282'
px_uuid = '8712cef7-bcfa-4bb6-ae99-868025e1908a'
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
context.vid = vid
context.uuid = px_uuid
context.block_action = 'j'
context.block_action_data = 'Bla'
message, _, _ = px_blocker.handle_blocking(context, self.config)
blocking_message = 'Bla'
self.assertEqual(message, blocking_message)