class VerifyTests(KeyringTestCase): def setUp(self): self.request={} KeyringTestCase.setUp(self) self.view=AuthenticatorView(None, self.request) def setAuthenticator(self, key): user=getSecurityManager().getUser().getUserName() auth=hmac.new(key, user, sha).hexdigest() self.request["_authenticator"]=auth def testCorrectAuthenticator(self): self.manager.keys[0]=("secret") self.setAuthenticator("secret") self.assertEqual(self.view.verify(), True) def testOlderSecretVerifies(self): self.manager.keys[3]="backup" self.setAuthenticator("backup") self.assertEqual(self.view.verify(), True) def testMissingAuthenticator(self): self.assertEqual(self.view.verify(), False) def testIncorrectAuthenticator(self): self.request["_authenticator"]="incorrect" self.assertEqual(self.view.verify(), False) def testAuthenticatorWrongType(self): self.request["_authenticator"]=123 self.assertEqual(self.view.verify(), False)
class VerifyTests(KeyringTestCase): key_size = 2 def setUp(self): self.request = MockRequest() super(VerifyTests, self).setUp() self.view = AuthenticatorView(None, self.request) def setAuthenticator(self, key, extra='', name="_authenticator"): user = getSecurityManager().getUser().getUserName() if six.PY3: user = user.encode('utf-8') extra = extra.encode('utf-8') auth = hmac.new(key.encode('utf-8'), user + extra, sha).hexdigest() self.request[name] = auth def testCorrectAuthenticator(self): self.manager['_forms'].data[0] = "secret" self.setAuthenticator("secret") self.assertEqual(self.view.verify(), True) def testCustomAuthenticatorKeyName(self): self.manager['_forms'].data[0] = "secret" self.setAuthenticator("secret", name="_my_authenticator") self.assertEqual(self.view.verify(name="_my_authenticator"), True) def testOlderSecretVerifies(self): self.manager['_forms'].data[1] = "backup" self.setAuthenticator("backup") self.assertEqual(self.view.verify(), True) def testMissingAuthenticator(self): self.assertEqual(self.view.verify(), False) def testIncorrectAuthenticator(self): self.request["_authenticator"] = "incorrect" self.assertEqual(self.view.verify(), False) def testAuthenticatorWrongType(self): self.request["_authenticator"] = 123 self.assertEqual(self.view.verify(), False) def testExtraArgumentCanBeVerified(self): self.manager['_forms'].data[0] = "secret" self.setAuthenticator("secret", 'some-extra-value') self.assertEqual(self.view.verify('some-extra-value'), True)
class VerifyTests(KeyringTestCase): key_size = 2 def setUp(self): self.request = MockRequest() super(VerifyTests, self).setUp() self.view = AuthenticatorView(None, self.request) def setAuthenticator(self, key, extra='', name="_authenticator"): user = getSecurityManager().getUser().getUserName() auth = hmac.new(key, user + extra, sha).hexdigest() self.request[name] = auth def testCorrectAuthenticator(self): self.manager['_forms'].data[0] = "secret" self.setAuthenticator("secret") self.assertEqual(self.view.verify(), True) def testCustomAuthenticatorKeyName(self): self.manager['_forms'].data[0] = "secret" self.setAuthenticator("secret", name="_my_authenticator") self.assertEqual(self.view.verify(name="_my_authenticator"), True) def testOlderSecretVerifies(self): self.manager['_forms'].data[1] = "backup" self.setAuthenticator("backup") self.assertEqual(self.view.verify(), True) def testMissingAuthenticator(self): self.assertEqual(self.view.verify(), False) def testIncorrectAuthenticator(self): self.request["_authenticator"] = "incorrect" self.assertEqual(self.view.verify(), False) def testAuthenticatorWrongType(self): self.request["_authenticator"] = 123 self.assertEqual(self.view.verify(), False) def testExtraArgumentCanBeVerified(self): self.manager['_forms'].data[0] = "secret" self.setAuthenticator("secret", 'some-extra-value') self.assertEqual(self.view.verify('some-extra-value'), True)
class VerifyTests(KeyringTestCase): def setUp(self): self.request = MockRequest() KeyringTestCase.setUp(self) self.view = AuthenticatorView(None, self.request) def setAuthenticator(self, key, extra='', name="_authenticator"): user = getSecurityManager().getUser().getUserName() auth = hmac.new(key, user + extra, sha).hexdigest() self.request[name] = auth def testCorrectAuthenticator(self): self.manager.keys[0] = ("secret") self.setAuthenticator("secret") self.assertEqual(self.view.verify(), True) def testCustomAuthenticatorKeyName(self): self.manager.keys[0] = ("secret") self.setAuthenticator("secret", name="_my_authenticator") self.assertEqual(self.view.verify(name="_my_authenticator"), True) def testOlderSecretVerifies(self): self.manager.keys[3] = "backup" self.setAuthenticator("backup") self.assertEqual(self.view.verify(), True) def testMissingAuthenticator(self): self.assertEqual(self.view.verify(), False) def testIncorrectAuthenticator(self): self.request["_authenticator"] = "incorrect" self.assertEqual(self.view.verify(), False) def testAuthenticatorWrongType(self): self.request["_authenticator"] = 123 self.assertEqual(self.view.verify(), False) def testExtraArgumentCanBeVerified(self): self.manager.keys[0] = ("secret") self.setAuthenticator("secret", 'some-extra-value') self.assertEqual(self.view.verify('some-extra-value'), True)
def test_incorrect_CSRF_header(self): self.request.environ['HTTP_X_CSRF_TOKEN'] = 'foobar' view = AuthenticatorView(None, self.request) self.assertEqual(view.verify(), False)
def test_CSRF_header(self): self.request.environ['HTTP_X_CSRF_TOKEN'] = createToken() view = AuthenticatorView(None, self.request) self.assertEqual(view.verify(), True)
def test_incorrect_CSRF_header(self): self.request.environ['HTTP_X_CSRF_TOKEN'] = 'foobar' view = AuthenticatorView(None, self.request) self.assertEqual(view.verify(), False)
def test_CSRF_header(self): self.request.environ['HTTP_X_CSRF_TOKEN'] = createToken() view = AuthenticatorView(None, self.request) self.assertEqual(view.verify(), True)