class VerifyTests(KeyringTestCase):
def setUp(self):
self.request={}
KeyringTestCase.setUp(self)
self.view=AuthenticatorView(None, self.request)
def setAuthenticator(self, key):
user=getSecurityManager().getUser().getUserName()
auth=hmac.new(key, user, sha).hexdigest()
self.request["_authenticator"]=auth
def testCorrectAuthenticator(self):
self.manager.keys[0]=("secret")
self.setAuthenticator("secret")
self.assertEqual(self.view.verify(), True)
def testOlderSecretVerifies(self):
self.manager.keys[3]="backup"
self.setAuthenticator("backup")
self.assertEqual(self.view.verify(), True)
def testMissingAuthenticator(self):
self.assertEqual(self.view.verify(), False)
def testIncorrectAuthenticator(self):
self.request["_authenticator"]="incorrect"
self.assertEqual(self.view.verify(), False)
def testAuthenticatorWrongType(self):
self.request["_authenticator"]=123
self.assertEqual(self.view.verify(), False)
class VerifyTests(KeyringTestCase):
key_size = 2
def setUp(self):
self.request = MockRequest()
super(VerifyTests, self).setUp()
self.view = AuthenticatorView(None, self.request)
def setAuthenticator(self, key, extra='', name="_authenticator"):
user = getSecurityManager().getUser().getUserName()
if six.PY3:
user = user.encode('utf-8')
extra = extra.encode('utf-8')
auth = hmac.new(key.encode('utf-8'), user + extra, sha).hexdigest()
self.request[name] = auth
def testCorrectAuthenticator(self):
self.manager['_forms'].data[0] = "secret"
self.setAuthenticator("secret")
self.assertEqual(self.view.verify(), True)
def testCustomAuthenticatorKeyName(self):
self.manager['_forms'].data[0] = "secret"
self.setAuthenticator("secret", name="_my_authenticator")
self.assertEqual(self.view.verify(name="_my_authenticator"), True)
def testOlderSecretVerifies(self):
self.manager['_forms'].data[1] = "backup"
self.setAuthenticator("backup")
self.assertEqual(self.view.verify(), True)
def testMissingAuthenticator(self):
self.assertEqual(self.view.verify(), False)
def testIncorrectAuthenticator(self):
self.request["_authenticator"] = "incorrect"
self.assertEqual(self.view.verify(), False)
def testAuthenticatorWrongType(self):
self.request["_authenticator"] = 123
self.assertEqual(self.view.verify(), False)
def testExtraArgumentCanBeVerified(self):
self.manager['_forms'].data[0] = "secret"
self.setAuthenticator("secret", 'some-extra-value')
self.assertEqual(self.view.verify('some-extra-value'), True)
class VerifyTests(KeyringTestCase):
key_size = 2
def setUp(self):
self.request = MockRequest()
super(VerifyTests, self).setUp()
self.view = AuthenticatorView(None, self.request)
def setAuthenticator(self, key, extra='', name="_authenticator"):
user = getSecurityManager().getUser().getUserName()
auth = hmac.new(key, user + extra, sha).hexdigest()
self.request[name] = auth
def testCorrectAuthenticator(self):
self.manager['_forms'].data[0] = "secret"
self.setAuthenticator("secret")
self.assertEqual(self.view.verify(), True)
def testCustomAuthenticatorKeyName(self):
self.manager['_forms'].data[0] = "secret"
self.setAuthenticator("secret", name="_my_authenticator")
self.assertEqual(self.view.verify(name="_my_authenticator"), True)
def testOlderSecretVerifies(self):
self.manager['_forms'].data[1] = "backup"
self.setAuthenticator("backup")
self.assertEqual(self.view.verify(), True)
def testMissingAuthenticator(self):
self.assertEqual(self.view.verify(), False)
def testIncorrectAuthenticator(self):
self.request["_authenticator"] = "incorrect"
self.assertEqual(self.view.verify(), False)
def testAuthenticatorWrongType(self):
self.request["_authenticator"] = 123
self.assertEqual(self.view.verify(), False)
def testExtraArgumentCanBeVerified(self):
self.manager['_forms'].data[0] = "secret"
self.setAuthenticator("secret", 'some-extra-value')
self.assertEqual(self.view.verify('some-extra-value'), True)
class VerifyTests(KeyringTestCase):
def setUp(self):
self.request = MockRequest()
KeyringTestCase.setUp(self)
self.view = AuthenticatorView(None, self.request)
def setAuthenticator(self, key, extra='', name="_authenticator"):
user = getSecurityManager().getUser().getUserName()
auth = hmac.new(key, user + extra, sha).hexdigest()
self.request[name] = auth
def testCorrectAuthenticator(self):
self.manager.keys[0] = ("secret")
self.setAuthenticator("secret")
self.assertEqual(self.view.verify(), True)
def testCustomAuthenticatorKeyName(self):
self.manager.keys[0] = ("secret")
self.setAuthenticator("secret", name="_my_authenticator")
self.assertEqual(self.view.verify(name="_my_authenticator"), True)
def testOlderSecretVerifies(self):
self.manager.keys[3] = "backup"
self.setAuthenticator("backup")
self.assertEqual(self.view.verify(), True)
def testMissingAuthenticator(self):
self.assertEqual(self.view.verify(), False)
def testIncorrectAuthenticator(self):
self.request["_authenticator"] = "incorrect"
self.assertEqual(self.view.verify(), False)
def testAuthenticatorWrongType(self):
self.request["_authenticator"] = 123
self.assertEqual(self.view.verify(), False)
def testExtraArgumentCanBeVerified(self):
self.manager.keys[0] = ("secret")
self.setAuthenticator("secret", 'some-extra-value')
self.assertEqual(self.view.verify('some-extra-value'), True)
def test_incorrect_CSRF_header(self):
self.request.environ['HTTP_X_CSRF_TOKEN'] = 'foobar'
view = AuthenticatorView(None, self.request)
self.assertEqual(view.verify(), False)
def test_CSRF_header(self):
self.request.environ['HTTP_X_CSRF_TOKEN'] = createToken()
view = AuthenticatorView(None, self.request)
self.assertEqual(view.verify(), True)
def test_incorrect_CSRF_header(self):
self.request.environ['HTTP_X_CSRF_TOKEN'] = 'foobar'
view = AuthenticatorView(None, self.request)
self.assertEqual(view.verify(), False)
def test_CSRF_header(self):
self.request.environ['HTTP_X_CSRF_TOKEN'] = createToken()
view = AuthenticatorView(None, self.request)
self.assertEqual(view.verify(), True)
