def test_04_cleanup_authcache(self): # cleanup everything! r = cleanup(100000000) # Create some entries: AuthCache("grandpa", self.realm, self.resolver, _hash_password(self.password), first_auth=datetime.datetime.utcnow() - datetime.timedelta(days=10), last_auth=datetime.datetime.utcnow() - datetime.timedelta(days=2)).save() AuthCache("grandpa", self.realm, self.resolver, _hash_password(self.password), first_auth=datetime.datetime.utcnow() - datetime.timedelta(minutes=10), last_auth=datetime.datetime.utcnow() - datetime.timedelta(minutes=2)).save() # Now we delete entries, that are older than 20 minutes. Only the 2 days old # should be deleted. Not the 2 minutes old. r = cleanup(10) self.assertEqual(1, r)
def test_01_write_update_delete_cache(self): teststart = datetime.datetime.utcnow() r = add_to_cache(self.username, self.realm, self.resolver, self.password) self.assertTrue(r > 0) auth = AuthCache.query.filter(AuthCache.id == r).first() self.assertEqual(auth.username, self.username) self.assertEqual(auth.authentication, _hash_password(self.password)) self.assertTrue(auth.first_auth > teststart) self.assertEqual(auth.last_auth, auth.first_auth) update_cache_last_auth(r) auth = AuthCache.query.filter(AuthCache.id == r).first() self.assertTrue(auth.last_auth > teststart) r_delete = delete_from_cache(self.username, self.realm, self.resolver, self.password) self.assertEqual(r, r_delete) auth = AuthCache.query.filter( AuthCache.username == self.username).first() self.assertEqual(auth, None)
def test_01_write_update_delete_cache(self): teststart = datetime.datetime.utcnow() r = add_to_cache(self.username, self.realm, self.resolver, self.password) self.assertTrue(r > 0) auth = AuthCache.query.filter(AuthCache.id == r).first() self.assertEqual(auth.username, self.username) self.assertEqual(auth.authentication, _hash_password(self.password)) self.assertTrue(auth.first_auth > teststart) self.assertEqual(auth.last_auth, auth.first_auth) update_cache_last_auth(r) auth = AuthCache.query.filter(AuthCache.id == r).first() self.assertTrue(auth.last_auth > teststart) r_delete = delete_from_cache(self.username, self.realm, self.resolver, self.password) self.assertEqual(r, r_delete) auth = AuthCache.query.filter(AuthCache.username == self.username).first() self.assertEqual(auth, None)
def test_04_cleanup_authcache(self): # cleanup everything! r = cleanup(100000000) # Create some entries: AuthCache("grandpa", self.realm, self.resolver, _hash_password(self.password), first_auth=datetime.datetime.utcnow() - datetime.timedelta( days=10), last_auth=datetime.datetime.utcnow() - datetime.timedelta( days=2)).save() AuthCache("grandpa", self.realm, self.resolver, _hash_password(self.password), first_auth=datetime.datetime.utcnow() - datetime.timedelta( minutes=10), last_auth=datetime.datetime.utcnow() - datetime.timedelta( minutes=2)).save() # Now we delete entries, that are older than 20 minutes. Only the 2 days old # should be deleted. Not the 2 minutes old. r = cleanup(10) self.assertEqual(1, r)
def test_03_delete_old_entries(self): # Create a VERY old authcache entry AuthCache("grandpa", self.realm, self.resolver, _hash_password(self.password), first_auth=datetime.datetime.utcnow() - datetime.timedelta( days=10), last_auth=datetime.datetime.utcnow() - datetime.timedelta( days=2)).save() r = verify_in_cache( "grandpa", self.realm, self.resolver, self.password, first_auth=datetime.datetime.utcnow() - datetime.timedelta(hours=4), last_auth=datetime.datetime.utcnow() - datetime.timedelta( minutes=5)) # Verification for grandpa fails. self.assertFalse(r) # The verify_in_cache should have deleted old grandpa entries: r = AuthCache.query.filter(AuthCache.username == "grandpa").first() self.assertEqual(r, None)
def test_12_authcache(self): password = "******" username = "******" realm = "myrealm" resolver = "reso001" r = save_resolver({"resolver": "reso001", "type": "passwdresolver", "fileName": "tests/testdata/passwords"}) (added, failed) = set_realm("myrealm", ["reso001"]) def fake_check_user_pass(user, passw, options=None): return True, {"message": "Fake Authentication"} set_policy(name="pol1", scope=SCOPE.AUTH, realm=realm, resolver=resolver, action="{0!s}={1!s}".format(ACTION.AUTH_CACHE, "4h/5m")) g = FakeFlaskG() P = PolicyClass() g.policy_object = P g.audit_object = FakeAudit() options = {"g": g} # This successfully authenticates against the authcache # We have an authentication, that is within the policy timeout AuthCache(username, realm, resolver, _hash_password(password), first_auth=datetime.datetime.utcnow() - timedelta(hours=3), last_auth=datetime.datetime.utcnow() - timedelta(minutes=1)).save() r = auth_cache(fake_check_user_pass, User("cornelius", "myrealm"), password, options=options) self.assertTrue(r[0]) self.assertEqual(r[1].get("message"), "Authenticated by AuthCache." ) # We have an authentication, that is not read from the authcache, # since the authcache first_auth is too old. delete_from_cache(username, realm, resolver, password) AuthCache(username, realm, resolver, _hash_password(password), first_auth=datetime.datetime.utcnow() - timedelta(hours=5), last_auth=datetime.datetime.utcnow() - timedelta( minutes=1)).save() r = auth_cache(fake_check_user_pass, User("cornelius", "myrealm"), password, options=options) self.assertTrue(r[0]) self.assertEqual(r[1].get("message"), "Fake Authentication") # We have an authentication, that is not read from authcache, since # the last_auth is too old = 10 minutes. delete_from_cache(username, realm, resolver, password) AuthCache(username, realm, resolver, _hash_password(password), first_auth=datetime.datetime.utcnow() - timedelta(hours=1), last_auth=datetime.datetime.utcnow() - timedelta( minutes=10)).save() r = auth_cache(fake_check_user_pass, User("cornelius", "myrealm"), password, options=options) self.assertTrue(r[0]) self.assertEqual(r[1].get("message"), "Fake Authentication") # We have a policy, with no special last_auth delete_policy("pol1") set_policy(name="pol1", scope=SCOPE.AUTH, realm=realm, resolver=resolver, action="{0!s}={1!s}".format(ACTION.AUTH_CACHE, "4h")) g = FakeFlaskG() P = PolicyClass() g.policy_object = P g.audit_object = FakeAudit() options = {"g": g} delete_from_cache(username, realm, resolver, password) AuthCache(username, realm, resolver, _hash_password(password), first_auth=datetime.datetime.utcnow() - timedelta(hours=2), last_auth=datetime.datetime.utcnow() - timedelta( hours=1)).save() r = auth_cache(fake_check_user_pass, User("cornelius", "myrealm"), password, options=options) self.assertTrue(r[0]) self.assertEqual(r[1].get("message"), "Authenticated by AuthCache.") # Clean up delete_policy("pol1") delete_realm("myrealm") delete_resolver("reso001")