Exemple #1
0
    def test_success(self):
        self.factory.create_application_dashboard(application_id=self.application.id, dashboard_id=self.dashboard.id)
        timestamp = int(time.time())
        params = {
            "secret_key": self.application.secret_key,
            "timestamp": str(timestamp),
            "max_age": "3600",
            "p_countries": "['us', 'ke', 'en']",
            "p_type": "游戏",
            "p_time": "['2021年01月01日', '2022年12月31日']",
        }
        s = encode_params(params)
        url = "?".join([self.embed_url, s])
        signature = get_embed_signature(self.application.secret_token, self.basic_url+url, timestamp)
        path = "{}&signature={}".format(url, signature)

        res = self.make_request(
            "get",
            path,
            user=False,
            is_json=False,
        )
        self.assertEqual(res.status_code, 200)
        self.assertIn("frame-ancestors *", res.headers["Content-Security-Policy"])
        self.assertNotIn("X-Frame-Options", res.headers)
 def test_success(self):
     timestamp = int(time.time())
     params = {
         "secret_key": self.application.secret_key,
         "timestamp": str(timestamp),
     }
     s = encode_params(params)
     url = "?".join([self.basic_embed_url, s])
     signature = get_embed_signature(self.application.secret_token, url,
                                     timestamp)
     path = "{}&signature={}".format(url, signature)
     with self.app.test_client() as c:
         rv = c.get(path)
         self.assertIsNotNone(api_key_load_user_from_request(request))
Exemple #3
0
    def test_expired_timestamp(self):
        application = self.factory.create_application(name="test_expired_timestamp")
        self.factory.create_application_dashboard(application_id=application.id, dashboard_id=self.dashboard.id)

        timestamp = int(time.time())
        timestamp = timestamp - 10 - 1
        params = {
            "secret_key": application.secret_key,
            "timestamp": str(timestamp),
        }
        s = encode_params(params)
        url = "?".join([self.embed_url, s])
        signature = get_embed_signature(application.secret_token, self.basic_url+url, timestamp)
        path = "{}&signature={}".format(url, signature)
        res = self.make_request(
            "get",
            path,
            is_json=False,
        )
        self.assertEqual(res.status_code, 401)

        timestamp = int(time.time())
        timestamp = timestamp + 10 + 1
        params = {
            "secret_key": application.secret_key,
            "timestamp": str(timestamp),
        }
        s = encode_params(params)
        url = "?".join([self.embed_url, s])
        signature = get_embed_signature(application.secret_token, self.basic_url+url, timestamp)
        path = "{}&signature={}".format(url, signature)
        res = self.make_request(
            "get",
            path,
            is_json=False,
        )
        self.assertEqual(res.status_code, 401)
Exemple #4
0
 def test_not_add_dashboard_to_application(self):
     timestamp = int(time.time())
     params = {
         "secret_key": self.application.secret_key,
         "timestamp": str(timestamp),
     }
     s = encode_params(params)
     url = "?".join([self.embed_url, s])
     signature = get_embed_signature(self.application.secret_token, self.basic_url+url, timestamp)
     path = "{}&signature={}".format(url, signature)
     print(path)
     res = self.make_request(
         "get",
         path,
         user=False,
         is_json=False,
     )
     self.assertEqual(res.status_code, 403)
 def test_no_secret_key(self):
     timestamp = int(time.time())
     params = {
         "timestamp": str(timestamp),
     }
     s = encode_params(params)
     url = "?".join([self.basic_embed_url, s])
     signature = get_embed_signature(self.application.secret_token, url,
                                     timestamp)
     path = "{}&signature={}".format(url, signature)
     with self.app.test_client() as c:
         rv = c.get(path)
         try:
             user = api_key_load_user_from_request(request)
         except Unauthorized as e:
             self.assertEqual(type(e), Unauthorized)
         else:
             self.assertTrue(False)
 def test_application_deactive(self):
     application = self.factory.create_application(
         name='test_application_deactive', active=False)
     timestamp = int(time.time())
     params = {
         "secret_key": application.secret_key,
         "timestamp": str(timestamp),
     }
     s = encode_params(params)
     url = "?".join([self.basic_embed_url, s])
     signature = get_embed_signature(application.secret_token, url,
                                     timestamp)
     path = "{}&signature={}".format(url, signature)
     with self.app.test_client() as c:
         rv = c.get(path)
         try:
             user = api_key_load_user_from_request(request)
         except Unauthorized as e:
             self.assertEqual(type(e), Unauthorized)
         else:
             self.assertIsNone(user)