Exemple #1
0
    async def test_saslprep(self):
        # Use Roman numeral for password, normalized by SASLprep to ASCII "IV",
        # see RFC 4013. MongoDB SASL mech normalizes password only, not user.
        env.create_user('scramtestdb',
                        'saslprep-test-user',
                        u'\u2163',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-256'])

        client = self.motor_client(username='******',
                                   password='******',
                                   authsource='scramtestdb')

        await client.scramtestdb.collection.insert_one({})
Exemple #2
0
    def test_saslprep(self):
        # Use Roman numeral for password, normalized by SASLprep to ASCII "IV",
        # see RFC 4013. MongoDB SASL mech normalizes password only, not user.
        env.create_user('scramtestdb',
                        'saslprep-test-user',
                        u'\u2163',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-256'])

        client = self.motor_client(username='******',
                                   password='******',
                                   authsource='scramtestdb')

        yield client.scramtestdb.collection.insert_one({})
Exemple #3
0
    async def test_saslprep(self):
        # Use Roman numeral for password, normalized by SASLprep to ASCII "IV",
        # see RFC 4013. MongoDB SASL mech normalizes password only, not user.
        env.create_user(
            "scramtestdb",
            "saslprep-test-user",
            "\u2163",
            roles=["dbOwner"],
            mechanisms=["SCRAM-SHA-256"],
        )

        client = self.motor_client(username="******",
                                   password="******",
                                   authsource="scramtestdb")

        await client.scramtestdb.collection.insert_one({})
Exemple #4
0
    async def test_scram(self):
        env.create_user("scramtestdb",
                        "sha1",
                        "pwd",
                        roles=["dbOwner"],
                        mechanisms=["SCRAM-SHA-1"])

        env.create_user("scramtestdb",
                        "sha256",
                        "pwd",
                        roles=["dbOwner"],
                        mechanisms=["SCRAM-SHA-256"])

        env.create_user(
            "scramtestdb",
            "both",
            "pwd",
            roles=["dbOwner"],
            mechanisms=["SCRAM-SHA-1", "SCRAM-SHA-256"],
        )

        for user, mechanism, should_work in [
            ("sha1", "SCRAM-SHA-1", True),
            ("sha1", "SCRAM-SHA-256", False),
            ("sha256", "SCRAM-SHA-256", True),
            ("sha256", "SCRAM-SHA-1", False),
            ("both", "SCRAM-SHA-1", True),
            ("both", "SCRAM-SHA-256", True),
        ]:
            client = self.motor_client(username=user,
                                       password="******",
                                       authsource="scramtestdb",
                                       authmechanism=mechanism)

            if should_work:
                await client.scramtestdb.collection.insert_one({})
            else:
                with self.assertRaises(OperationFailure):
                    await client.scramtestdb.collection.insert_one({})

        # No mechanism specified, always works.
        for user in ("sha1", "sha256", "both"):
            client = self.motor_client(username=user,
                                       password="******",
                                       authsource="scramtestdb")

            await client.scramtestdb.collection.insert_one({})
Exemple #5
0
    async def test_scram(self):
        env.create_user('scramtestdb',
                        'sha1',
                        'pwd',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-1'])

        env.create_user('scramtestdb',
                        'sha256',
                        'pwd',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-256'])

        env.create_user('scramtestdb',
                        'both',
                        'pwd',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-1', 'SCRAM-SHA-256'])

        for user, mechanism, should_work in [('sha1', 'SCRAM-SHA-1', True),
                                             ('sha1', 'SCRAM-SHA-256', False),
                                             ('sha256', 'SCRAM-SHA-256', True),
                                             ('sha256', 'SCRAM-SHA-1', False),
                                             ('both', 'SCRAM-SHA-1', True),
                                             ('both', 'SCRAM-SHA-256', True)]:
            client = self.motor_client(username=user,
                                       password='******',
                                       authsource='scramtestdb',
                                       authmechanism=mechanism)

            if should_work:
                await client.scramtestdb.collection.insert_one({})
            else:
                with self.assertRaises(OperationFailure):
                    await client.scramtestdb.collection.insert_one({})

        # No mechanism specified, always works.
        for user, mechanism, should_work in [('sha1', None, True),
                                             ('sha256', None, False),
                                             ('both', None, True)]:
            client = self.motor_client(username=user,
                                       password='******',
                                       authsource='scramtestdb')

            await client.scramtestdb.collection.insert_one({})
Exemple #6
0
    def test_scram(self):
        env.create_user('scramtestdb',
                        'sha1',
                        'pwd',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-1'])

        env.create_user('scramtestdb',
                        'sha256',
                        'pwd',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-256'])

        env.create_user('scramtestdb',
                        'both',
                        'pwd',
                        roles=['dbOwner'],
                        mechanisms=['SCRAM-SHA-1', 'SCRAM-SHA-256'])

        for user, mechanism, should_work in [('sha1', 'SCRAM-SHA-1', True),
                                             ('sha1', 'SCRAM-SHA-256', False),
                                             ('sha256', 'SCRAM-SHA-256', True),
                                             ('sha256', 'SCRAM-SHA-1', False),
                                             ('both', 'SCRAM-SHA-1', True),
                                             ('both', 'SCRAM-SHA-256', True)]:
            client = self.motor_client(username=user,
                                       password='******',
                                       authsource='scramtestdb',
                                       authmechanism=mechanism)

            if should_work:
                yield client.scramtestdb.collection.insert_one({})
            else:
                with self.assertRaises(OperationFailure):
                    yield client.scramtestdb.collection.insert_one({})

        # No mechanism specified, always works.
        for user, mechanism, should_work in [('sha1', None, True),
                                             ('sha256', None, False),
                                             ('both', None, True)]:
            client = self.motor_client(username=user,
                                       password='******',
                                       authsource='scramtestdb')

            yield client.scramtestdb.collection.insert_one({})