def test_normalized_request_string_with_custom_port(self): req = "GET / HTTP/1.1\r\nHost: example.com:88\r\n\r\n" req = Request.from_string(req) req.authorization = ("MAC", {"ts": "1", "nonce": "2"}) sigstr = "1\n2\nGET\n/\nexample.com\n88\n\n" mysigstr = get_normalized_request_string(req) self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_with_https_scheme(self): req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" req = Request.from_string(req) req.authorization = ("MAC", {"ts": "1", "nonce": "2"}) req.scheme = "https" sigstr = "1\n2\nGET\n/\nexample.com\n443\n\n" mysigstr = get_normalized_request_string(req) self.assertEquals(sigstr, mysigstr)
def test_get_mac_signature_against_example_from_spec(self): # This is the example used in Section 1.1 of RFC-TODO req = "GET /resource/1?b=1&a=2 HTTP/1.1\r\n" "Host: example.com\r\n" "\r\n" params = {"id": "h480djs93hd8", "ts": "1336363200", "nonce": "dj83hs9s"} secret = "489dks293j39" sigstr = "1336363200\n" "dj83hs9s\n" "GET\n" "/resource/1?b=1&a=2\n" "example.com\n" "80\n" "\n" sig = "bhCQXTVyfj5cmA9uKkPFx1zeOXM=" req = Request.from_string(req) mysigstr = get_normalized_request_string(req, params) self.assertEquals(sigstr, mysigstr) mysig = get_mac_signature(req, secret, params)
def test_compatability_with_ff_sync_client(self): # These are test values used in the FF Sync Client testsuite. # Trying to make sure we're compatible. token, secret = ( "vmo1txkttblmn51u2p3zk2xiy16hgvm5ok8qiv1yyi86ffjzy9zj0ez9x6wnvbx7", "b8u1cc5iiio5o319og7hh8faf2gi5ym4aq0zwf112cv1287an65fudu5zj7zo7dz", ) req = "GET /alias/ HTTP/1.1\r\nHost: 10.250.2.176\r\n\r\n" req = Request.from_string(req) req.authorization = ("MAC", {"ts": "1329181221", "nonce": "wGX71"}) sig = "jzh5chjQc2zFEvLbyHnPdX11Yck=" mysig = get_mac_signature(req, secret) self.assertEquals(sig, mysig)
def test_normalized_request_string_against_example_from_spec(self): # This is the example used in Section 3.2.1 of RFC-TODO req = "POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q"\ " HTTP/1.1\r\n"\ "Host: example.com\r\n"\ "\r\n"\ "Hello World!" params = { "ts": "264095", "nonce": "7d8f3e4a", "ext": "a,b,c", } sigstr = "264095\n"\ "7d8f3e4a\n"\ "POST\n"\ "/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q\n"\ "example.com\n"\ "80\n"\ "a,b,c\n" # IanB, *thank you* for Request.from_string! req = Request.from_string(req) mysigstr = get_normalized_request_string(req, params) self.assertEquals(sigstr, mysigstr)
def test_get_mac_signature_against_example_from_spec(self): # This is the example used in Section 1.1 of RFC-TODO req = "GET /resource/1?b=1&a=2 HTTP/1.1\r\n"\ "Host: example.com\r\n"\ "\r\n" params = { "id": "h480djs93hd8", "ts": "1336363200", "nonce": "dj83hs9s" } secret = "489dks293j39" sigstr = "1336363200\n"\ "dj83hs9s\n"\ "GET\n"\ "/resource/1?b=1&a=2\n"\ "example.com\n"\ "80\n"\ "\n" sig = "bhCQXTVyfj5cmA9uKkPFx1zeOXM=" req = Request.from_string(req) mysigstr = get_normalized_request_string(req, params) self.assertEquals(sigstr, mysigstr) mysig = get_mac_signature(req, secret, params)
def test_signature_base_string(self): # This is the example used in Section 3.4.1.1 of RFC-5849. req = ""\ 'POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b HTTP/1.1\r\n'\ 'Host: example.com\r\n'\ 'Content-Type: application/x-www-form-urlencoded\r\n'\ 'Authorization: OAuth realm="Example", '\ 'oauth_consumer_key="9djdj82h48djs9d2", '\ 'oauth_token="kkk9d7dh3k39sjv7", '\ 'oauth_signature_method="HMAC-SHA1", '\ 'oauth_timestamp="137131201", '\ 'oauth_signature="bYT5CMsGcbgUdFHObYMEfcx6bsw%3D", '\ 'oauth_nonce="7d8f3e4a"\r\n'\ '\r\n'\ 'c2&a3=2+q' sigstr = 'POST&http%3A%2F%2Fexample.com%2Frequest&a2%3Dr%2520b%26a'\ '3%3D2%2520q%26a3%3Da%26b5%3D%253D%25253D%26c%2540%3D%26c'\ '2%3D%26oauth_consumer_key%3D9djdj82h48djs9d2%26oauth_non'\ 'ce%3D7d8f3e4a%26oauth_signature_method%3DHMAC-SHA1%26oau'\ 'th_timestamp%3D137131201%26oauth_token%3Dkkk9d7dh3k39sjv7' # IanB, *thank you* for Request.from_string! mysigstr = get_signature_base_string(Request.from_string(req)) self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_against_example_from_spec(self): # This is the example used in Section 3.2.1 of RFC-TODO req = ( "POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q" " HTTP/1.1\r\n" "Host: example.com\r\n" "\r\n" "Hello World!" ) params = {"ts": "264095", "nonce": "7d8f3e4a", "ext": "a,b,c"} sigstr = ( "264095\n" "7d8f3e4a\n" "POST\n" "/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q\n" "example.com\n" "80\n" "a,b,c\n" ) # IanB, *thank you* for Request.from_string! req = Request.from_string(req) mysigstr = get_normalized_request_string(req, params) self.assertEquals(sigstr, mysigstr)
def test_check_mac_signature_errors_when_missing_data(self): req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" req = Request.from_string(req) req.authorization = ("MAC", {"ts": "1", "nonce": "2"}) self.assertFalse(check_mac_signature(req, "secretkeyohsecretkey"))
def test_normalized_request_string_errors_when_no_default_port(self): req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" req = Request.from_string(req) req.authorization = ("MAC", {"ts": "1", "nonce": "2"}) req.scheme = "httptypo" self.assertRaises(ValueError, get_normalized_request_string, req)