def test_authorisation(bucket):
push_is_running_service()
try:
key = get_private_key("testing")
resource = uuid.uuid4()
auth = Authorisation(resource=resource, testing_key=key)
auth.assert_once()
with pytest.raises(PermissionError):
auth.assert_once()
auth.verify(resource=resource)
wrong_resource = uuid.uuid4()
with pytest.raises(PermissionError):
auth.verify(resource=wrong_resource)
data = auth.to_data()
new_auth = Authorisation.from_data(data)
with pytest.raises(PermissionError):
new_auth.verify(resource=resource)
new_auth._testing_key = key
new_auth.verify(resource=resource)
with pytest.raises(PermissionError):
new_auth.assert_once()
with pytest.raises(PermissionError):
new_auth.verify(resource=wrong_resource)
except:
pop_is_running_service()
raise
pop_is_running_service()
def test_authorisation():
key = PrivateKey()
resource = uuid.uuid4()
auth = Authorisation(resource=resource, testing_key=key)
auth.verify(resource=resource, testing_key=key.public_key())
wrong_key = PrivateKey()
with pytest.raises(PermissionError):
auth.verify(resource=resource, testing_key=wrong_key.public_key())
wrong_resource = uuid.uuid4()
with pytest.raises(PermissionError):
auth.verify(resource=wrong_resource, testing_key=key.public_key())
data = auth.to_data()
new_auth = Authorisation.from_data(data)
new_auth.verify(resource=resource, testing_key=key.public_key())
with pytest.raises(PermissionError):
new_auth.verify(resource=resource, testing_key=wrong_key.public_key())
with pytest.raises(PermissionError):
new_auth.verify(resource=wrong_resource, testing_key=key.public_key())
def test_login(username, password, aaai_services, tmpdir):
# register the new user
result = User.register(username=username,
password=password,
identity_url="identity")
assert(type(result) is dict)
otpsecret = result["otpsecret"]
otp = OTP(otpsecret)
user = User(username=username, identity_url="identity",
auto_logout=False)
result = user.request_login()
assert(type(result) is dict)
login_url = result["login_url"]
print(login_url)
wallet = Wallet()
wallet.send_password(url=login_url, username=username,
password=password, otpcode=otp.generate(),
remember_password=True)
user.wait_for_login()
assert(user.is_logged_in())
auth = Authorisation(user=user, resource="test")
auth.verify("test")
user.logout()
# now try to log in, using the remembered password
user = User(username=username, identity_url="identity",
auto_logout=False)
result = user.request_login()
login_url = result["login_url"]
# the test has to specify the username as we can't choose...
wallet.send_password(url=login_url, username=username,
otpcode=otp.generate(),
remember_device=True)
user.wait_for_login()
assert(user.is_logged_in())
auth = Authorisation(user=user, resource="test")
auth.verify("test")
user.logout()
# now see if the wallet can send all login info
# now try to log in, using the remembered password
user = User(username=username, identity_url="identity",
auto_logout=False)
result = user.request_login()
login_url = result["login_url"]
# the test has to specify the username as we can't choose...
wallet.send_password(url=login_url, username=username)
user.wait_for_login()
assert(user.is_logged_in())
auth = Authorisation(user=user, resource="test")
auth.verify("test")
user.logout()