def test_broken_cert(self):
# Verify that broken certs fail.
with self.assertRaises(Unauthorized) as context:
t = template.copy()
t['public_key_url'] = 'broken cert'
run_gamecenter_token_validation(t, app_bundles=app_bundles)
self.assertIn("Can't load certificate", context.exception.description)
def test_broken_url(self):
# Verify that broken public key url is caught
with self.assertRaises(Unauthorized) as context:
t = template.copy()
t['public_key_url'] = 'broken url'
run_gamecenter_token_validation(t, app_bundles=app_bundles)
self.assertIn("Can't fetch url 'broken url'",
context.exception.description)
def test_missing_fields(self):
# Verify missing field check. The exception will list out all missing fields, so by removing
# a single field, we should only be notified of that one missing.
with self.assertRaises(Unauthorized) as context:
t = template.copy()
del t['salt']
run_gamecenter_token_validation(t, app_bundles=app_bundles)
self.assertIn("The token is missing required fields: salt.",
context.exception.description)
def test_cert_validation(self):
# Make sure cert is issued to a trusted organization.
_tmp = TRUSTED_ORGANIZATIONS[:]
TRUSTED_ORGANIZATIONS[:] = ['Mordor Inc.']
try:
with self.assertRaises(Unauthorized) as context:
run_gamecenter_token_validation(template,
app_bundles=app_bundles)
self.assertIn(
"Certificate is issued to 'Apple Inc.' which is not one of ['Mordor Inc.'].",
context.exception.description)
finally:
TRUSTED_ORGANIZATIONS[:] = _tmp
def test_signature(self):
# Check signature of token by corrupting the signature
with self.assertRaises(Unauthorized) as context:
t = template.copy()
t['signature'] = t['signature'][:84] + '5' + t['signature'][
85:] # Just modify one random letter.
run_gamecenter_token_validation(t, app_bundles=app_bundles)
self.assertIn("Can't verify signature:", context.exception.description)
self.assertIn("'padding check failed'", context.exception.description)
# Check signature of token by modifying the payload
with self.assertRaises(Unauthorized) as context:
t = template.copy()
t['player_id'] = 'G:5637867917'
run_gamecenter_token_validation(t, app_bundles=app_bundles)
self.assertIn("Can't verify signature:", context.exception.description)
self.assertIn("'bad signature'", context.exception.description)
def test_cert_expiration(self):
with self.assertRaises(Unauthorized) as context:
run_gamecenter_token_validation(template, app_bundles=app_bundles)
self.assertIn("Certificate is expired", context.exception.description)
def test_app_bundles(self):
# Verify that the token is issued to the appropriate app.
with self.assertRaises(Unauthorized) as context:
run_gamecenter_token_validation(template, app_bundles=['dummy'])
self.assertIn("'app_bundle_id' not one of ['dummy']",
context.exception.description)
def test_gamecenter(self):
# This should fly straight through
run_gamecenter_token_validation(template, app_bundles=app_bundles)