def test_invalid_request(self, _request):
creds = base64.b64encode('foo:bar')
_request.headers = {'Authorization': 'Basic {0}'.format(creds)}
_request.data = 'foo'
self.app.config['EXTERNAL_CLIENTS']['foo'] = 'bar'
assert valid_request() is False
def test_invalide_client_id(self, _request):
h = hmac.new('foo', 'foo', hashlib.sha256)
sig = base64.b64encode(h.digest())
creds = base64.b64encode('foo:{0}'.format(sig))
_request.headers = {'Authorization': 'Basic {0}'.format(creds)}
assert valid_request() is False
def test_valid_request(self, _request):
h = hmac.new('foo', 'foo', hashlib.sha256)
sig = base64.b64encode(h.digest())
creds = base64.b64encode('foo:{0}'.format(sig))
_request.headers = {'Authorization': 'Basic {0}'.format(creds)}
_request.data = 'foo'
self.app.config['EXTERNAL_CLIENTS']['foo'] = 'foo'
assert valid_request()
def is_authenticated_request():
""" Retruns if the request is valid
Returns
-------
bool
If the requets is valid
"""
# Known client?
if clients.valid_request():
return True
# Is a user session?
user = session.user_from_session()
if user is not None:
return True
return False
def test_invalid_auth_creds(self, _request):
_request.headers = {'Authorization': 'Basic Bar'}
assert valid_request() is False
def test_invalid_auth_type(self, _request):
_request.headers = {'Authorization': 'Foo Bar'}
assert valid_request() is False
def test_invalid_or_no_client_id(self, _request):
_request.headers = {}
assert valid_request() is False