def test_httponly(self):
cookie = Cookie("color", "blue", httponly=True)
self.assertTrue(cookie.http_return_ok("http://example.com"))
self.assertTrue(cookie.http_return_ok("https://example.com"))
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok("ftp://example.com"))
def test_httponly(self):
cookie = Cookie('color', 'blue', httponly=True)
self.assertTrue(cookie.http_return_ok('http://example.com'))
self.assertTrue(cookie.http_return_ok('https://example.com'))
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok('ftp://example.com'))
def test_expires(self):
now = datetime.datetime.utcnow().replace(microsecond=0)
# expires 1 day from now
expires = now + datetime.timedelta(days=1)
cookie = Cookie('color', 'blue', expires=expires)
self.assertTrue(cookie.http_return_ok(self.url))
# expired 1 day ago
expires = now + datetime.timedelta(days=-1)
cookie = Cookie('color', 'blue', expires=expires)
with self.assertRaises(Cookie.Expired):
self.assertTrue(cookie.http_return_ok(self.url))
def generate_cookie(self, url_path, session_id, expiration=None, add_header=False):
'''
Return a session cookie containing the session id. The cookie
will be contrainted to the url path, defined for use
with HTTP only, and only returned on secure connections (SSL).
:parameters:
url_path
The cookie will be returned in a request if it begins
with this url path.
session_id
The session id identified by the session cookie
add_header
If true format cookie string with Set-Cookie: header
:returns:
cookie string
'''
if not expiration: # Catch zero unix timestamps
expiration = None;
cookie = Cookie(self.session_cookie_name, session_id,
domain=urlparse.urlparse(api.env.xmlrpc_uri).netloc,
path=url_path, httponly=True, secure=True,
expires=expiration)
if add_header:
result = 'Set-Cookie: %s' % cookie
else:
result = str(cookie)
return result
def store_session_cookie(self, cookie_header):
'''
Given the contents of a Set-Cookie header scan the header and
extract each cookie contained within until the session cookie
is located. Examine the session cookie if the domain and path
are specified, if not update the cookie with those values from
the request URL. Then write the session cookie into the key
store for the principal. If the cookie header is None or the
session cookie is not present in the header no action is
taken.
Context Dependencies:
The per thread context is expected to contain:
principal
The current pricipal the HTTP request was issued for.
request_url
The URL of the HTTP request.
'''
if cookie_header is None:
return
principal = getattr(context, 'principal', None)
request_url = getattr(context, 'request_url', None)
root_logger.debug("received Set-Cookie '%s'", cookie_header)
# Search for the session cookie
try:
session_cookie = Cookie.get_named_cookie_from_string(cookie_header,
COOKIE_NAME, request_url)
except Exception, e:
root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e)
return
def get_session_cookie_from_persistent_storage(self, principal):
'''
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
'''
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
except Exception:
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_string,
COOKIE_NAME,
timestamp=datetime.datetime.utcnow())
except Exception as e:
self.log.debug(
'Error retrieving cookie from the persistent storage: {err}'.
format(err=e))
return None
return session_cookie
def get_session_cookie_from_persistent_storage(self, principal):
'''
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
'''
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
if cookie_string is None:
return None
cookie_string = cookie_string.decode('utf-8')
except Exception as e:
logger.debug('Error reading client session data: %s', e)
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_string, COOKIE_NAME,
timestamp=datetime.datetime.utcnow())
except Exception as e:
logger.debug(
'Error retrieving cookie from the persistent storage: %s',
e)
return None
return session_cookie
def get_session_id_from_http_cookie(self, cookie_header):
'''
Parse an HTTP cookie header and search for our session
id. Return the session id if found, return None if not
found.
:parameters:
cookie_header
An HTTP cookie header. May be None, if None return None.
:returns:
Session id as string or None if not found.
'''
if cookie_header is None:
return None
session_id = None
try:
session_cookie = Cookie.get_named_cookie_from_string(cookie_header, self.session_cookie_name)
except Exception as e:
session_cookie = None
if session_cookie:
session_id = session_cookie.value
if session_id is None:
self.debug('no session cookie found')
else:
self.debug('found session cookie_id = %s', session_id)
return session_id
def get_session_id_from_http_cookie(self, cookie_header):
'''
Parse an HTTP cookie header and search for our session
id. Return the session id if found, return None if not
found.
:parameters:
cookie_header
An HTTP cookie header. May be None, if None return None.
:returns:
Session id as string or None if not found.
'''
if cookie_header is None:
return None
session_id = None
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_header, self.session_cookie_name)
except Exception as e:
session_cookie = None
if session_cookie:
session_id = session_cookie.value
if session_id is None:
self.debug('no session cookie found')
else:
self.debug('found session cookie_id = %s', session_id)
return session_id
def store_session_cookie(self, cookie_header):
'''
Given the contents of a Set-Cookie header scan the header and
extract each cookie contained within until the session cookie
is located. Examine the session cookie if the domain and path
are specified, if not update the cookie with those values from
the request URL. Then write the session cookie into the key
store for the principal. If the cookie header is None or the
session cookie is not present in the header no action is
taken.
Context Dependencies:
The per thread context is expected to contain:
principal
The current pricipal the HTTP request was issued for.
request_url
The URL of the HTTP request.
'''
if cookie_header is None:
return
principal = getattr(context, 'principal', None)
request_url = getattr(context, 'request_url', None)
logger.debug("received Set-Cookie (%s)'%s'", type(cookie_header),
cookie_header)
if not isinstance(cookie_header, list):
cookie_header = [cookie_header]
# Search for the session cookie
session_cookie = None
try:
for cookie in cookie_header:
session_cookie = (Cookie.get_named_cookie_from_string(
cookie,
COOKIE_NAME,
request_url,
timestamp=datetime.datetime.utcnow()))
if session_cookie is not None:
break
except Exception as e:
logger.error("unable to parse cookie header '%s': %s",
cookie_header, e)
return
if session_cookie is None:
return
cookie_string = self._slice_session_cookie(session_cookie)
logger.debug("storing cookie '%s' for principal %s", cookie_string,
principal)
try:
update_persistent_client_session_data(principal, cookie_string)
except Exception as e:
# Not fatal, we just can't use the session cookie we were sent.
pass
def store_session_cookie(self, cookie_header):
'''
Given the contents of a Set-Cookie header scan the header and
extract each cookie contained within until the session cookie
is located. Examine the session cookie if the domain and path
are specified, if not update the cookie with those values from
the request URL. Then write the session cookie into the key
store for the principal. If the cookie header is None or the
session cookie is not present in the header no action is
taken.
Context Dependencies:
The per thread context is expected to contain:
principal
The current pricipal the HTTP request was issued for.
request_url
The URL of the HTTP request.
'''
if cookie_header is None:
return
principal = getattr(context, 'principal', None)
request_url = getattr(context, 'request_url', None)
logger.debug("received Set-Cookie (%s)'%s'", type(cookie_header),
cookie_header)
if not isinstance(cookie_header, list):
cookie_header = [cookie_header]
# Search for the session cookie
session_cookie = None
try:
for cookie in cookie_header:
session_cookie = (
Cookie.get_named_cookie_from_string(
cookie, COOKIE_NAME, request_url,
timestamp=datetime.datetime.utcnow())
)
if session_cookie is not None:
break
except Exception as e:
logger.error("unable to parse cookie header '%s': %s",
cookie_header, e)
return
if session_cookie is None:
return
cookie_string = self._slice_session_cookie(session_cookie)
logger.debug("storing cookie '%s' for principal %s",
cookie_string, principal)
try:
update_persistent_client_session_data(principal, cookie_string)
except Exception as e:
# Not fatal, we just can't use the session cookie we were sent.
pass
def test_invalid(self):
# Invalid Max-Age
s = 'color=blue; Max-Age=over-the-hill'
with pytest.raises(ValueError):
Cookie.parse(s)
cookie = Cookie('color', 'blue')
with pytest.raises(ValueError):
cookie.max_age = 'over-the-hill'
# Invalid Expires
s = 'color=blue; Expires=Sun, 06 Xxx 1994 08:49:37 GMT'
with pytest.raises(ValueError):
Cookie.parse(s)
cookie = Cookie('color', 'blue')
with pytest.raises(ValueError):
cookie.expires = 'Sun, 06 Xxx 1994 08:49:37 GMT'
def test_path_normalization(self):
self.assertEqual(Cookie.normalize_url_path(''), '/')
self.assertEqual(Cookie.normalize_url_path('foo'), '/')
self.assertEqual(Cookie.normalize_url_path('foo/'), '/')
self.assertEqual(Cookie.normalize_url_path('/foo'), '/')
self.assertEqual(Cookie.normalize_url_path('/foo/'), '/foo')
self.assertEqual(Cookie.normalize_url_path('/Foo/bar'), '/foo')
self.assertEqual(Cookie.normalize_url_path('/foo/baR/'), '/foo/bar')
def test_path_normalization(self):
self.assertEqual(Cookie.normalize_url_path(''), '/')
self.assertEqual(Cookie.normalize_url_path('foo'), '/')
self.assertEqual(Cookie.normalize_url_path('foo/'), '/')
self.assertEqual(Cookie.normalize_url_path('/foo'), '/')
self.assertEqual(Cookie.normalize_url_path('/foo/'), '/foo')
self.assertEqual(Cookie.normalize_url_path('/Foo/bar'), '/foo')
self.assertEqual(Cookie.normalize_url_path('/foo/baR/'), '/foo/bar')
def test_path_normalization(self):
self.assertEqual(Cookie.normalize_url_path(""), "/")
self.assertEqual(Cookie.normalize_url_path("foo"), "/")
self.assertEqual(Cookie.normalize_url_path("foo/"), "/")
self.assertEqual(Cookie.normalize_url_path("/foo"), "/")
self.assertEqual(Cookie.normalize_url_path("/foo/"), "/foo")
self.assertEqual(Cookie.normalize_url_path("/Foo/bar"), "/foo")
self.assertEqual(Cookie.normalize_url_path("/foo/baR/"), "/foo/bar")
def test_path_normalization(self):
assert Cookie.normalize_url_path('') == '/'
assert Cookie.normalize_url_path('foo') == '/'
assert Cookie.normalize_url_path('foo/') == '/'
assert Cookie.normalize_url_path('/foo') == '/'
assert Cookie.normalize_url_path('/foo/') == '/foo'
assert Cookie.normalize_url_path('/Foo/bar') == '/foo'
assert Cookie.normalize_url_path('/foo/baR/') == '/foo/bar'
def test_path(self):
cookie = Cookie('color', 'blue')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', path='/')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', path='/one')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', path='/oneX')
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
def test_path(self):
cookie = Cookie("color", "blue")
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", path="/")
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", path="/one")
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", path="/oneX")
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
def test_invalid(self):
# Invalid Max-Age
s = "color=blue; Max-Age=over-the-hill"
with self.assertRaises(ValueError):
Cookie.parse(s)
cookie = Cookie("color", "blue")
with self.assertRaises(ValueError):
cookie.max_age = "over-the-hill"
# Invalid Expires
s = "color=blue; Expires=Sun, 06 Xxx 1994 08:49:37 GMT"
with self.assertRaises(ValueError):
Cookie.parse(s)
cookie = Cookie("color", "blue")
with self.assertRaises(ValueError):
cookie.expires = "Sun, 06 Xxx 1994 08:49:37 GMT"
def test_expires(self):
now = datetime.datetime.utcnow().replace(microsecond=0)
# expires 1 day from now
expires = now + datetime.timedelta(days=1)
cookie = Cookie('color', 'blue', expires=expires)
assert cookie.http_return_ok(self.url)
# expired 1 day ago
expires = now + datetime.timedelta(days=-1)
cookie = Cookie('color', 'blue', expires=expires)
with pytest.raises(Cookie.Expired):
assert cookie.http_return_ok(self.url)
def get_session_cookie_from_persistent_storage(self, principal):
"""
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
"""
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
except Exception:
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME)
except Exception:
return None
return session_cookie
def get_session_cookie_from_persistent_storage(self, principal):
'''
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
'''
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
except Exception:
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_string, COOKIE_NAME)
except Exception:
return None
return session_cookie
def test_invalid(self):
# Invalid Max-Age
s = 'color=blue; Max-Age=over-the-hill'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
cookie = Cookie('color', 'blue')
with self.assertRaises(ValueError):
cookie.max_age = 'over-the-hill'
# Invalid Expires
s = 'color=blue; Expires=Sun, 06 Xxx 1994 08:49:37 GMT'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
cookie = Cookie('color', 'blue')
with self.assertRaises(ValueError):
cookie.expires = 'Sun, 06 Xxx 1994 08:49:37 GMT'
def store_session_cookie(self, cookie_header):
'''
Given the contents of a Set-Cookie header scan the header and
extract each cookie contained within until the session cookie
is located. Examine the session cookie if the domain and path
are specified, if not update the cookie with those values from
the request URL. Then write the session cookie into the key
store for the principal. If the cookie header is None or the
session cookie is not present in the header no action is
taken.
Context Dependencies:
The per thread context is expected to contain:
principal
The current pricipal the HTTP request was issued for.
request_url
The URL of the HTTP request.
'''
if cookie_header is None:
return
principal = getattr(context, 'principal', None)
request_url = getattr(context, 'request_url', None)
root_logger.debug("received Set-Cookie '%s'", cookie_header)
# Search for the session cookie
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_header, COOKIE_NAME, request_url)
except Exception, e:
root_logger.error("unable to parse cookie header '%s': %s",
cookie_header, e)
return
def test_normalization(self):
cookie = Cookie("color", "blue", expires=self.expires)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
url = "http://example.COM/foo"
cookie.normalize(url)
self.assertEqual(cookie.domain, "example.com")
self.assertEqual(cookie.path, "/")
self.assertEqual(cookie.expires, self.expires)
cookie = Cookie("color", "blue", max_age=self.max_age)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
url = "http://example.com/foo/"
cookie.normalize(url)
self.assertEqual(cookie.domain, "example.com")
self.assertEqual(cookie.path, "/foo")
self.assertEqual(cookie.expires, self.age_expiration)
cookie = Cookie("color", "blue")
url = "http://example.com/foo"
cookie.normalize(url)
self.assertEqual(cookie.domain, "example.com")
self.assertEqual(cookie.path, "/")
cookie = Cookie("color", "blue")
url = "http://example.com/foo/bar"
cookie.normalize(url)
self.assertEqual(cookie.domain, "example.com")
self.assertEqual(cookie.path, "/foo")
cookie = Cookie("color", "blue")
url = "http://example.com/foo/bar/"
cookie.normalize(url)
self.assertEqual(cookie.domain, "example.com")
self.assertEqual(cookie.path, "/foo/bar")
def test_parse(self):
# Empty string
s = ''
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 0)
# Invalid single token
s = 'color'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# Invalid single token that's keyword
s = 'HttpOnly'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# Invalid key/value pair whose key is a keyword
s = 'domain=example.com'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# 1 cookie with empty value
s = 'color='
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, '')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=")
self.assertEqual(cookie.http_cookie(), "color=;")
# 1 cookie with name/value
s = 'color=blue'
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
self.assertEqual(cookie.http_cookie(), "color=blue;")
# 1 cookie with whose value is quoted
# Use "get by name" utility to extract specific cookie
s = 'color="blue"'
cookie = Cookie.get_named_cookie_from_string(s, 'color')
self.assertIsNotNone(cookie)
self.assertIsNotNone(cookie, Cookie)
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
self.assertEqual(cookie.http_cookie(), "color=blue;")
# 1 cookie with name/value and domain, path attributes.
# Change up the whitespace a bit.
s = 'color =blue; domain= example.com ; path = /toplevel '
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/toplevel')
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Domain=example.com; Path=/toplevel")
self.assertEqual(cookie.http_cookie(), "color=blue;")
# 2 cookies, various attributes
s = 'color=blue; Max-Age=3600; temperature=hot; HttpOnly'
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 2)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, 3600)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Max-Age=3600")
self.assertEqual(cookie.http_cookie(), "color=blue;")
cookie = cookies[1]
self.assertEqual(cookie.key, 'temperature')
self.assertEqual(cookie.value, 'hot')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, True)
self.assertEqual(str(cookie), "temperature=hot; HttpOnly")
self.assertEqual(cookie.http_cookie(), "temperature=hot;")
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
'''
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
except Exception, e:
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME)
except Exception, e:
return None
return session_cookie
def apply_session_cookie(self, url):
'''
Attempt to load a session cookie for the current principal
from the persistent secure storage. If the cookie is
successfully loaded adjust the input url's to point to the
session path and insert the session cookie into the per thread
context for later insertion into the HTTP request. If the
cookie is not successfully loaded then the original url is
returned and the per thread context is not modified.
def test_no_attributes(self):
cookie = Cookie('color', 'blue')
self.assertTrue(cookie.http_return_ok(self.url))
def test_path(self):
cookie = Cookie('color', 'blue')
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', path='/')
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', path='/one')
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', path='/oneX')
with pytest.raises(Cookie.URLMismatch):
assert cookie.http_return_ok(self.url)
def test_attributes(self):
cookie = Cookie('color', 'blue')
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
cookie.domain = 'example.com'
self.assertEqual(cookie.domain, 'example.com')
cookie.domain = None
self.assertEqual(cookie.domain, None)
cookie.path = '/toplevel'
self.assertEqual(cookie.path, '/toplevel')
cookie.path = None
self.assertEqual(cookie.path, None)
cookie.max_age = 400
self.assertEqual(cookie.max_age, 400)
cookie.max_age = None
self.assertEqual(cookie.max_age, None)
cookie.expires = 'Sun, 06 Nov 1994 08:49:37 GMT'
self.assertEqual(cookie.expires, datetime.datetime(1994, 11, 6, 8, 49, 37))
cookie.expires = None
self.assertEqual(cookie.expires, None)
cookie.secure = True
self.assertEqual(cookie.secure, True)
self.assertEqual(str(cookie), "color=blue; Secure")
cookie.secure = False
self.assertEqual(cookie.secure, False)
self.assertEqual(str(cookie), "color=blue")
cookie.secure = None
self.assertEqual(cookie.secure, None)
self.assertEqual(str(cookie), "color=blue")
cookie.httponly = True
self.assertEqual(cookie.httponly, True)
self.assertEqual(str(cookie), "color=blue; HttpOnly")
cookie.httponly = False
self.assertEqual(cookie.httponly, False)
self.assertEqual(str(cookie), "color=blue")
cookie.httponly = None
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
def test_parse(self):
# Empty string
s = ''
cookies = Cookie.parse(s)
assert len(cookies) == 0
# Invalid single token
s = 'color'
with pytest.raises(ValueError):
cookies = Cookie.parse(s)
# Invalid single token that's keyword
s = 'HttpOnly'
with pytest.raises(ValueError):
cookies = Cookie.parse(s)
# Invalid key/value pair whose key is a keyword
s = 'domain=example.com'
with pytest.raises(ValueError):
cookies = Cookie.parse(s)
# 1 cookie with empty value
s = 'color='
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
assert cookie.key == 'color'
assert cookie.value == ''
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color="
assert cookie.http_cookie() == "color=;"
# 1 cookie with name/value
s = 'color=blue'
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue"
assert cookie.http_cookie() == "color=blue;"
# 1 cookie with whose value is quoted
# Use "get by name" utility to extract specific cookie
s = 'color="blue"'
cookie = Cookie.get_named_cookie_from_string(s, 'color')
assert cookie is not None, Cookie
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue"
assert cookie.http_cookie() == "color=blue;"
# 1 cookie with name/value and domain, path attributes.
# Change up the whitespace a bit.
s = 'color =blue; domain= example.com ; path = /toplevel '
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain == 'example.com'
assert cookie.path == '/toplevel'
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue; Domain=example.com; Path=/toplevel"
assert cookie.http_cookie() == "color=blue;"
# 2 cookies, various attributes
s = 'color=blue; Max-Age=3600; temperature=hot; HttpOnly'
cookies = Cookie.parse(s)
assert len(cookies) == 2
cookie = cookies[0]
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age == 3600
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue; Max-Age=3600"
assert cookie.http_cookie() == "color=blue;"
cookie = cookies[1]
assert cookie.key == 'temperature'
assert cookie.value == 'hot'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is True
assert str(cookie) == "temperature=hot; HttpOnly"
assert cookie.http_cookie() == "temperature=hot;"
def test_no_attributes(self):
cookie = Cookie('color', 'blue')
assert cookie.http_return_ok(self.url)
def test_secure(self):
cookie = Cookie('color', 'blue', secure=True)
self.assertTrue(cookie.http_return_ok('https://Xexample.com'))
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok('http://Xexample.com'))
def test_expires(self):
# 1 cookie with name/value and no Max-Age and no Expires
s = 'color=blue;'
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue"
assert cookie.get_expiration() is None
# Normalize
assert cookie.normalize_expiration() is None
assert cookie.max_age is None
assert cookie.expires is None
assert str(cookie) == "color=blue"
# 1 cookie with name/value and Max-Age
s = 'color=blue; max-age=%d' % (self.max_age)
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age == self.max_age
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue; Max-Age=%d" % (self.max_age)
assert cookie.get_expiration() == self.age_expiration
# Normalize
assert cookie.normalize_expiration() == self.age_expiration
assert cookie.max_age is None
assert cookie.expires == self.age_expiration
assert str(cookie) == "color=blue; Expires=%s" % (self.age_string)
# 1 cookie with name/value and Expires
s = 'color=blue; Expires=%s' % (self.expires_string)
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires == self.expires
assert cookie.secure is None
assert cookie.httponly is None
assert str(cookie) == "color=blue; Expires=%s" % (self.expires_string)
assert cookie.get_expiration() == self.expires
# Normalize
assert cookie.normalize_expiration() == self.expires
assert cookie.max_age is None
assert cookie.expires == self.expires
assert str(cookie) == "color=blue; Expires=%s" % (self.expires_string)
# 1 cookie with name/value witht both Max-Age and Expires, Max-Age takes precedence
s = 'color=blue; Expires=%s; max-age=%d' % (self.expires_string,
self.max_age)
cookies = Cookie.parse(s)
assert len(cookies) == 1
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age == self.max_age
assert cookie.expires == self.expires
assert cookie.secure is None
assert cookie.httponly is None
expected = "color=blue; Max-Age={}; Expires={}".format(
self.max_age, self.expires_string)
assert str(cookie) == expected
assert cookie.get_expiration() == self.age_expiration
# Normalize
assert cookie.normalize_expiration() == self.age_expiration
assert cookie.max_age is None
assert cookie.expires == self.age_expiration
assert str(cookie) == "color=blue; Expires=%s" % (self.age_string)
# Verify different types can be assigned to the timestamp and
# expires attribute.
cookie = Cookie('color', 'blue')
cookie.timestamp = self.now
assert cookie.timestamp == self.now
cookie.timestamp = self.now_timestamp
assert cookie.timestamp == self.now
cookie.timestamp = self.now_string
assert cookie.timestamp == self.now
assert cookie.expires is None
cookie.expires = self.expires
assert cookie.expires == self.expires
cookie.expires = self.expires_timestamp
assert cookie.expires == self.expires
cookie.expires = self.expires_string
assert cookie.expires == self.expires
def test_path(self):
cookie = Cookie('color', 'blue')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', path='/')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', path='/one')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', path='/oneX')
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
def test_parse(self):
# Empty string
s = ''
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 0)
# Invalid single token
s = 'color'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# Invalid single token that's keyword
s = 'HttpOnly'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# Invalid key/value pair whose key is a keyword
s = 'domain=example.com'
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# 1 cookie with empty value
s = 'color='
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, '')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=")
self.assertEqual(cookie.http_cookie(), "color=;")
# 1 cookie with name/value
s = 'color=blue'
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
self.assertEqual(cookie.http_cookie(), "color=blue;")
# 1 cookie with whose value is quoted
# Use "get by name" utility to extract specific cookie
s = 'color="blue"'
cookie = Cookie.get_named_cookie_from_string(s, 'color')
self.assertIsNotNone(cookie)
self.assertIsNotNone(cookie, Cookie)
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
self.assertEqual(cookie.http_cookie(), "color=blue;")
# 1 cookie with name/value and domain, path attributes.
# Change up the whitespace a bit.
s = 'color =blue; domain= example.com ; path = /toplevel '
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/toplevel')
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Domain=example.com; Path=/toplevel")
self.assertEqual(cookie.http_cookie(), "color=blue;")
# 2 cookies, various attributes
s = 'color=blue; Max-Age=3600; temperature=hot; HttpOnly'
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 2)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, 3600)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Max-Age=3600")
self.assertEqual(cookie.http_cookie(), "color=blue;")
cookie = cookies[1]
self.assertEqual(cookie.key, 'temperature')
self.assertEqual(cookie.value, 'hot')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, True)
self.assertEqual(str(cookie), "temperature=hot; HttpOnly")
self.assertEqual(cookie.http_cookie(), "temperature=hot;")
def test_attributes(self):
cookie = Cookie("color", "blue")
self.assertEqual(cookie.key, "color")
self.assertEqual(cookie.value, "blue")
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
cookie.domain = "example.com"
self.assertEqual(cookie.domain, "example.com")
cookie.domain = None
self.assertEqual(cookie.domain, None)
cookie.path = "/toplevel"
self.assertEqual(cookie.path, "/toplevel")
cookie.path = None
self.assertEqual(cookie.path, None)
cookie.max_age = 400
self.assertEqual(cookie.max_age, 400)
cookie.max_age = None
self.assertEqual(cookie.max_age, None)
cookie.expires = "Sun, 06 Nov 1994 08:49:37 GMT"
self.assertEqual(cookie.expires, datetime.datetime(1994, 11, 6, 8, 49, 37))
cookie.expires = None
self.assertEqual(cookie.expires, None)
cookie.secure = True
self.assertEqual(cookie.secure, True)
self.assertEqual(str(cookie), "color=blue; Secure")
cookie.secure = False
self.assertEqual(cookie.secure, False)
self.assertEqual(str(cookie), "color=blue")
cookie.secure = None
self.assertEqual(cookie.secure, None)
self.assertEqual(str(cookie), "color=blue")
cookie.httponly = True
self.assertEqual(cookie.httponly, True)
self.assertEqual(str(cookie), "color=blue; HttpOnly")
cookie.httponly = False
self.assertEqual(cookie.httponly, False)
self.assertEqual(str(cookie), "color=blue")
cookie.httponly = None
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
def test_expires(self):
# 1 cookie with name/value and no Max-Age and no Expires
s = 'color=blue;'
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
self.assertEqual(cookie.get_expiration(), None)
# Normalize
self.assertEqual(cookie.normalize_expiration(), None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(str(cookie), "color=blue")
# 1 cookie with name/value and Max-Age
s = 'color=blue; max-age=%d' % (self.max_age)
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, self.max_age)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Max-Age=%d" % (self.max_age))
self.assertEqual(cookie.get_expiration(), self.age_expiration)
# Normalize
self.assertEqual(cookie.normalize_expiration(), self.age_expiration)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.age_expiration)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.age_string))
# 1 cookie with name/value and Expires
s = 'color=blue; Expires=%s' % (self.expires_string)
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.expires)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.expires_string))
self.assertEqual(cookie.get_expiration(), self.expires)
# Normalize
self.assertEqual(cookie.normalize_expiration(), self.expires)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.expires)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.expires_string))
# 1 cookie with name/value witht both Max-Age and Expires, Max-Age takes precedence
s = 'color=blue; Expires=%s; max-age=%d' % (self.expires_string, self.max_age)
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, self.max_age)
self.assertEqual(cookie.expires, self.expires)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Max-Age=%d; Expires=%s" % (self.max_age, self.expires_string))
self.assertEqual(cookie.get_expiration(), self.age_expiration)
# Normalize
self.assertEqual(cookie.normalize_expiration(), self.age_expiration)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.age_expiration)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.age_string))
# Verify different types can be assigned to the timestamp and
# expires attribute.
cookie = Cookie('color', 'blue')
cookie.timestamp = self.now
self.assertEqual(cookie.timestamp, self.now)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.timestamp, self.now)
cookie.timestamp = self.now_string
self.assertEqual(cookie.timestamp, self.now)
self.assertEqual(cookie.expires, None)
cookie.expires = self.expires
self.assertEqual(cookie.expires, self.expires)
cookie.expires = self.expires_timestamp
self.assertEqual(cookie.expires, self.expires)
cookie.expires = self.expires_string
self.assertEqual(cookie.expires, self.expires)
def test_normalization(self):
cookie = Cookie('color', 'blue', expires=self.expires)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
url = 'http://example.COM/foo'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/')
self.assertEqual(cookie.expires, self.expires)
cookie = Cookie('color', 'blue', max_age=self.max_age)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
url = 'http://example.com/foo/'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/foo')
self.assertEqual(cookie.expires, self.age_expiration)
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/')
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo/bar'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/foo')
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo/bar/'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/foo/bar')
def test_secure(self):
cookie = Cookie("color", "blue", secure=True)
self.assertTrue(cookie.http_return_ok("https://Xexample.com"))
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok("http://Xexample.com"))
def test_normalization(self):
cookie = Cookie('color', 'blue', expires=self.expires)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
url = 'http://example.COM/foo'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/')
self.assertEqual(cookie.expires, self.expires)
cookie = Cookie('color', 'blue', max_age=self.max_age)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
url = 'http://example.com/foo/'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/foo')
self.assertEqual(cookie.expires, self.age_expiration)
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/')
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo/bar'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/foo')
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo/bar/'
cookie.normalize(url)
self.assertEqual(cookie.domain, 'example.com')
self.assertEqual(cookie.path, '/foo/bar')
def test_attributes(self):
cookie = Cookie('color', 'blue')
assert cookie.key == 'color'
assert cookie.value == 'blue'
assert cookie.domain is None
assert cookie.path is None
assert cookie.max_age is None
assert cookie.expires is None
assert cookie.secure is None
assert cookie.httponly is None
cookie.domain = 'example.com'
assert cookie.domain == 'example.com'
cookie.domain = None
assert cookie.domain is None
cookie.path = '/toplevel'
assert cookie.path == '/toplevel'
cookie.path = None
assert cookie.path is None
cookie.max_age = 400
assert cookie.max_age == 400
cookie.max_age = None
assert cookie.max_age is None
cookie.expires = 'Sun, 06 Nov 1994 08:49:37 GMT'
assert cookie.expires == datetime.datetime(
1994, 11, 6, 8, 49, 37, tzinfo=datetime.timezone.utc)
cookie.expires = None
assert cookie.expires is None
cookie.secure = True
assert cookie.secure is True
assert str(cookie) == "color=blue; Secure"
cookie.secure = False
assert cookie.secure is False
assert str(cookie) == "color=blue"
cookie.secure = None
assert cookie.secure is None
assert str(cookie) == "color=blue"
cookie.httponly = True
assert cookie.httponly is True
assert str(cookie) == "color=blue; HttpOnly"
cookie.httponly = False
assert cookie.httponly is False
assert str(cookie) == "color=blue"
cookie.httponly = None
assert cookie.httponly is None
assert str(cookie) == "color=blue"
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
'''
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
except Exception, e:
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_string, COOKIE_NAME)
except Exception, e:
return None
return session_cookie
def apply_session_cookie(self, url):
'''
Attempt to load a session cookie for the current principal
from the persistent secure storage. If the cookie is
successfully loaded adjust the input url's to point to the
session path and insert the session cookie into the per thread
context for later insertion into the HTTP request. If the
cookie is not successfully loaded then the original url is
returned and the per thread context is not modified.
def test_domain(self):
cookie = Cookie('color', 'blue', domain='www.foo.bar.com')
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', domain='.foo.bar.com')
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', domain='.bar.com')
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', domain='bar.com')
with pytest.raises(Cookie.URLMismatch):
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', domain='bogus.com')
with pytest.raises(Cookie.URLMismatch):
assert cookie.http_return_ok(self.url)
cookie = Cookie('color', 'blue', domain='www.foo.bar.com')
with pytest.raises(Cookie.URLMismatch):
assert cookie.http_return_ok('http://192.168.1.1/one/two')
def test_secure(self):
cookie = Cookie('color', 'blue', secure=True)
assert cookie.http_return_ok('https://Xexample.com')
with pytest.raises(Cookie.URLMismatch):
assert cookie.http_return_ok('http://Xexample.com')
def test_normalization(self):
cookie = Cookie('color', 'blue', expires=self.expires)
cookie.timestamp = self.now_timestamp
assert cookie.domain is None
assert cookie.path is None
url = 'http://example.COM/foo'
cookie.normalize(url)
assert cookie.domain == 'example.com'
assert cookie.path == '/'
assert cookie.expires == self.expires
cookie = Cookie('color', 'blue', max_age=self.max_age)
cookie.timestamp = self.now_timestamp
assert cookie.domain is None
assert cookie.path is None
url = 'http://example.com/foo/'
cookie.normalize(url)
assert cookie.domain == 'example.com'
assert cookie.path == '/foo'
assert cookie.expires == self.age_expiration
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo'
cookie.normalize(url)
assert cookie.domain == 'example.com'
assert cookie.path == '/'
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo/bar'
cookie.normalize(url)
assert cookie.domain == 'example.com'
assert cookie.path == '/foo'
cookie = Cookie('color', 'blue')
url = 'http://example.com/foo/bar/'
cookie.normalize(url)
assert cookie.domain == 'example.com'
assert cookie.path == '/foo/bar'
def test_secure(self):
cookie = Cookie('color', 'blue', secure=True)
self.assertTrue(cookie.http_return_ok('https://Xexample.com'))
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok('http://Xexample.com'))
def test_domain(self):
cookie = Cookie("color", "blue", domain="www.foo.bar.com")
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", domain=".foo.bar.com")
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", domain=".bar.com")
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", domain="bar.com")
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", domain="bogus.com")
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie("color", "blue", domain="www.foo.bar.com")
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok("http://192.168.1.1/one/two"))
def test_expires(self):
# 1 cookie with name/value and no Max-Age and no Expires
s = 'color=blue;'
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
self.assertEqual(cookie.get_expiration(), None)
# Normalize
self.assertEqual(cookie.normalize_expiration(), None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(str(cookie), "color=blue")
# 1 cookie with name/value and Max-Age
s = 'color=blue; max-age=%d' % (self.max_age)
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, self.max_age)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Max-Age=%d" % (self.max_age))
self.assertEqual(cookie.get_expiration(), self.age_expiration)
# Normalize
self.assertEqual(cookie.normalize_expiration(), self.age_expiration)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.age_expiration)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.age_string))
# 1 cookie with name/value and Expires
s = 'color=blue; Expires=%s' % (self.expires_string)
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.expires)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.expires_string))
self.assertEqual(cookie.get_expiration(), self.expires)
# Normalize
self.assertEqual(cookie.normalize_expiration(), self.expires)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.expires)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.expires_string))
# 1 cookie with name/value witht both Max-Age and Expires, Max-Age takes precedence
s = 'color=blue; Expires=%s; max-age=%d' % (self.expires_string, self.max_age)
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
# Force timestamp to known value
cookie.timestamp = self.now
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, self.max_age)
self.assertEqual(cookie.expires, self.expires)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue; Max-Age=%d; Expires=%s" % (self.max_age, self.expires_string))
self.assertEqual(cookie.get_expiration(), self.age_expiration)
# Normalize
self.assertEqual(cookie.normalize_expiration(), self.age_expiration)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, self.age_expiration)
self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.age_string))
# Verify different types can be assigned to the timestamp and
# expires attribute.
cookie = Cookie('color', 'blue')
cookie.timestamp = self.now
self.assertEqual(cookie.timestamp, self.now)
cookie.timestamp = self.now_timestamp
self.assertEqual(cookie.timestamp, self.now)
cookie.timestamp = self.now_string
self.assertEqual(cookie.timestamp, self.now)
self.assertEqual(cookie.expires, None)
cookie.expires = self.expires
self.assertEqual(cookie.expires, self.expires)
cookie.expires = self.expires_timestamp
self.assertEqual(cookie.expires, self.expires)
cookie.expires = self.expires_string
self.assertEqual(cookie.expires, self.expires)
def test_no_attributes(self):
cookie = Cookie("color", "blue")
self.assertTrue(cookie.http_return_ok(self.url))
class xmlclient(Connectible):
"""
Forwarding backend plugin for XML-RPC client.
Also see the `ipaserver.rpcserver.xmlserver` plugin.
"""
def __init__(self):
super(xmlclient, self).__init__()
self.__errors = dict((e.errno, e) for e in public_errors)
def get_url_list(self, xmlrpc_uri):
"""
Create a list of urls consisting of the available IPA servers.
"""
# the configured URL defines what we use for the discovered servers
(scheme, netloc, path, params, query,
fragment) = urlparse.urlparse(xmlrpc_uri)
servers = []
name = '_ldap._tcp.%s.' % self.env.domain
rs = dnsclient.query(name, dnsclient.DNS_C_IN, dnsclient.DNS_T_SRV)
for r in rs:
if r.dns_type == dnsclient.DNS_T_SRV:
rsrv = r.rdata.server.rstrip('.')
servers.append('https://%s%s' %
(ipautil.format_netloc(rsrv), path))
servers = list(set(servers))
# the list/set conversion won't preserve order so stick in the
# local config file version here.
cfg_server = xmlrpc_uri
if cfg_server in servers:
# make sure the configured master server is there just once and
# it is the first one
servers.remove(cfg_server)
servers.insert(0, cfg_server)
else:
servers.insert(0, cfg_server)
return servers
def get_session_cookie_from_persistent_storage(self, principal):
'''
Retrieves the session cookie for the given principal from the
persistent secure storage. Returns None if not found or unable
to retrieve the session cookie for any reason, otherwise
returns a Cookie object containing the session cookie.
'''
# Get the session data, it should contain a cookie string
# (possibly with more than one cookie).
try:
cookie_string = read_persistent_client_session_data(principal)
except Exception, e:
return None
# Search for the session cookie within the cookie string
try:
session_cookie = Cookie.get_named_cookie_from_string(
cookie_string, COOKIE_NAME)
except Exception, e:
return None
def test_attributes(self):
cookie = Cookie('color', 'blue')
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, 'blue')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
cookie.domain = 'example.com'
self.assertEqual(cookie.domain, 'example.com')
cookie.domain = None
self.assertEqual(cookie.domain, None)
cookie.path = '/toplevel'
self.assertEqual(cookie.path, '/toplevel')
cookie.path = None
self.assertEqual(cookie.path, None)
cookie.max_age = 400
self.assertEqual(cookie.max_age, 400)
cookie.max_age = None
self.assertEqual(cookie.max_age, None)
cookie.expires = 'Sun, 06 Nov 1994 08:49:37 GMT'
self.assertEqual(cookie.expires, datetime.datetime(1994, 11, 6, 8, 49, 37))
cookie.expires = None
self.assertEqual(cookie.expires, None)
cookie.secure = True
self.assertEqual(cookie.secure, True)
self.assertEqual(str(cookie), "color=blue; Secure")
cookie.secure = False
self.assertEqual(cookie.secure, False)
self.assertEqual(str(cookie), "color=blue")
cookie.secure = None
self.assertEqual(cookie.secure, None)
self.assertEqual(str(cookie), "color=blue")
cookie.httponly = True
self.assertEqual(cookie.httponly, True)
self.assertEqual(str(cookie), "color=blue; HttpOnly")
cookie.httponly = False
self.assertEqual(cookie.httponly, False)
self.assertEqual(str(cookie), "color=blue")
cookie.httponly = None
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=blue")
def test_domain(self):
cookie = Cookie('color', 'blue', domain='www.foo.bar.com')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', domain='.foo.bar.com')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', domain='.bar.com')
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', domain='bar.com')
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', domain='bogus.com')
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok(self.url))
cookie = Cookie('color', 'blue', domain='www.foo.bar.com')
with self.assertRaises(Cookie.URLMismatch):
self.assertTrue(cookie.http_return_ok('http://192.168.1.1/one/two'))
