Esempi in Python per BaseEndpoint

Esempio n. 1

    def test_oauth_timestamp(self):
        """Check for a valid UNIX timestamp."""
        v = RequestValidator()
        e = BaseEndpoint(v)

        # Invalid timestamp length, must be 10
        r = e._create_request(
            'https://a.b/', 'GET',
            ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
             'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
             'oauth_timestamp=123456789'), URLENCODED)
        self.assertRaises(errors.InvalidRequestError,
                          e._check_mandatory_parameters, r)

        # Invalid timestamp age, must be younger than 10 minutes
        r = e._create_request(
            'https://a.b/', 'GET',
            ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
             'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
             'oauth_timestamp=1234567890'), URLENCODED)
        self.assertRaises(errors.InvalidRequestError,
                          e._check_mandatory_parameters, r)

        # Timestamp must be an integer
        r = e._create_request(
            'https://a.b/', 'GET',
            ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
             'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
             'oauth_timestamp=123456789a'), URLENCODED)
        self.assertRaises(errors.InvalidRequestError,
                          e._check_mandatory_parameters, r)

Esempio n. 2

File: test_base.py Progetto: Bachmann1234/oauthlib

    def test_oauth_timestamp(self):
        """Check for a valid UNIX timestamp."""
        v = RequestValidator()
        e = BaseEndpoint(v)

        # Invalid timestamp length, must be 10
        r = e._create_request('https://a.b/', 'GET',
                ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
                 'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
                 'oauth_timestamp=123456789'),
                URLENCODED)
        self.assertRaises(errors.InvalidRequestError,
                e._check_mandatory_parameters, r)

        # Invalid timestamp age, must be younger than 10 minutes
        r = e._create_request('https://a.b/', 'GET',
                ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
                 'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
                 'oauth_timestamp=1234567890'),
                URLENCODED)
        self.assertRaises(errors.InvalidRequestError,
                e._check_mandatory_parameters, r)

        # Timestamp must be an integer
        r = e._create_request('https://a.b/', 'GET',
                ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
                 'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
                 'oauth_timestamp=123456789a'),
                URLENCODED)
        self.assertRaises(errors.InvalidRequestError,
                e._check_mandatory_parameters, r)

Esempio n. 3

File: test_base.py Progetto: Bachmann1234/oauthlib

 def test_mandated_params(self):
     """Ensure all mandatory params are present."""
     v = RequestValidator()
     e = BaseEndpoint(v)
     r = e._create_request('https://a.b/', 'GET',
             'oauth_signature=a&oauth_consumer_key=b&oauth_nonce',
             URLENCODED)
     self.assertRaises(errors.InvalidRequestError,
             e._check_mandatory_parameters, r)

Esempio n. 4

 def test_enforce_ssl(self):
     """Ensure SSL is enforced by default."""
     v = RequestValidator()
     e = BaseEndpoint(v)
     c = Client('foo')
     u, h, b = c.sign('http://example.com')
     r = e._create_request(u, 'GET', b, h)
     self.assertRaises(errors.InsecureTransportError,
                       e._check_transport_security, r)

Esempio n. 5

 def test_mandated_params(self):
     """Ensure all mandatory params are present."""
     v = RequestValidator()
     e = BaseEndpoint(v)
     r = e._create_request(
         'https://a.b/', 'GET',
         'oauth_signature=a&oauth_consumer_key=b&oauth_nonce', URLENCODED)
     self.assertRaises(errors.InvalidRequestError,
                       e._check_mandatory_parameters, r)

Esempio n. 6

File: test_base.py Progetto: Bachmann1234/oauthlib

 def test_enforce_ssl(self):
     """Ensure SSL is enforced by default."""
     v = RequestValidator()
     e = BaseEndpoint(v)
     c = Client('foo')
     u, h, b = c.sign('http://example.com')
     r = e._create_request(u, 'GET', b, h)
     self.assertRaises(errors.InsecureTransportError,
             e._check_transport_security, r)

Esempio n. 7

 def test_case_insensitive_headers(self):
     """Ensure headers are case-insensitive"""
     v = RequestValidator()
     e = BaseEndpoint(v)
     r = e._create_request(
         'https://a.b', 'POST',
         ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
          'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
          'oauth_timestamp=123456789a'), URLENCODED)
     self.assertIsInstance(r.headers, CaseInsensitiveDict)

Esempio n. 8

File: test_base.py Progetto: idan/oauthlib

 def test_case_insensitive_headers(self):
     """Ensure headers are case-insensitive"""
     v = RequestValidator()
     e = BaseEndpoint(v)
     r = e._create_request('https://a.b', 'POST',
             ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
              'oauth_version=1.0&oauth_signature_method=RSA-SHA1&'
              'oauth_timestamp=123456789a'),
             URLENCODED)
     self.assertIsInstance(r.headers, CaseInsensitiveDict)

Esempio n. 9

File: test_base.py Progetto: Bachmann1234/oauthlib

class SignatureVerificationTest(TestCase):

    def setUp(self):
        v = ClientValidator()
        self.e = BaseEndpoint(v)

        self.uri = 'https://example.com/'
        self.sig = ('oauth_signature=%s&'
                    'oauth_timestamp=1234567890&'
                    'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
                    'oauth_version=1.0&'
                    'oauth_signature_method=%s&'
                    'oauth_token=abcdefghijklmnopqrstuvxyz&'
                    'oauth_consumer_key=foo')

    def test_signature_too_short(self):
        short_sig = ('oauth_signature=fmrXnTF4lO4o%2BD0%2FlZaJHP%2FXqEY&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=HMAC-SHA1&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = self.e._create_request(self.uri, 'GET', short_sig, URLENCODED)
        self.assertFalse(self.e._check_signature(r))

        plain = ('oauth_signature=correctlengthbutthewrongcontent1111&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=PLAINTEXT&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = self.e._create_request(self.uri, 'GET', plain, URLENCODED)
        self.assertFalse(self.e._check_signature(r))

    def test_hmac_signature(self):
        hmac_sig = "fmrXnTF4lO4o%2BD0%2FlZaJHP%2FXqEY%3D"
        sig = self.sig % (hmac_sig, "HMAC-SHA1")
        r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
        self.assertTrue(self.e._check_signature(r))

    def test_rsa_signature(self):
        rsa_sig = ("fxFvCx33oKlR9wDquJ%2FPsndFzJphyBa3RFPPIKi3flqK%2BJ7yIrMVbH"
                   "YTM%2FLHPc7NChWz4F4%2FzRA%2BDN1k08xgYGSBoWJUOW6VvOQ6fbYhMA"
                   "FkOGYbuGDbje487XMzsAcv6ZjqZHCROSCk5vofgLk2SN7RZ3OrgrFzf4in"
                   "xetClqA%3D")
        sig = self.sig % (rsa_sig, "RSA-SHA1")
        r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
        self.assertTrue(self.e._check_signature(r))

    def test_plaintext_signature(self):
        plain_sig = "super%252520secret%26even%252520more%252520secret"
        sig = self.sig % (plain_sig, "PLAINTEXT")
        r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
        self.assertTrue(self.e._check_signature(r))

Esempio n. 10

File: test_base.py Progetto: Bachmann1234/oauthlib

 def test_oauth_version(self):
     """OAuth version must be 1.0 if present."""
     v = RequestValidator()
     e = BaseEndpoint(v)
     r = e._create_request('https://a.b/', 'GET',
             ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
              'oauth_timestamp=a&oauth_signature_method=RSA-SHA1&'
              'oauth_version=2.0'),
             URLENCODED)
     self.assertRaises(errors.InvalidRequestError,
             e._check_mandatory_parameters, r)

Esempio n. 11

File: test_base.py Progetto: timgates42/oauthlib

class SignatureVerificationTest(TestCase):

    def setUp(self):
        v = ClientValidator()
        self.e = BaseEndpoint(v)

        self.uri = 'https://example.com/'
        self.sig = ('oauth_signature=%s&'
                    'oauth_timestamp=1234567890&'
                    'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
                    'oauth_version=1.0&'
                    'oauth_signature_method=%s&'
                    'oauth_token=abcdefghijklmnopqrstuvxyz&'
                    'oauth_consumer_key=foo')

    def test_signature_too_short(self):
        short_sig = ('oauth_signature=fmrXnTF4lO4o%2BD0%2FlZaJHP%2FXqEY&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=HMAC-SHA1&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = self.e._create_request(self.uri, 'GET', short_sig, URLENCODED)
        self.assertFalse(self.e._check_signature(r))

        plain = ('oauth_signature=correctlengthbutthewrongcontent1111&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=PLAINTEXT&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = self.e._create_request(self.uri, 'GET', plain, URLENCODED)
        self.assertFalse(self.e._check_signature(r))

    def test_hmac_signature(self):
        hmac_sig = "fmrXnTF4lO4o%2BD0%2FlZaJHP%2FXqEY%3D"
        sig = self.sig % (hmac_sig, "HMAC-SHA1")
        r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
        self.assertTrue(self.e._check_signature(r))

    def test_rsa_signature(self):
        rsa_sig = ("fxFvCx33oKlR9wDquJ%2FPsndFzJphyBa3RFPPIKi3flqK%2BJ7yIrMVbH"
                   "YTM%2FLHPc7NChWz4F4%2FzRA%2BDN1k08xgYGSBoWJUOW6VvOQ6fbYhMA"
                   "FkOGYbuGDbje487XMzsAcv6ZjqZHCROSCk5vofgLk2SN7RZ3OrgrFzf4in"
                   "xetClqA%3D")
        sig = self.sig % (rsa_sig, "RSA-SHA1")
        r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
        self.assertTrue(self.e._check_signature(r))

    def test_plaintext_signature(self):
        plain_sig = "super%252520secret%26even%252520more%252520secret"
        sig = self.sig % (plain_sig, "PLAINTEXT")
        r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
        self.assertTrue(self.e._check_signature(r))

Esempio n. 12

 def test_oauth_version(self):
     """OAuth version must be 1.0 if present."""
     v = RequestValidator()
     e = BaseEndpoint(v)
     r = e._create_request(
         'https://a.b/', 'GET',
         ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
          'oauth_timestamp=a&oauth_signature_method=RSA-SHA1&'
          'oauth_version=2.0'), URLENCODED)
     self.assertRaises(errors.InvalidRequestError,
                       e._check_mandatory_parameters, r)

Esempio n. 13

    def setUp(self):
        v = ClientValidator()
        self.e = BaseEndpoint(v)

        self.uri = 'https://example.com/'
        self.sig = ('oauth_signature=%s&'
                    'oauth_timestamp=1234567890&'
                    'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
                    'oauth_version=1.0&'
                    'oauth_signature_method=%s&'
                    'oauth_token=abcdefghijklmnopqrstuvxyz&'
                    'oauth_consumer_key=foo')

Esempio n. 14

 def test_duplicate_params(self):
     """Ensure params are only supplied once"""
     v = RequestValidator()
     e = BaseEndpoint(v)
     self.assertRaises(errors.InvalidRequestError, e._create_request,
                       'https://a.b/?oauth_version=a&oauth_version=b',
                       'GET', None, URLENCODED)
     self.assertRaises(errors.InvalidRequestError, e._create_request,
                       'https://a.b/', 'GET',
                       'oauth_version=a&oauth_version=b', URLENCODED)

Esempio n. 15

File: test_base.py Progetto: Bachmann1234/oauthlib

    def setUp(self):
        v = ClientValidator()
        self.e = BaseEndpoint(v)

        self.uri = 'https://example.com/'
        self.sig = ('oauth_signature=%s&'
                    'oauth_timestamp=1234567890&'
                    'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
                    'oauth_version=1.0&'
                    'oauth_signature_method=%s&'
                    'oauth_token=abcdefghijklmnopqrstuvxyz&'
                    'oauth_consumer_key=foo')

Esempio n. 16

File: test_base.py Progetto: Ryan-K/oauthlib

    def test_signature_verification(self):
        v = ClientValidator()
        e = BaseEndpoint(v)

        uri = 'https://example.com/'
        short_sig = ('oauth_signature=fmrXnTF4lO4o%2BD0%2FlZaJHP%2FXqEY&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=HMAC-SHA1&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = e._create_request(uri, 'GET', short_sig, URLENCODED)
        self.assertFalse(e._check_signature(r))

        plain = ('oauth_signature=correctlengthbutthewrongcontent1111&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=PLAINTEXT&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = e._create_request(uri, 'GET', plain, URLENCODED)
        self.assertFalse(e._check_signature(r))

Esempio n. 17

 def test_multiple_source_params(self):
     """Check for duplicate params"""
     v = RequestValidator()
     e = BaseEndpoint(v)
     self.assertRaises(errors.InvalidRequestError, e._create_request,
                       'https://a.b/?oauth_signature_method=HMAC-SHA1',
                       'GET', 'oauth_version=foo', URLENCODED)
     headers = {'Authorization': 'OAuth oauth_signature="foo"'}
     headers.update(URLENCODED)
     self.assertRaises(errors.InvalidRequestError, e._create_request,
                       'https://a.b/?oauth_signature_method=HMAC-SHA1',
                       'GET', 'oauth_version=foo', headers)
     headers = {'Authorization': 'OAuth oauth_signature_method="foo"'}
     headers.update(URLENCODED)
     self.assertRaises(errors.InvalidRequestError, e._create_request,
                       'https://a.b/', 'GET', 'oauth_signature=foo',
                       headers)

Esempio n. 18

File: test_base.py Progetto: luciocorrea/oauthlib

    def test_signature_verification(self):
        v = ClientValidator()
        e = BaseEndpoint(v)

        uri = 'https://example.com/'
        short_sig = ('oauth_signature=fmrXnTF4lO4o%2BD0%2FlZaJHP%2FXqEY&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=HMAC-SHA1&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = e._create_request(uri, 'GET', short_sig, URLENCODED)
        self.assertFalse(e._check_signature(r))

        plain = ('oauth_signature=correctlengthbutthewrongcontent1111&'
              'oauth_timestamp=1234567890&'
              'oauth_nonce=abcdefghijklmnopqrstuvwxyz&'
              'oauth_version=1.0&oauth_signature_method=PLAINTEXT&'
              'oauth_token=abcdefghijklmnopqrstuvxyz&'
              'oauth_consumer_key=foo')
        r = e._create_request(uri, 'GET', plain, URLENCODED)
        self.assertFalse(e._check_signature(r))

Esempio n. 19

    def test_signature_method_validation(self):
        """Ensure valid signature method is used."""

        body = ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
                'oauth_version=1.0&oauth_signature_method=%s&'
                'oauth_timestamp=1234567890')

        uri = 'https://example.com/'

        class HMACValidator(RequestValidator):
            @property
            def allowed_signature_methods(self):
                return (SIGNATURE_HMAC, )

        v = HMACValidator()
        e = BaseEndpoint(v)
        r = e._create_request(uri, 'GET', body % 'RSA-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'PLAINTEXT', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'shibboleth', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)

        class RSAValidator(RequestValidator):
            @property
            def allowed_signature_methods(self):
                return (SIGNATURE_RSA, )

        v = RSAValidator()
        e = BaseEndpoint(v)
        r = e._create_request(uri, 'GET', body % 'HMAC-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'PLAINTEXT', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'shibboleth', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)

        class PlainValidator(RequestValidator):
            @property
            def allowed_signature_methods(self):
                return (SIGNATURE_PLAINTEXT, )

        v = PlainValidator()
        e = BaseEndpoint(v)
        r = e._create_request(uri, 'GET', body % 'HMAC-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'RSA-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'shibboleth', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                          e._check_mandatory_parameters, r)

Esempio n. 20

File: test_base.py Progetto: Bachmann1234/oauthlib

    def test_signature_method_validation(self):
        """Ensure valid signature method is used."""

        body = ('oauth_signature=a&oauth_consumer_key=b&oauth_nonce=c&'
                'oauth_version=1.0&oauth_signature_method=%s&'
                'oauth_timestamp=1234567890')

        uri = 'https://example.com/'

        class HMACValidator(RequestValidator):

            @property
            def allowed_signature_methods(self):
                return (SIGNATURE_HMAC,)

        v = HMACValidator()
        e = BaseEndpoint(v)
        r = e._create_request(uri, 'GET', body % 'RSA-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'PLAINTEXT', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'shibboleth', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)

        class RSAValidator(RequestValidator):

            @property
            def allowed_signature_methods(self):
                return (SIGNATURE_RSA,)

        v = RSAValidator()
        e = BaseEndpoint(v)
        r = e._create_request(uri, 'GET', body % 'HMAC-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'PLAINTEXT', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'shibboleth', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)

        class PlainValidator(RequestValidator):

            @property
            def allowed_signature_methods(self):
                return (SIGNATURE_PLAINTEXT,)

        v = PlainValidator()
        e = BaseEndpoint(v)
        r = e._create_request(uri, 'GET', body % 'HMAC-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'RSA-SHA1', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)
        r = e._create_request(uri, 'GET', body % 'shibboleth', URLENCODED)
        self.assertRaises(errors.InvalidSignatureMethodError,
                e._check_mandatory_parameters, r)