class TestHttpSigner(object):
    def setUp(self):
        self.none_signer = HttpSigner(None, HEADER)
        self.http_signer = HttpSigner(SECRET, HEADER)

    def test_none_signer_does_not_sign(self):
        req = Request('GET', 'http://example.com')
        req = self.none_signer(req)

        assert HEADER not in req.headers
        assert not self.http_signer.valid(req)

    def test_none_signer_does_not_sign_request_auth(self):
        req = Request('GET', 'http://example.com', auth=self.none_signer)
        prepared = req.prepare()

        assert HEADER not in prepared.headers
        assert not self.http_signer.valid(req)

    def test_signs_request_valid(self):
        req = Request('GET', 'http://example.com')
        req = self.http_signer(req)
        assert req.headers.get(HEADER) == SECRET
        assert self.http_signer.valid(req)

    def test_signs_request_invalid(self):
        req = Request('GET', 'http://example.com')
        req.headers[HEADER] = 'not-my-secret-key'
        assert req.headers.get(HEADER) != SECRET
        assert not self.http_signer.valid(req)

    def test_signs_request_auth(self):
        req = Request('GET', 'http://example.com', auth=self.http_signer)
        prepared = req.prepare()
        assert prepared.headers.get(HEADER) == SECRET
        assert self.http_signer.valid(prepared)
 def setUp(self):
     self.none_signer = HttpSigner(None, HEADER)
     self.http_signer = HttpSigner(SECRET, HEADER)
Esempio n. 3
0
def setup_http_signer(app):
    global http_signer
    from pybossa.http_signer import HttpSigner
    secret = app.config.get('SIGNATURE_SECRET')
    http_signer = HttpSigner(secret, 'X-Pybossa-Signature')