def test_password_is_not_stored_in_plaintext(self):
password = "******"
token = snappass.set_password(password, 30)
redis_key = token.split(snappass.TOKEN_SEPARATOR)[0]
stored_password_text = snappass.redis_client.get(redis_key).decode(
'utf-8')
self.assertNotIn(password, stored_password_text)
def test_password_after_expiration(self):
password = '******'
key = snappass.set_password(password, 1)
time.sleep(1.5)
# Expire functionality must be explicitly invoked using do_expire(time).
# mockredis does not support automatic expiration at this time
snappass.redis_client.do_expire()
self.assertIsNone(snappass.get_password(key))
def test_password_after_expiration(self):
password = '******'
key = snappass.set_password(password, 1)
time.sleep(1.5)
# Expire functionality must be explicitly invoked using do_expire(time).
# mockredis does not support automatic expiration at this time
snappass.redis_client.do_expire()
self.assertIsNone(snappass.get_password(key))
def test_encryption_key_is_returned(self):
password = "******"
token = snappass.set_password(password, 30)
token_fragments = token.split(snappass.TOKEN_SEPARATOR)
redis_key, encryption_key = token_fragments
stored_password = snappass.redis_client.get(redis_key)
fernet = Fernet(encryption_key.encode('utf-8'))
decrypted_password = fernet.decrypt(stored_password).decode('utf-8')
self.assertEqual(password, decrypted_password)
def test_encryption_key_is_returned(self):
password = "******"
token = snappass.set_password(password, 30)
token_fragments = token.split(snappass.TOKEN_SEPARATOR)
redis_key, encryption_key = token_fragments
stored_password = snappass.redis_client.get(redis_key)
fernet = Fernet(encryption_key.encode('utf-8'))
decrypted_password = fernet.decrypt(stored_password).decode('utf-8')
self.assertEqual(password, decrypted_password)
def test_returned_token_format(self):
password = "******"
token = snappass.set_password(password, 30)
token_fragments = token.split(snappass.TOKEN_SEPARATOR)
self.assertEqual(2, len(token_fragments))
redis_key, encryption_key = token_fragments
self.assertEqual(32 + len(snappass.REDIS_PREFIX), len(redis_key))
try:
Fernet(encryption_key.encode('utf-8'))
except ValueError:
self.fail('the encryption key is not valid')
def test_returned_token_format(self):
password = "******"
token = snappass.set_password(password, 30)
token_fragments = token.split(snappass.TOKEN_SEPARATOR)
self.assertEqual(2, len(token_fragments))
redis_key, encryption_key = token_fragments
self.assertEqual(32 + len(snappass.REDIS_PREFIX), len(redis_key))
try:
Fernet(encryption_key.encode('utf-8'))
except ValueError:
self.fail('the encryption key is not valid')
def test_bots_denial(self):
"""
Main known bots User-Agent should be denied access
"""
password = "******"
key = snappass.set_password(password, 30)
a_few_sneaky_bots = [
"Slackbot-LinkExpanding 1.0 (+https://api.slack.com/robots)",
"facebookexternalhit/1.1", "Facebot/1.0", "Twitterbot/1.0",
"_WhatsApp/2.12.81 (Windows NT 6.1; U; es-ES) Presto/2.9.181 Version/12.00",
"WhatsApp/2.16.6/i", "SkypeUriPreview Preview/0.5"
]
for ua in a_few_sneaky_bots:
rv = self.app.get('/{0}'.format(key), headers={'User-Agent': ua})
self.assertEquals(rv.status_code, 404)
def test_bots_denial(self):
"""
Main known bots User-Agent should be denied access
"""
password = "******"
key = snappass.set_password(password, 30)
a_few_sneaky_bots = [
"Slackbot-LinkExpanding 1.0 (+https://api.slack.com/robots)",
"facebookexternalhit/1.1",
"Facebot/1.0",
"Twitterbot/1.0",
"_WhatsApp/2.12.81 (Windows NT 6.1; U; es-ES) Presto/2.9.181 Version/12.00",
"WhatsApp/2.16.6/i",
"SkypeUriPreview Preview/0.5"
]
for ua in a_few_sneaky_bots:
rv = self.app.get('/{0}'.format(key), headers={ 'User-Agent': ua })
self.assertEquals(rv.status_code, 404)
def test_show_password(self):
password = "******"
key = snappass.set_password(password, 30)
rv = self.app.get('/{}'.format(key))
self.assertIn(password, rv.data)
def test_password_after_expiration(self):
password = '******'
key = snappass.set_password(password, 1)
time.sleep(1.5)
self.assertEqual(None, snappass.get_password(key))
def test_password_is_decoded(self):
password = "******"
key = snappass.set_password(password, 30)
self.assertFalse(isinstance(snappass.get_password(key), bytes))
def test_set_password(self):
"""Ensure we return a 32-bit key."""
key = snappass.set_password("foo", 30)
self.assertEqual(32, len(key))
def test_password_before_expiration(self):
password = '******'
key = snappass.set_password(password, 1)
self.assertEqual(password, snappass.get_password(key))
def test_password_is_decoded(self):
password = "******"
key = snappass.set_password(password, 30)
self.assertFalse(isinstance(snappass.get_password(key), bytes))
def test_show_password(self):
password = "******"
key = snappass.set_password(password, 30)
rv = self.app.get('/{}'.format(key))
self.assertIn(password, rv.data)
def test_password_after_expiration(self):
password = '******'
key = snappass.set_password(password, 1)
time.sleep(1.5)
self.assertEqual(None, snappass.get_password(key))
def test_show_password(self):
password = "******"
key = snappass.set_password(password, 30)
rv = self.app.get('/{0}'.format(key))
self.assertTrue(password in rv.get_data(as_text=True))
def test_get_password(self):
password = "******"
key = snappass.set_password(password, 30)
self.assertEqual(password, snappass.get_password(key))
# Assert that we can't look this up a second time.
self.assertEqual(None, snappass.get_password(key))
def test_set_password(self):
"""Ensure we return a 32-bit key."""
key = snappass.set_password("foo", 30)
self.assertEqual(32, len(key))
def test_password_before_expiration(self):
password = '******'
key = snappass.set_password(password, 1)
self.assertEqual(password, snappass.get_password(key))
def test_get_password(self):
password = "******"
key = snappass.set_password(password, 30)
self.assertEqual(password, snappass.get_password(key))
# Assert that we can't look this up a second time.
self.assertEqual(None, snappass.get_password(key))
def test_show_password(self):
password = "******"
key = snappass.set_password(password, 30)
rv = self.app.get('/{0}'.format(key))
self.assertTrue(password in rv.get_data(as_text=True))
def test_password_is_not_stored_in_plaintext(self):
password = "******"
token = snappass.set_password(password, 30)
redis_key = token.split(snappass.TOKEN_SEPARATOR)[0]
stored_password_text = snappass.redis_client.get(redis_key).decode('utf-8')
self.assertNotIn(password, stored_password_text)
