class AppAuthenticationHeadersTest(unittest.TestCase):
def setUp(self):
app.config["SKIP_AUTHENTICATION"] = False # monkey patch
self.app = app.test_client()
self.btctxstore = BtcTxStore()
db.create_all()
def tearDown(self):
db.session.remove()
db.drop_all()
def test_success(self):
# create header date and authorization signature
wif = self.btctxstore.create_key()
btc_addr = self.btctxstore.get_address(wif)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True, usegmt=True)
message = app.config["ADDRESS"] + " " + header_date
header_authorization = self.btctxstore.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
url = '/api/register/{0}'.format(btc_addr)
rv = self.app.get(url, headers=headers)
data = json.loads(rv.data.decode("utf-8"))
self.assertEqual(btc_addr, data["btc_addr"])
self.assertEqual(rv.status_code, 200)
def test_fail(self):
# register without auth headres fails
btc_addr = self.btctxstore.get_address(self.btctxstore.get_key(self.btctxstore.create_wallet()))
rv = self.app.get('/api/register/{0}'.format(btc_addr))
self.assertEqual(rv.status_code, 401)
# register first because ping is lazy
wif = self.btctxstore.get_key(self.btctxstore.create_wallet())
btc_addr = self.btctxstore.get_address(wif)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True, usegmt=True)
message = app.config["ADDRESS"] + " " + header_date
header_authorization = self.btctxstore.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
url = '/api/register/{0}'.format(btc_addr)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
# ping without auth headres fails
time.sleep(app.config["MAX_PING"])
rv = self.app.get('/api/ping/{0}'.format(btc_addr))
self.assertEqual(rv.status_code, 401)
# set height without auth headres fails
btc_addr = self.btctxstore.get_address(self.btctxstore.get_key(self.btctxstore.create_wallet()))
rv = self.app.get('/api/height/{0}/10'.format(btc_addr))
self.assertEqual(rv.status_code, 401)
def test_core_audit(self):
"""
Test of providing correct arguments to the ``requests.post()``
and returning gotten response object.
"""
test_url_address = 'http://test.url.com'
file_hash = sha256(b'some test data').hexdigest()
seed = sha256(b'some test challenge seed').hexdigest()
btctx_api = BtcTxStore(testnet=True, dryrun=True)
sender_key = btctx_api.create_key()
audit_call_result = core.audit(test_url_address, sender_key,
btctx_api, file_hash, seed)
expected_calls = [call(
urljoin(test_url_address, '/api/audit/'),
data={
'data_hash': file_hash,
'challenge_seed': seed,
},
headers={
'sender-address': btctx_api.get_address(sender_key),
'signature': btctx_api.sign_unicode(sender_key, file_hash),
}
)]
self.assertListEqual(
self.mock_post.call_args_list,
expected_calls,
'In the audit() function requests.post() calls are unexpected'
)
self.assertIs(
self.mock_post.return_value,
audit_call_result,
'Returned value must be the object returned by the '
'``requests.post()``'
)
def test_fail(self):
# register without auth headres fails
rv = self.app.get('/api/register/{0}'.format(addresses["eta"]))
self.assertEqual(rv.status_code, 401)
# register first because ping is lazy
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True,
usegmt=True)
message = app.config["ADDRESS"] + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
url = '/api/register/{0}'.format(address)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
# ping without auth headres fails
time.sleep(app.config["MAX_PING"])
rv = self.app.get('/api/ping/{0}'.format(address))
self.assertEqual(rv.status_code, 401)
# set height without auth headres fails
rv = self.app.get('/api/height/{0}/10'.format(addresses["eta"]))
self.assertEqual(rv.status_code, 401)
def test_fail(self):
# register without auth headres fails
rv = self.app.get('/api/register/{0}'.format(addresses["eta"]))
self.assertEqual(rv.status_code, 401)
# register first because ping is lazy
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True, usegmt=True)
message = app.config["ADDRESS"] + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
url = '/api/register/{0}'.format(address)
rv = self.app.get(url, headers=headers)
self.assertEqual(rv.status_code, 200)
# ping without auth headres fails
time.sleep(app.config["MAX_PING"])
rv = self.app.get('/api/ping/{0}'.format(address))
self.assertEqual(rv.status_code, 401)
# set height without auth headres fails
rv = self.app.get('/api/height/{0}/10'.format(addresses["eta"]))
self.assertEqual(rv.status_code, 401)
def test_authenticate_headers_provide(self):
"""
Test of preparing and providing credential headers when ``sender_key``
and ``btctx_api`` are provided.
"""
btctx_api = BtcTxStore(testnet=True, dryrun=True)
sender_key = btctx_api.create_key()
signature = btctx_api.sign_unicode(sender_key, self.file_hash)
sender_address = btctx_api.get_address(sender_key)
self.mock_get.return_value = Response()
self.test_data_for_requests['headers'] = {
'sender-address': sender_address,
'signature': signature,
}
download_call_result = core.download(
self.test_url_address,
self.file_hash,
sender_key=sender_key,
btctx_api=btctx_api
)
expected_mock_calls = [call(
urljoin(self.test_url_address, '/api/files/' + self.file_hash),
**self.test_data_for_requests
)]
self.assertListEqual(
self.mock_get.call_args_list,
expected_mock_calls,
'In the download() function requests.get() calls are unexpected'
)
self.assertIsInstance(download_call_result, Response,
'Must return a response object')
def callback():
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True, usegmt=True)
header_authorization = blockchain.sign_unicode(wif, "lalala-wrong")
farmer.authenticate(header_authorization, header_date)
class TestSignUnicode(unittest.TestCase):
def setUp(self):
self.api = BtcTxStore(dryrun=True, testnet=True)
def test_sign_a(self):
wif = fixtures["wallet"]["wif"]
message = u"üöä"
address = self.api.get_address(wif)
sig = self.api.sign_unicode(wif, message)
valid = self.api.verify_signature_unicode(address, sig, message)
self.assertEqual(valid, True)
def test_sign_b(self):
wif = "cSuT2J14dYbe1zvB5z5WTXeRcMbj4tnoKssAK1ZQbnX5HtHfW3bi"
message = u"üöä"
address = self.api.get_address(wif)
sig = self.api.sign_unicode(wif, message)
valid = self.api.verify_signature_unicode(address, sig, message)
self.assertEqual(valid, True)
class TestSignUnicode(unittest.TestCase):
def setUp(self):
self.api = BtcTxStore(dryrun=True, testnet=True)
def test_sign_a(self):
wif = fixtures["wallet"]["wif"]
message = u"üöä"
address = self.api.get_address(wif)
sig = self.api.sign_unicode(wif, message)
valid = self.api.verify_signature_unicode(address, sig, message)
self.assertEqual(valid, True)
def test_sign_b(self):
wif = "cSuT2J14dYbe1zvB5z5WTXeRcMbj4tnoKssAK1ZQbnX5HtHfW3bi"
message = u"üöä"
address = self.api.get_address(wif)
sig = self.api.sign_unicode(wif, message)
valid = self.api.verify_signature_unicode(address, sig, message)
self.assertEqual(valid, True)
def test_authentication_success(self):
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True, usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
self.assertTrue(farmer.authenticate(header_authorization, header_date))
def callback():
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
header_date = formatdate(timeval=mktime(datetime.now().timetuple())
, localtime=True, usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": None, "Authorization": header_authorization}
farmer.authenticate(headers)
def test_authentication_success(self):
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True,
usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
self.assertTrue(farmer.authenticate(header_authorization, header_date))
def callback():
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
header_date = formatdate(timeval=mktime(
datetime.now().timetuple()),
localtime=True,
usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": None, "Authorization": header_authorization}
farmer.authenticate(headers)
def callback():
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
timeout = farmer.get_server_authentication_timeout()
date = datetime.now() - timedelta(seconds=timeout)
header_date = formatdate(timeval=mktime(date.timetuple()),
localtime=True, usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
farmer.authenticate(header_authorization, header_date)
def test_authentication_timeout_future_success(self):
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
timeout = farmer.get_server_authentication_timeout() - 5
date = datetime.now() + timedelta(seconds=timeout)
header_date = formatdate(timeval=mktime(date.timetuple()),
localtime=True, usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
self.assertTrue(farmer.authenticate(headers))
def callback():
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
timeout = farmer.get_server_authentication_timeout()
date = datetime.now() - timedelta(seconds=timeout)
header_date = formatdate(timeval=mktime(date.timetuple()),
localtime=True,
usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
farmer.authenticate(header_authorization, header_date)
def test_success(self):
# create header date and authorization signature
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True, usegmt=True)
message = app.config["ADDRESS"] + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
url = '/api/register/{0}'.format(address)
rv = self.app.get(url, headers=headers)
data = json.loads(rv.data.decode("utf-8"))
self.assertEqual(address, data["btc_addr"])
self.assertEqual(rv.status_code, 200)
def test_authentication_timeout_future_success(self):
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
farmer = Farmer(address)
timeout = farmer.get_server_authentication_timeout() - 5
date = datetime.now() + timedelta(seconds=timeout)
header_date = formatdate(timeval=mktime(date.timetuple()),
localtime=True,
usegmt=True)
message = farmer.get_server_address() + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
self.assertTrue(farmer.authenticate(headers))
def test_success(self):
# create header date and authorization signature
blockchain = BtcTxStore()
wif = blockchain.create_key()
address = blockchain.get_address(wif)
header_date = formatdate(timeval=mktime(datetime.now().timetuple()),
localtime=True,
usegmt=True)
message = app.config["ADDRESS"] + " " + header_date
header_authorization = blockchain.sign_unicode(wif, message)
headers = {"Date": header_date, "Authorization": header_authorization}
url = '/api/register/{0}'.format(address)
rv = self.app.get(url, headers=headers)
data = json.loads(rv.data.decode("utf-8"))
self.assertEqual(address, data["btc_addr"])
self.assertEqual(rv.status_code, 200)
def mph_status(assets=None):
with etc.database_lock:
verify.status_input(assets)
btctxstore = BtcTxStore(testnet=etc.testnet)
wif = lib.load_wif()
address = btctxstore.get_address(wif)
message = util.b2h(os.urandom(32))
signature = btctxstore.sign_unicode(wif, message)
if isinstance(signature, bytes): # XXX update btctxstore instead !!!
signature = signature.decode("utf-8")
return {
"funds": {
"address": address,
"message": message,
"signature": signature,
"liquidity": lib.get_hub_liquidity(assets=assets),
},
"current_terms": lib.get_terms(assets=assets),
"connections": lib.get_connections_status(assets=assets)
}
# Copyright (c) 2015 Fabian Barkhau <*****@*****.**>
# License: MIT (see LICENSE file)
from __future__ import print_function
from __future__ import unicode_literals
from btctxstore import BtcTxStore
import time
import cProfile
from pstats import Stats
api = BtcTxStore(testnet=True, dryrun=True) # use testing setup for example
wif = api.create_key() # create new private key
address = api.get_address(wif) # get private key address
message = "Signed ünicöde message."
signature = api.sign_unicode(wif, message)
profile = cProfile.Profile()
profile.enable()
begin = time.time()
for i in range(10):
assert(api.verify_signature_unicode(address, signature, message))
end = time.time()
stats = Stats(profile)
stats.strip_dirs()
stats.sort_stats('cumtime')
stats.print_stats()
# coding: utf-8
# Copyright (c) 2015 Fabian Barkhau <*****@*****.**>
# License: MIT (see LICENSE file)
from __future__ import print_function
from __future__ import unicode_literals
from btctxstore import BtcTxStore
import time
import cProfile
from pstats import Stats
api = BtcTxStore(testnet=True, dryrun=True) # use testing setup for example
wif = api.create_key() # create new private key
address = api.get_address(wif) # get private key address
message = "Signed ünicöde message."
signature = api.sign_unicode(wif, message)
profile = cProfile.Profile()
profile.enable()
begin = time.time()
for i in range(10):
assert (api.verify_signature_unicode(address, signature, message))
end = time.time()
stats = Stats(profile)
stats.strip_dirs()
stats.sort_stats('cumtime')
stats.print_stats()
print(end - begin)