def test_outdated_delta(self): """ If the delta between now and the timestamp in the request is larger than C{timestamp_delta_limit}, the request is rejected. """ custOpts = {"timestamp_delta_limit": 1} custOpts.update(resourceOptions) session = MockPublisherSession(self) resource = PublisherResource(custOpts, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'timestamp'] = [b"2011-10-14T16:59:51.123Z"] with LogCapturer() as l: request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) errors = l.get_category("AR464") self.assertEqual(len(errors), 1) self.assertEqual(errors[0]["code"], 400)
def test_wrong_seq(self): """ A missing sequence in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'seq'] = [b"notaseq"] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn(b"invalid sequence number 'notaseq' (must be an integer)", request.get_written_data())
def test_no_seq(self): """ A missing sequence in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) del signedParams[b'seq'] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn(b"signed request required, but mandatory 'seq' field missing", request.get_written_data())
def test_wrong_timestamp(self): """ An invalid timestamp in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'timestamp'] = [b"notatimestamp"] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn(b"invalid timestamp 'notatimestamp' (must be UTC/ISO-8601," b" e.g. '2011-10-14T16:59:51.123Z')", request.get_written_data())
def test_invalid_nonce(self): """ An invalid nonce in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'nonce'] = [b"notanonce"] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn(b"invalid nonce 'notanonce' (must be an integer)", request.get_written_data())
def test_outdated_delta(self): """ If the delta between now and the timestamp in the request is larger than C{timestamp_delta_limit}, the request is rejected. """ custOpts = {"timestamp_delta_limit": 1} custOpts.update(resourceOptions) session = MockPublisherSession(self) resource = PublisherResource(custOpts, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'timestamp'] = [b"2011-10-14T16:59:51.123Z"] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn(b"request expired (delta", request.get_written_data())
def test_wrong_seq(self): """ A missing sequence in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'seq'] = [b"notaseq"] with LogCapturer() as l: request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) errors = l.get_category("AR462") self.assertEqual(len(errors), 1) self.assertEqual(errors[0]["code"], 400)
def test_no_seq(self): """ A missing sequence in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) del signedParams[b'seq'] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn( b"signed request required, but mandatory 'seq' field missing", request.get_written_data())
def test_wrong_timestamp(self): """ An invalid timestamp in a request should mean the request is rejected. """ session = MockPublisherSession(self) resource = PublisherResource(resourceOptions, session) signedParams = makeSignedArguments({}, "bazapp", "foobar", publishBody) signedParams[b'timestamp'] = [b"notatimestamp"] request = yield renderResource( resource, b"/", method=b"POST", headers={b"Content-Type": [b"application/json"]}, body=publishBody, params=signedParams) self.assertEqual(request.code, 400) self.assertIn( b"invalid timestamp 'notatimestamp' (must be UTC/ISO-8601," b" e.g. '2011-10-14T16:59:51.123Z')", request.get_written_data())