def build_auth_header(request, token, user):
"""
Builds an HTTP basic auth header for thte given user or token.
"""
if request.param == 'client':
generated_token = generate_token(decode=True, user=user.name)
else:
generated_token = generate_token(decode=True, token=token.token)
token_string = ':{}'.format(generated_token)
encoded_token = token_string.encode('latin-1')
string64 = base64.b64encode(encoded_token).decode('latin-1')
return 'Basic %s' % (string64)
def test_read_token(timed_serializer):
"""
Tests read_token
"""
token = generate_token(user='******')
token_dict = read_token(token)
assert token_dict == {'user': '******'}
def test_jsonify_token(timed_serializer):
"""
Tests whether generate_token can make a jsonificable token.
"""
token = generate_token(user='******')
jsonified_token = json.dumps({'token': token})
assert type(jsonified_token) == str
def test_generate_token(timed_serializer):
"""
Tests the generation of a token
"""
token = generate_token(user='******')
r = timed_serializer.loads(token)
assert r == {'user': '******'}
def test_token_authentication_eternal(dummy_admin, token):
original_string = ':{}'.format(generate_token(token=token.token))
encoded_string = original_string.encode('latin-1')
string64 = base64.b64encode(encoded_string).decode('latin-1')
auth_string = 'Basic %s' % (string64)
result = authenticate_by_token(auth_string)
assert result == dummy_admin
def test_generate_token_expiration(timed_serializer):
"""
Tests the generation of an expired token
"""
token = generate_token(expiration=0, user='******')
time.sleep(1)
with pytest.raises(SignatureExpired):
timed_serializer.loads(token)
def test_token_authentication(dummy_user):
token = generate_token(decode=True, user=dummy_user.name)
original_string = 'dank:{}'.format(token)
encoded_string = original_string.encode('latin-1')
string64 = base64.b64encode(encoded_string).decode('latin-1')
auth_string = 'Basic %s' % (string64)
result = authenticate_by_token(auth_string)
assert result == dummy_user
def test_token_auth_eternal_disabled_user(disabled_user, disabled_token):
"""
Verifies that eternal token authentication with a disabled user fails.
"""
token = generate_token(token=disabled_token.token)
original_string = ':{}'.format(token)
encoded_string = original_string.encode('latin-1')
string64 = base64.b64encode(encoded_string).decode('latin-1')
auth_string = 'Basic %s' % (string64)
result = authenticate_by_token(auth_string)
assert result is None
def test_read_token_eternal():
token = generate_token(expiration=-1, token='somestring')
token_dict = read_token(token)
assert token_dict == {'token': 'somestring'}
def test_read_token_expired():
token = generate_token(expiration=0, user='******')
time.sleep(1)
with pytest.raises(SignatureExpired):
read_token(token)