def test_token_auth(self):
def target(controller, access_token):
if access_token != "bar":
raise ValueError()
return True
def target_bad(controller, *args, **kwargs):
return False
class TARA(object):
@decorators.auth_token(target=target)
def foo(self):
pass
@decorators.auth_token(target=target_bad)
def foo_bad(self):
pass
r = endpoints.Request()
c = TARA()
c.request = r
r.set_header('authorization', self.get_bearer_auth_header("foo"))
with self.assertRaises(endpoints.AccessDenied):
c.foo()
r.set_header('authorization', self.get_bearer_auth_header("bar"))
c.foo()
r = endpoints.Request()
c.request = r
r.body_kwargs["access_token"] = "foo"
with self.assertRaises(endpoints.AccessDenied):
c.foo()
r.body_kwargs["access_token"] = "bar"
c.foo()
r = endpoints.Request()
c.request = r
r.query_kwargs["access_token"] = "foo"
with self.assertRaises(endpoints.AccessDenied):
c.foo()
r.query_kwargs["access_token"] = "bar"
c.foo()
with self.assertRaises(endpoints.AccessDenied):
c.foo_bad()
def test_auth(self):
def target(controller, controller_args, controller_kwargs):
if controller.request.body_kwargs["foo"] != "bar":
raise ValueError()
return True
def target_bad(controller, *args, **kwargs):
return False
class TARA(object):
@decorators.auth(target=target)
def foo(self):
pass
@decorators.auth(target=target_bad)
def foo_bad(self):
pass
r = endpoints.Request()
r.body_kwargs = {"foo": "che"}
c = TARA()
c.request = r
with self.assertRaises(endpoints.AccessDenied):
c.foo()
r.body_kwargs = {"foo": "bar"}
c.foo()
def test_client_auth(self):
def target(controller, client_id, client_secret):
return client_id == "foo" and client_secret == "bar"
def target_bad(controller, *args, **kwargs):
return False
class TARA(object):
@decorators.auth_client(target=target)
def foo(self):
pass
@decorators.auth_client(target=target_bad)
def foo_bad(self):
pass
client_id = "foo"
client_secret = "..."
r = endpoints.Request()
r.set_header('authorization',
self.get_basic_auth_header(client_id, client_secret))
c = TARA()
c.request = r
with self.assertRaises(endpoints.AccessDenied):
c.foo()
client_secret = "bar"
r.set_header('authorization',
self.get_basic_auth_header(client_id, client_secret))
c.foo()
with self.assertRaises(endpoints.AccessDenied):
c.foo_bad()
def test_bad_setup(self):
def target(controller, *args, **kwargs):
return False
class TARA(object):
@decorators.auth_token(target=target)
def foo_token(self):
pass
@decorators.auth_client(target=target)
def foo_client(self):
pass
@decorators.auth_basic(target=target)
def foo_basic(self):
pass
@decorators.auth(target=target)
def foo_auth(self):
pass
r = endpoints.Request()
c = TARA()
c.request = r
for m in ["foo_token", "foo_client", "foo_basic", "foo_auth"]:
with self.assertRaises(endpoints.AccessDenied):
getattr(c, m)()
def test_basic_auth_simple(self):
def target(request, username, password):
if username != "bar":
raise ValueError()
return True
def target_bad(request, *args, **kwargs):
pass
class TARA(object):
@endpoints.decorators.auth.basic_auth(target=target)
def foo(self): pass
@endpoints.decorators.auth.basic_auth(target=target_bad)
def foo_bad(self): pass
username = "******"
password = "******"
r = endpoints.Request()
r.set_header('authorization', self.get_basic_auth_header(username, password))
c = TARA()
c.request = r
with self.assertRaises(endpoints.AccessDenied):
c.foo()
username = "******"
r.set_header('authorization', self.get_basic_auth_header(username, password))
c.foo()
with self.assertRaises(endpoints.AccessDenied):
c.foo_bad()
def test_bad_setup(self):
def target(request, *args, **kwargs):
pass
class TARA(object):
@endpoints.decorators.auth.token_auth(target=target)
def foo_token(self): pass
@endpoints.decorators.auth.client_auth(target=target)
def foo_client(self): pass
@endpoints.decorators.auth.basic_auth(target=target)
def foo_basic(self): pass
@endpoints.decorators.auth.auth(target=target)
def foo_auth(self): pass
r = endpoints.Request()
c = TARA()
c.request = r
for m in ["foo_token", "foo_client", "foo_basic", "foo_auth"]:
with self.assertRaises(endpoints.AccessDenied):
getattr(c, m)()
def create_controller():
class FakeController(endpoints.Controller):
def POST(self): pass
def GET(self): pass
res = endpoints.Response()
req = endpoints.Request()
req.method = 'GET'
c = FakeController(req, res)
return c
def test_param_unicode(self):
c = create_controller()
r = endpoints.Request()
r.set_header("content-type", "application/json;charset=UTF-8")
charset = r.encoding
c.request = r
#self.assertEqual("UTF-8", charset)
@endpoints.decorators.param('foo', type=str)
def foo(self, *args, **kwargs):
return kwargs.get('foo')
words = testdata.get_unicode_words()
ret = foo(c, **{"foo": words})
self.assertEqual(String(ret), String(words))
def test_throttle(self):
class TARA(object):
@ratelimit_ip(limit=3, ttl=1)
def foo(self):
return 1
@ratelimit_ip(limit=10, ttl=1)
def bar(self):
return 2
r_foo = endpoints.Request()
r_foo.set_header("X_FORWARDED_FOR", "276.0.0.1")
r_foo.path = "/foo"
c = TARA()
c.request = r_foo
for x in range(3):
r = c.foo()
self.assertEqual(1, r)
for x in range(2):
with self.assertRaises(CallError):
c.foo()
# make sure another path isn't messed with by foo
r_bar = Request()
r_bar.set_header("X_FORWARDED_FOR", "276.0.0.1")
r_bar.path = "/bar"
c.request = r_bar
for x in range(10):
r = c.bar()
self.assertEqual(2, r)
time.sleep(0.1)
with self.assertRaises(CallError):
c.bar()
c.request = r_foo
for x in range(3):
r = c.foo()
self.assertEqual(1, r)
for x in range(2):
with self.assertRaises(CallError):
c.foo()
def test_basic_auth_same_kwargs(self):
def target(request, username, password):
if username != "bar":
raise ValueError()
return True
class MockObject(object):
@endpoints.decorators.auth.basic_auth(target=target)
def foo(self, *args, **kwargs): return 1
c = MockObject()
username = "******"
password = "******"
r = endpoints.Request()
r.set_header('authorization', self.get_basic_auth_header(username, password))
c.request = r
# if no TypeError is raised then it worked :)
r = c.foo(request="this_should_error_out")
self.assertEqual(1, r)
