def testRequestAvatarIdInvalidToken(self): """ L{FacadeOAuthChecker.requestAvatarId} creates a L{FluidinfoSession} for the authenticated user only if the access token was properly formed (by calling dataToToken). """ secret = ''.join(sample(ALPHABET, 16)) user = createUser(u'username', u'password', u'User', u'*****@*****.**') createOAuthConsumer(user, secret=secret) self.store.commit() timestamp = 1314976811 headers = {'header1': 'foo'} arguments = 'argument1=bar' token = 'token' signature = 'wrong' nonce = 'nonce' credentials = OAuthCredentials('fluidinfo.com', user.username, token, 'HMAC-SHA1', signature, timestamp, nonce, 'GET', u'https://fluidinfo.com/foo', headers, arguments) deferred = self.checker.requestAvatarId(credentials) return self.assertFailure(deferred, UnauthorizedLogin)
def testCreateOAuthConsumerGeneratesRandomSecret(self): """ L{createOAuthConsumer} generates a random secret each time an L{OAuthConsumer} is created. """ user1 = createUser(u'user1', u'secret', u'User1', u'*****@*****.**') consumer1 = createOAuthConsumer(user1) user2 = createUser(u'user2', u'secret', u'User2', u'*****@*****.**') consumer2 = createOAuthConsumer(user2) self.assertNotEqual(consumer1.secret, consumer2.secret)
def testGetOAuthConsumers(self): """ L{getOAuthConsumers} returns all L{OAuthConsumer}s in the database when no filtering options are provided. """ user1 = createUser(u'user1', u'secret', u'User1', u'*****@*****.**') consumer1 = createOAuthConsumer(user1) user2 = createUser(u'user2', u'secret', u'User2', u'*****@*****.**') consumer2 = createOAuthConsumer(user2) self.assertEqual([(user1, consumer1), (user2, consumer2)], list(getOAuthConsumers().order_by(User.username)))
def testGetOAuthConsumersFilteredByUserID(self): """ L{getOAuthConsumers} returns the L{User} and L{OAuthConsumer} instances that match the specified L{User.id}. """ user1 = createUser(u'user1', u'secret', u'User1', u'*****@*****.**') consumer1 = createOAuthConsumer(user1) user2 = createUser(u'user2', u'secret', u'User2', u'*****@*****.**') createOAuthConsumer(user2) self.assertEqual((user1, consumer1), getOAuthConsumers(userIDs=[user1.id]).one())
def testRequestAvatarIdWithInvalidToken(self): """ L{FacadeOAuth2Checker.requestAvatarId} creates a L{FluidinfoSession} for the authenticated user only if the access token was properly formed (by calling dataToToken). """ user = createUser(u'user', u'pass', u'User', u'*****@*****.**') createOAuthConsumer(user, secret='secret16charlng1') self.store.commit() credentials = OAuth2Credentials(u'user', u'pass', token='xxx') deferred = self.checker.requestAvatarId(credentials) return self.assertFailure(deferred, UnauthorizedLogin)
def testRequestAvatarIdWithTokenMadeFromWrongSecret(self): """ L{FacadeOAuth2Checker.requestAvatarId} creates a L{FluidinfoSession} for the authenticated user only if the access token was created using the consumer's secret. """ user1 = createUser(u'user1', u'pass1', u'User1', u'*****@*****.**') createOAuthConsumer(user1, secret='secret16charlng1') user2 = createUser(u'user2', u'pass2', u'User2', u'*****@*****.**') self.store.commit() token = dataToToken('a' * 16, {'username': user2.username}) credentials = OAuth2Credentials(u'user1', u'pass1', token) deferred = self.checker.requestAvatarId(credentials) return self.assertFailure(deferred, UnauthorizedLogin)
def testAuthenticateUserWithOAuthUnknownUsernameInToken(self): """ L{FacadeAuthMixin.authenticateUserWithOAuth} raises a L{TNoSuchUser} exception if the username in the token does not match an existing L{User}. """ user1 = createUser(u'user1', u'pass1', u'User1', u'*****@*****.**') oauthConsumer1 = createOAuthConsumer(user1, secret='secret16charlng1') self.store.commit() timestamp = 1314976811 headers = {'header1': 'foo'} arguments = 'argument1=bar' token = dataToToken(oauthConsumer1.secret, {'username': u'unknownUser'}) signature = '3MNZYSgsGftopjuwv3g2u5Q+MZM=' nonce = 'nonce' credentials = OAuthCredentials( 'fluidinfo.com', user1.username, token, u'HMAC-SHA1', signature, timestamp, nonce, 'GET', 'https://fluidinfo.com/foo', headers, arguments) deferred = self.facade.authenticateUserWithOAuth(credentials) return self.assertFailure(deferred, TNoSuchUser)
def register(self, user, secret=None): """Register a L{User} (probably an application) as an L{OAuthConsumer}. @param user: The L{User} to register. @param secret: Optionally a C{str} with the OAuth consumer secret. @return: The L{OAuthConsumer} for the specified user. """ return createOAuthConsumer(user, secret)
def testCreateOAuthConsumerWithCustomSecret(self): """ L{createOAuthConsumer} will use a custom secret, when it's provided. """ secret = ''.join(sample(ascii_letters + digits, 16)) user = createUser(u'user1', u'secret', u'User1', u'*****@*****.**') consumer = createOAuthConsumer(user, secret) self.assertEqual(secret, consumer.secret)
def testCreateOAuthConsumerAddsToStore(self): """ L{createOAuthConsumer} adds the new L{OAuthConsumer} to the main store. """ user = createUser(u'user', u'secret', u'User', u'*****@*****.**') consumer = createOAuthConsumer(user) self.assertIdentical(consumer, self.store.find(OAuthConsumer).one())
def testCreateOAuthConsumer(self): """ L{createOAuthConsumer} creates a new L{OAuthConsumer} with a secret for the specified L{User}. """ user = createUser(u'username', u'secret', u'User', u'*****@*****.**') consumer = createOAuthConsumer(user) self.assertIdentical(user, consumer.user) self.assertEqual(16, len(consumer.secret)) self.assertNotIdentical(None, consumer.secret)
def testAuthenticateUserWithOAuth2UnknownUsernameInToken(self): """ L{FacadeAuthMixin.authenticateUserWithOAuth2} ignores the case in the consumer key. """ user = createUser(u'user', u'pass', u'User', u'*****@*****.**') oauthConsumer = createOAuthConsumer(user, secret='secret16charlng1') self.store.commit() token = dataToToken(oauthConsumer.secret, {'username': u'unknownUser'}) credentials = OAuth2Credentials(u'user', u'pass', token) deferred = self.facade.authenticateUserWithOAuth2(credentials) return self.assertFailure(deferred, TNoSuchUser)
def testAuthenticateUserWithOAuth2ConsumerPasswordIncorrect(self): """ L{FacadeAuthMixin.authenticateUserWithOAuth2} raises L{TPasswordIncorrect} if the consumer's password is not correct. """ user1 = createUser(u'user1', u'pass1', u'User1', u'*****@*****.**') oauthConsumer1 = createOAuthConsumer(user1, secret='secret16charlng1') user2 = createUser(u'user2', u'pass2', u'User2', u'*****@*****.**') self.store.commit() token = dataToToken(oauthConsumer1.secret, {'username': user2.username}) credentials = OAuth2Credentials(u'user1', u'invalid', token) deferred = self.facade.authenticateUserWithOAuth2(credentials) return self.assertFailure(deferred, TPasswordIncorrect)