class InvalidHeader(TestCase): def setUp(self): self.m = Middleware() def _do_test(self, header, gets_user=False): self.request = MockRequest(header) self.m.process_request(self.request) self.assertEquals(hasattr(self.request, 'user'), gets_user) def test_no_authorization_header(self): self._do_test(None) def test_fost_authz_no_creds(self): self._do_test('FOST') def test_fost_authz_no_secret(self): self._do_test('FOST key') def test_fost_authz_key_and_secret(self): def authenticate(**kwargs): return True with mock.patch('django.contrib.auth.authenticate', authenticate): self._do_test('FOST key:secret', gets_user=True) self.assertTrue(self.request.user)
class RequestHandling(TestCase): def setUp(self): self.m = Middleware() def test_signed_headers(self): request = MockRequest() self.m.process_request(request) self.assertTrue(hasattr(request, 'SIGNED'))
class AuthorizationParser(TestCase): def setUp(self): self.m = Middleware() def test_no_authorization_header(self): r = MockRequest(None) u = self.m.get_mechanism(r) self.assertEquals(u, [None, None]) def test_with_authorization_header(self): r = MockRequest('BASIC user:pass') u = self.m.get_mechanism(r) self.assertEquals(u, ['BASIC', 'user:pass']) def test_userpass(self): u = self.m.get_userpass('user:pass') self.assertEquals(u, ['user', 'pass']) def test_userpass_malformed(self): u = self.m.get_userpass('userpass') self.assertEquals(u, [None, None])
class URLSigning(TestCase): def setUp(self): self.request = MockRequest() self.request.GET['_k'] = 'key' self.request.GET['_e'] = 'expires' self.request.GET['_s'] = 'signature' self.m = Middleware() def authenticate(self, **kwargs): return True def test_incorrect_get(self): with mock.patch('django.contrib.auth.authenticate', self.authenticate): self.m.process_request(self.request) self.assertTrue(getattr(self.request, 'user', None)) def test_incorrect_head(self): self.request.method = 'HEAD' with mock.patch('django.contrib.auth.authenticate', self.authenticate): self.m.process_request(self.request) self.assertTrue(getattr(self.request, 'user', None)) def test_incorrect_post(self): self.request.method = 'POST' with mock.patch('django.contrib.auth.authenticate', self.authenticate): self.m.process_request(self.request) self.assertFalse(hasattr(self.request, 'user'))
class AuthorizationParser(TestCase): def setUp(self): self.m = Middleware() def test_no_authorization_header(self): r = MockRequest(None) u = self.m.get_mechanism(r) self.assertEquals(u, [None, None]) def test_with_authorization_header(self): r = MockRequest('BASIC user:pass') u = self.m.get_mechanism(r) self.assertEquals(u, ['BASIC', 'user:pass']) def test_userpass(self): u = self.m.get_userpass('user:pass') self.assertEquals(u, ['user', 'pass']) def test_userpass_malformed(self): u = self.m.get_userpass('userpass') self.assertEquals(u, [None, None]) def test_unicode_username(self): # Unicode 0x2014 is mdash u = self.m.get_userpass(u'user\u2014name:pass'.encode('utf-7')) self.assertEquals(u, [u'user\u2014name', 'pass']) def test_broken_utf7_username(self): u = self.m.get_userpass( u'Sn428Dzafk13UvHXhA+nKH91RvAIUi5gdtaU/txDHLvER:pass') self.assertEquals( u, [u'Sn428Dzafk13UvHXhA+nKH91RvAIUi5gdtaU/txDHLvER', 'pass'])
class AuthorizationParser(TestCase): def setUp(self): self.m = Middleware() def test_no_authorization_header(self): r = MockRequest(None) u = self.m.get_mechanism(r) self.assertEquals(u, [None, None]) def test_with_authorization_header(self): r = MockRequest('BASIC user:pass') u = self.m.get_mechanism(r) self.assertEquals(u, ['BASIC', 'user:pass']) def test_userpass(self): u = self.m.get_userpass('user:pass') self.assertEquals(u, ['user', 'pass']) def test_userpass_malformed(self): u = self.m.get_userpass('userpass') self.assertEquals(u, [None, None]) def test_unicode_username(self): # Unicode 0x2014 is mdash u = self.m.get_userpass(u'user\u2014name:pass'.encode('utf-7')) self.assertEquals(u, [u'user\u2014name', 'pass']) def test_broken_utf7_username(self): u = self.m.get_userpass(u'Sn428Dzafk13UvHXhA+nKH91RvAIUi5gdtaU/txDHLvER:pass') self.assertEquals(u, [u'Sn428Dzafk13UvHXhA+nKH91RvAIUi5gdtaU/txDHLvER', 'pass'])
def setUp(self): self.middleware = Middleware() self.backend = FostBackend() self.request = MockRequest()
def setUp(self): self.m = Middleware()
def setUp(self): self.request = MockRequest() self.request.GET['_k'] = 'key' self.request.GET['_e'] = 'expires' self.request.GET['_s'] = 'signature' self.m = Middleware()