class InvalidHeader(TestCase):
def setUp(self):
self.m = Middleware()
def _do_test(self, header, gets_user=False):
self.request = MockRequest(header)
self.m.process_request(self.request)
self.assertEquals(hasattr(self.request, 'user'), gets_user)
def test_no_authorization_header(self):
self._do_test(None)
def test_fost_authz_no_creds(self):
self._do_test('FOST')
def test_fost_authz_no_secret(self):
self._do_test('FOST key')
def test_fost_authz_key_and_secret(self):
def authenticate(**kwargs):
return True
with mock.patch('django.contrib.auth.authenticate', authenticate):
self._do_test('FOST key:secret', gets_user=True)
self.assertTrue(self.request.user)
class RequestHandling(TestCase):
def setUp(self):
self.m = Middleware()
def test_signed_headers(self):
request = MockRequest()
self.m.process_request(request)
self.assertTrue(hasattr(request, 'SIGNED'))
class RequestHandling(TestCase):
def setUp(self):
self.m = Middleware()
def test_signed_headers(self):
request = MockRequest()
self.m.process_request(request)
self.assertTrue(hasattr(request, 'SIGNED'))
class URLSigning(TestCase):
def setUp(self):
self.request = MockRequest()
self.request.GET['_k'] = 'key'
self.request.GET['_e'] = 'expires'
self.request.GET['_s'] = 'signature'
self.m = Middleware()
def authenticate(self, **kwargs):
return True
def test_incorrect_get(self):
with mock.patch('django.contrib.auth.authenticate', self.authenticate):
self.m.process_request(self.request)
self.assertTrue(getattr(self.request, 'user', None))
def test_incorrect_head(self):
self.request.method = 'HEAD'
with mock.patch('django.contrib.auth.authenticate', self.authenticate):
self.m.process_request(self.request)
self.assertTrue(getattr(self.request, 'user', None))
def test_incorrect_post(self):
self.request.method = 'POST'
with mock.patch('django.contrib.auth.authenticate', self.authenticate):
self.m.process_request(self.request)
self.assertFalse(hasattr(self.request, 'user'))
class URLSigning(TestCase):
def setUp(self):
self.request = MockRequest()
self.request.GET['_k'] = 'key'
self.request.GET['_e'] = 'expires'
self.request.GET['_s'] = 'signature'
self.m = Middleware()
def authenticate(self, **kwargs):
return True
def test_incorrect_get(self):
with mock.patch('django.contrib.auth.authenticate', self.authenticate):
self.m.process_request(self.request)
self.assertTrue(getattr(self.request, 'user', None))
def test_incorrect_head(self):
self.request.method = 'HEAD'
with mock.patch('django.contrib.auth.authenticate', self.authenticate):
self.m.process_request(self.request)
self.assertTrue(getattr(self.request, 'user', None))
def test_incorrect_post(self):
self.request.method = 'POST'
with mock.patch('django.contrib.auth.authenticate', self.authenticate):
self.m.process_request(self.request)
self.assertFalse(hasattr(self.request, 'user'))
class InvalidHeader(TestCase):
def setUp(self):
self.m = Middleware()
def _do_test(self, header, gets_user=False):
self.request = MockRequest(header)
self.m.process_request(self.request)
self.assertEquals(hasattr(self.request, 'user'), gets_user)
def test_no_authorization_header(self):
self._do_test(None)
def test_fost_authz_no_creds(self):
self._do_test('FOST')
def test_fost_authz_no_secret(self):
self._do_test('FOST key')
def test_fost_authz_key_and_secret(self):
def authenticate(**kwargs):
return True
with mock.patch('django.contrib.auth.authenticate', authenticate):
self._do_test('FOST key:secret', gets_user=True)
self.assertTrue(self.request.user)
