def test_httponly(self): cookie = Cookie("color", "blue", httponly=True) self.assertTrue(cookie.http_return_ok("http://example.com")) self.assertTrue(cookie.http_return_ok("https://example.com")) with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok("ftp://example.com"))
def test_httponly(self): cookie = Cookie('color', 'blue', httponly=True) self.assertTrue(cookie.http_return_ok('http://example.com')) self.assertTrue(cookie.http_return_ok('https://example.com')) with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok('ftp://example.com'))
def test_expires(self): now = datetime.datetime.utcnow().replace(microsecond=0) # expires 1 day from now expires = now + datetime.timedelta(days=1) cookie = Cookie('color', 'blue', expires=expires) self.assertTrue(cookie.http_return_ok(self.url)) # expired 1 day ago expires = now + datetime.timedelta(days=-1) cookie = Cookie('color', 'blue', expires=expires) with self.assertRaises(Cookie.Expired): self.assertTrue(cookie.http_return_ok(self.url))
def generate_cookie(self, url_path, session_id, expiration=None, add_header=False): ''' Return a session cookie containing the session id. The cookie will be contrainted to the url path, defined for use with HTTP only, and only returned on secure connections (SSL). :parameters: url_path The cookie will be returned in a request if it begins with this url path. session_id The session id identified by the session cookie add_header If true format cookie string with Set-Cookie: header :returns: cookie string ''' if not expiration: # Catch zero unix timestamps expiration = None; cookie = Cookie(self.session_cookie_name, session_id, domain=urlparse.urlparse(api.env.xmlrpc_uri).netloc, path=url_path, httponly=True, secure=True, expires=expiration) if add_header: result = 'Set-Cookie: %s' % cookie else: result = str(cookie) return result
def store_session_cookie(self, cookie_header): ''' Given the contents of a Set-Cookie header scan the header and extract each cookie contained within until the session cookie is located. Examine the session cookie if the domain and path are specified, if not update the cookie with those values from the request URL. Then write the session cookie into the key store for the principal. If the cookie header is None or the session cookie is not present in the header no action is taken. Context Dependencies: The per thread context is expected to contain: principal The current pricipal the HTTP request was issued for. request_url The URL of the HTTP request. ''' if cookie_header is None: return principal = getattr(context, 'principal', None) request_url = getattr(context, 'request_url', None) root_logger.debug("received Set-Cookie '%s'", cookie_header) # Search for the session cookie try: session_cookie = Cookie.get_named_cookie_from_string(cookie_header, COOKIE_NAME, request_url) except Exception, e: root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return
def get_session_cookie_from_persistent_storage(self, principal): ''' Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. ''' # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) except Exception: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string( cookie_string, COOKIE_NAME, timestamp=datetime.datetime.utcnow()) except Exception as e: self.log.debug( 'Error retrieving cookie from the persistent storage: {err}'. format(err=e)) return None return session_cookie
def get_session_cookie_from_persistent_storage(self, principal): ''' Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. ''' # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) if cookie_string is None: return None cookie_string = cookie_string.decode('utf-8') except Exception as e: logger.debug('Error reading client session data: %s', e) return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string( cookie_string, COOKIE_NAME, timestamp=datetime.datetime.utcnow()) except Exception as e: logger.debug( 'Error retrieving cookie from the persistent storage: %s', e) return None return session_cookie
def get_session_id_from_http_cookie(self, cookie_header): ''' Parse an HTTP cookie header and search for our session id. Return the session id if found, return None if not found. :parameters: cookie_header An HTTP cookie header. May be None, if None return None. :returns: Session id as string or None if not found. ''' if cookie_header is None: return None session_id = None try: session_cookie = Cookie.get_named_cookie_from_string(cookie_header, self.session_cookie_name) except Exception as e: session_cookie = None if session_cookie: session_id = session_cookie.value if session_id is None: self.debug('no session cookie found') else: self.debug('found session cookie_id = %s', session_id) return session_id
def get_session_id_from_http_cookie(self, cookie_header): ''' Parse an HTTP cookie header and search for our session id. Return the session id if found, return None if not found. :parameters: cookie_header An HTTP cookie header. May be None, if None return None. :returns: Session id as string or None if not found. ''' if cookie_header is None: return None session_id = None try: session_cookie = Cookie.get_named_cookie_from_string( cookie_header, self.session_cookie_name) except Exception as e: session_cookie = None if session_cookie: session_id = session_cookie.value if session_id is None: self.debug('no session cookie found') else: self.debug('found session cookie_id = %s', session_id) return session_id
def store_session_cookie(self, cookie_header): ''' Given the contents of a Set-Cookie header scan the header and extract each cookie contained within until the session cookie is located. Examine the session cookie if the domain and path are specified, if not update the cookie with those values from the request URL. Then write the session cookie into the key store for the principal. If the cookie header is None or the session cookie is not present in the header no action is taken. Context Dependencies: The per thread context is expected to contain: principal The current pricipal the HTTP request was issued for. request_url The URL of the HTTP request. ''' if cookie_header is None: return principal = getattr(context, 'principal', None) request_url = getattr(context, 'request_url', None) logger.debug("received Set-Cookie (%s)'%s'", type(cookie_header), cookie_header) if not isinstance(cookie_header, list): cookie_header = [cookie_header] # Search for the session cookie session_cookie = None try: for cookie in cookie_header: session_cookie = (Cookie.get_named_cookie_from_string( cookie, COOKIE_NAME, request_url, timestamp=datetime.datetime.utcnow())) if session_cookie is not None: break except Exception as e: logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return if session_cookie is None: return cookie_string = self._slice_session_cookie(session_cookie) logger.debug("storing cookie '%s' for principal %s", cookie_string, principal) try: update_persistent_client_session_data(principal, cookie_string) except Exception as e: # Not fatal, we just can't use the session cookie we were sent. pass
def store_session_cookie(self, cookie_header): ''' Given the contents of a Set-Cookie header scan the header and extract each cookie contained within until the session cookie is located. Examine the session cookie if the domain and path are specified, if not update the cookie with those values from the request URL. Then write the session cookie into the key store for the principal. If the cookie header is None or the session cookie is not present in the header no action is taken. Context Dependencies: The per thread context is expected to contain: principal The current pricipal the HTTP request was issued for. request_url The URL of the HTTP request. ''' if cookie_header is None: return principal = getattr(context, 'principal', None) request_url = getattr(context, 'request_url', None) logger.debug("received Set-Cookie (%s)'%s'", type(cookie_header), cookie_header) if not isinstance(cookie_header, list): cookie_header = [cookie_header] # Search for the session cookie session_cookie = None try: for cookie in cookie_header: session_cookie = ( Cookie.get_named_cookie_from_string( cookie, COOKIE_NAME, request_url, timestamp=datetime.datetime.utcnow()) ) if session_cookie is not None: break except Exception as e: logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return if session_cookie is None: return cookie_string = self._slice_session_cookie(session_cookie) logger.debug("storing cookie '%s' for principal %s", cookie_string, principal) try: update_persistent_client_session_data(principal, cookie_string) except Exception as e: # Not fatal, we just can't use the session cookie we were sent. pass
def test_invalid(self): # Invalid Max-Age s = 'color=blue; Max-Age=over-the-hill' with pytest.raises(ValueError): Cookie.parse(s) cookie = Cookie('color', 'blue') with pytest.raises(ValueError): cookie.max_age = 'over-the-hill' # Invalid Expires s = 'color=blue; Expires=Sun, 06 Xxx 1994 08:49:37 GMT' with pytest.raises(ValueError): Cookie.parse(s) cookie = Cookie('color', 'blue') with pytest.raises(ValueError): cookie.expires = 'Sun, 06 Xxx 1994 08:49:37 GMT'
def test_path_normalization(self): self.assertEqual(Cookie.normalize_url_path(''), '/') self.assertEqual(Cookie.normalize_url_path('foo'), '/') self.assertEqual(Cookie.normalize_url_path('foo/'), '/') self.assertEqual(Cookie.normalize_url_path('/foo'), '/') self.assertEqual(Cookie.normalize_url_path('/foo/'), '/foo') self.assertEqual(Cookie.normalize_url_path('/Foo/bar'), '/foo') self.assertEqual(Cookie.normalize_url_path('/foo/baR/'), '/foo/bar')
def test_path_normalization(self): self.assertEqual(Cookie.normalize_url_path(""), "/") self.assertEqual(Cookie.normalize_url_path("foo"), "/") self.assertEqual(Cookie.normalize_url_path("foo/"), "/") self.assertEqual(Cookie.normalize_url_path("/foo"), "/") self.assertEqual(Cookie.normalize_url_path("/foo/"), "/foo") self.assertEqual(Cookie.normalize_url_path("/Foo/bar"), "/foo") self.assertEqual(Cookie.normalize_url_path("/foo/baR/"), "/foo/bar")
def test_path_normalization(self): assert Cookie.normalize_url_path('') == '/' assert Cookie.normalize_url_path('foo') == '/' assert Cookie.normalize_url_path('foo/') == '/' assert Cookie.normalize_url_path('/foo') == '/' assert Cookie.normalize_url_path('/foo/') == '/foo' assert Cookie.normalize_url_path('/Foo/bar') == '/foo' assert Cookie.normalize_url_path('/foo/baR/') == '/foo/bar'
def test_path(self): cookie = Cookie('color', 'blue') self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', path='/') self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', path='/one') self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', path='/oneX') with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok(self.url))
def test_path(self): cookie = Cookie("color", "blue") self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", path="/") self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", path="/one") self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", path="/oneX") with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok(self.url))
def test_invalid(self): # Invalid Max-Age s = "color=blue; Max-Age=over-the-hill" with self.assertRaises(ValueError): Cookie.parse(s) cookie = Cookie("color", "blue") with self.assertRaises(ValueError): cookie.max_age = "over-the-hill" # Invalid Expires s = "color=blue; Expires=Sun, 06 Xxx 1994 08:49:37 GMT" with self.assertRaises(ValueError): Cookie.parse(s) cookie = Cookie("color", "blue") with self.assertRaises(ValueError): cookie.expires = "Sun, 06 Xxx 1994 08:49:37 GMT"
def test_expires(self): now = datetime.datetime.utcnow().replace(microsecond=0) # expires 1 day from now expires = now + datetime.timedelta(days=1) cookie = Cookie('color', 'blue', expires=expires) assert cookie.http_return_ok(self.url) # expired 1 day ago expires = now + datetime.timedelta(days=-1) cookie = Cookie('color', 'blue', expires=expires) with pytest.raises(Cookie.Expired): assert cookie.http_return_ok(self.url)
def get_session_cookie_from_persistent_storage(self, principal): """ Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. """ # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) except Exception: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) except Exception: return None return session_cookie
def get_session_cookie_from_persistent_storage(self, principal): ''' Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. ''' # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) except Exception: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string( cookie_string, COOKIE_NAME) except Exception: return None return session_cookie
def test_invalid(self): # Invalid Max-Age s = 'color=blue; Max-Age=over-the-hill' with self.assertRaises(ValueError): cookies = Cookie.parse(s) cookie = Cookie('color', 'blue') with self.assertRaises(ValueError): cookie.max_age = 'over-the-hill' # Invalid Expires s = 'color=blue; Expires=Sun, 06 Xxx 1994 08:49:37 GMT' with self.assertRaises(ValueError): cookies = Cookie.parse(s) cookie = Cookie('color', 'blue') with self.assertRaises(ValueError): cookie.expires = 'Sun, 06 Xxx 1994 08:49:37 GMT'
def store_session_cookie(self, cookie_header): ''' Given the contents of a Set-Cookie header scan the header and extract each cookie contained within until the session cookie is located. Examine the session cookie if the domain and path are specified, if not update the cookie with those values from the request URL. Then write the session cookie into the key store for the principal. If the cookie header is None or the session cookie is not present in the header no action is taken. Context Dependencies: The per thread context is expected to contain: principal The current pricipal the HTTP request was issued for. request_url The URL of the HTTP request. ''' if cookie_header is None: return principal = getattr(context, 'principal', None) request_url = getattr(context, 'request_url', None) root_logger.debug("received Set-Cookie '%s'", cookie_header) # Search for the session cookie try: session_cookie = Cookie.get_named_cookie_from_string( cookie_header, COOKIE_NAME, request_url) except Exception, e: root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return
def test_normalization(self): cookie = Cookie("color", "blue", expires=self.expires) cookie.timestamp = self.now_timestamp self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) url = "http://example.COM/foo" cookie.normalize(url) self.assertEqual(cookie.domain, "example.com") self.assertEqual(cookie.path, "/") self.assertEqual(cookie.expires, self.expires) cookie = Cookie("color", "blue", max_age=self.max_age) cookie.timestamp = self.now_timestamp self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) url = "http://example.com/foo/" cookie.normalize(url) self.assertEqual(cookie.domain, "example.com") self.assertEqual(cookie.path, "/foo") self.assertEqual(cookie.expires, self.age_expiration) cookie = Cookie("color", "blue") url = "http://example.com/foo" cookie.normalize(url) self.assertEqual(cookie.domain, "example.com") self.assertEqual(cookie.path, "/") cookie = Cookie("color", "blue") url = "http://example.com/foo/bar" cookie.normalize(url) self.assertEqual(cookie.domain, "example.com") self.assertEqual(cookie.path, "/foo") cookie = Cookie("color", "blue") url = "http://example.com/foo/bar/" cookie.normalize(url) self.assertEqual(cookie.domain, "example.com") self.assertEqual(cookie.path, "/foo/bar")
def test_parse(self): # Empty string s = '' cookies = Cookie.parse(s) self.assertEqual(len(cookies), 0) # Invalid single token s = 'color' with self.assertRaises(ValueError): cookies = Cookie.parse(s) # Invalid single token that's keyword s = 'HttpOnly' with self.assertRaises(ValueError): cookies = Cookie.parse(s) # Invalid key/value pair whose key is a keyword s = 'domain=example.com' with self.assertRaises(ValueError): cookies = Cookie.parse(s) # 1 cookie with empty value s = 'color=' cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, '') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=") self.assertEqual(cookie.http_cookie(), "color=;") # 1 cookie with name/value s = 'color=blue' cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue") self.assertEqual(cookie.http_cookie(), "color=blue;") # 1 cookie with whose value is quoted # Use "get by name" utility to extract specific cookie s = 'color="blue"' cookie = Cookie.get_named_cookie_from_string(s, 'color') self.assertIsNotNone(cookie) self.assertIsNotNone(cookie, Cookie) self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue") self.assertEqual(cookie.http_cookie(), "color=blue;") # 1 cookie with name/value and domain, path attributes. # Change up the whitespace a bit. s = 'color =blue; domain= example.com ; path = /toplevel ' cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, 'example.com') self.assertEqual(cookie.path, '/toplevel') self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue; Domain=example.com; Path=/toplevel") self.assertEqual(cookie.http_cookie(), "color=blue;") # 2 cookies, various attributes s = 'color=blue; Max-Age=3600; temperature=hot; HttpOnly' cookies = Cookie.parse(s) self.assertEqual(len(cookies), 2) cookie = cookies[0] self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, 3600) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue; Max-Age=3600") self.assertEqual(cookie.http_cookie(), "color=blue;") cookie = cookies[1] self.assertEqual(cookie.key, 'temperature') self.assertEqual(cookie.value, 'hot') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, True) self.assertEqual(str(cookie), "temperature=hot; HttpOnly") self.assertEqual(cookie.http_cookie(), "temperature=hot;")
Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. ''' # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) except Exception, e: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) except Exception, e: return None return session_cookie def apply_session_cookie(self, url): ''' Attempt to load a session cookie for the current principal from the persistent secure storage. If the cookie is successfully loaded adjust the input url's to point to the session path and insert the session cookie into the per thread context for later insertion into the HTTP request. If the cookie is not successfully loaded then the original url is returned and the per thread context is not modified.
def test_no_attributes(self): cookie = Cookie('color', 'blue') self.assertTrue(cookie.http_return_ok(self.url))
def test_path(self): cookie = Cookie('color', 'blue') assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', path='/') assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', path='/one') assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', path='/oneX') with pytest.raises(Cookie.URLMismatch): assert cookie.http_return_ok(self.url)
def test_attributes(self): cookie = Cookie('color', 'blue') self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) cookie.domain = 'example.com' self.assertEqual(cookie.domain, 'example.com') cookie.domain = None self.assertEqual(cookie.domain, None) cookie.path = '/toplevel' self.assertEqual(cookie.path, '/toplevel') cookie.path = None self.assertEqual(cookie.path, None) cookie.max_age = 400 self.assertEqual(cookie.max_age, 400) cookie.max_age = None self.assertEqual(cookie.max_age, None) cookie.expires = 'Sun, 06 Nov 1994 08:49:37 GMT' self.assertEqual(cookie.expires, datetime.datetime(1994, 11, 6, 8, 49, 37)) cookie.expires = None self.assertEqual(cookie.expires, None) cookie.secure = True self.assertEqual(cookie.secure, True) self.assertEqual(str(cookie), "color=blue; Secure") cookie.secure = False self.assertEqual(cookie.secure, False) self.assertEqual(str(cookie), "color=blue") cookie.secure = None self.assertEqual(cookie.secure, None) self.assertEqual(str(cookie), "color=blue") cookie.httponly = True self.assertEqual(cookie.httponly, True) self.assertEqual(str(cookie), "color=blue; HttpOnly") cookie.httponly = False self.assertEqual(cookie.httponly, False) self.assertEqual(str(cookie), "color=blue") cookie.httponly = None self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue")
def test_parse(self): # Empty string s = '' cookies = Cookie.parse(s) assert len(cookies) == 0 # Invalid single token s = 'color' with pytest.raises(ValueError): cookies = Cookie.parse(s) # Invalid single token that's keyword s = 'HttpOnly' with pytest.raises(ValueError): cookies = Cookie.parse(s) # Invalid key/value pair whose key is a keyword s = 'domain=example.com' with pytest.raises(ValueError): cookies = Cookie.parse(s) # 1 cookie with empty value s = 'color=' cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] assert cookie.key == 'color' assert cookie.value == '' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=" assert cookie.http_cookie() == "color=;" # 1 cookie with name/value s = 'color=blue' cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue" assert cookie.http_cookie() == "color=blue;" # 1 cookie with whose value is quoted # Use "get by name" utility to extract specific cookie s = 'color="blue"' cookie = Cookie.get_named_cookie_from_string(s, 'color') assert cookie is not None, Cookie assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue" assert cookie.http_cookie() == "color=blue;" # 1 cookie with name/value and domain, path attributes. # Change up the whitespace a bit. s = 'color =blue; domain= example.com ; path = /toplevel ' cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain == 'example.com' assert cookie.path == '/toplevel' assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue; Domain=example.com; Path=/toplevel" assert cookie.http_cookie() == "color=blue;" # 2 cookies, various attributes s = 'color=blue; Max-Age=3600; temperature=hot; HttpOnly' cookies = Cookie.parse(s) assert len(cookies) == 2 cookie = cookies[0] assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age == 3600 assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue; Max-Age=3600" assert cookie.http_cookie() == "color=blue;" cookie = cookies[1] assert cookie.key == 'temperature' assert cookie.value == 'hot' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is True assert str(cookie) == "temperature=hot; HttpOnly" assert cookie.http_cookie() == "temperature=hot;"
def test_no_attributes(self): cookie = Cookie('color', 'blue') assert cookie.http_return_ok(self.url)
def test_secure(self): cookie = Cookie('color', 'blue', secure=True) self.assertTrue(cookie.http_return_ok('https://Xexample.com')) with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok('http://Xexample.com'))
def test_expires(self): # 1 cookie with name/value and no Max-Age and no Expires s = 'color=blue;' cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue" assert cookie.get_expiration() is None # Normalize assert cookie.normalize_expiration() is None assert cookie.max_age is None assert cookie.expires is None assert str(cookie) == "color=blue" # 1 cookie with name/value and Max-Age s = 'color=blue; max-age=%d' % (self.max_age) cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age == self.max_age assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue; Max-Age=%d" % (self.max_age) assert cookie.get_expiration() == self.age_expiration # Normalize assert cookie.normalize_expiration() == self.age_expiration assert cookie.max_age is None assert cookie.expires == self.age_expiration assert str(cookie) == "color=blue; Expires=%s" % (self.age_string) # 1 cookie with name/value and Expires s = 'color=blue; Expires=%s' % (self.expires_string) cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires == self.expires assert cookie.secure is None assert cookie.httponly is None assert str(cookie) == "color=blue; Expires=%s" % (self.expires_string) assert cookie.get_expiration() == self.expires # Normalize assert cookie.normalize_expiration() == self.expires assert cookie.max_age is None assert cookie.expires == self.expires assert str(cookie) == "color=blue; Expires=%s" % (self.expires_string) # 1 cookie with name/value witht both Max-Age and Expires, Max-Age takes precedence s = 'color=blue; Expires=%s; max-age=%d' % (self.expires_string, self.max_age) cookies = Cookie.parse(s) assert len(cookies) == 1 cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age == self.max_age assert cookie.expires == self.expires assert cookie.secure is None assert cookie.httponly is None expected = "color=blue; Max-Age={}; Expires={}".format( self.max_age, self.expires_string) assert str(cookie) == expected assert cookie.get_expiration() == self.age_expiration # Normalize assert cookie.normalize_expiration() == self.age_expiration assert cookie.max_age is None assert cookie.expires == self.age_expiration assert str(cookie) == "color=blue; Expires=%s" % (self.age_string) # Verify different types can be assigned to the timestamp and # expires attribute. cookie = Cookie('color', 'blue') cookie.timestamp = self.now assert cookie.timestamp == self.now cookie.timestamp = self.now_timestamp assert cookie.timestamp == self.now cookie.timestamp = self.now_string assert cookie.timestamp == self.now assert cookie.expires is None cookie.expires = self.expires assert cookie.expires == self.expires cookie.expires = self.expires_timestamp assert cookie.expires == self.expires cookie.expires = self.expires_string assert cookie.expires == self.expires
def test_attributes(self): cookie = Cookie("color", "blue") self.assertEqual(cookie.key, "color") self.assertEqual(cookie.value, "blue") self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) cookie.domain = "example.com" self.assertEqual(cookie.domain, "example.com") cookie.domain = None self.assertEqual(cookie.domain, None) cookie.path = "/toplevel" self.assertEqual(cookie.path, "/toplevel") cookie.path = None self.assertEqual(cookie.path, None) cookie.max_age = 400 self.assertEqual(cookie.max_age, 400) cookie.max_age = None self.assertEqual(cookie.max_age, None) cookie.expires = "Sun, 06 Nov 1994 08:49:37 GMT" self.assertEqual(cookie.expires, datetime.datetime(1994, 11, 6, 8, 49, 37)) cookie.expires = None self.assertEqual(cookie.expires, None) cookie.secure = True self.assertEqual(cookie.secure, True) self.assertEqual(str(cookie), "color=blue; Secure") cookie.secure = False self.assertEqual(cookie.secure, False) self.assertEqual(str(cookie), "color=blue") cookie.secure = None self.assertEqual(cookie.secure, None) self.assertEqual(str(cookie), "color=blue") cookie.httponly = True self.assertEqual(cookie.httponly, True) self.assertEqual(str(cookie), "color=blue; HttpOnly") cookie.httponly = False self.assertEqual(cookie.httponly, False) self.assertEqual(str(cookie), "color=blue") cookie.httponly = None self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue")
def test_expires(self): # 1 cookie with name/value and no Max-Age and no Expires s = 'color=blue;' cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue") self.assertEqual(cookie.get_expiration(), None) # Normalize self.assertEqual(cookie.normalize_expiration(), None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, None) self.assertEqual(str(cookie), "color=blue") # 1 cookie with name/value and Max-Age s = 'color=blue; max-age=%d' % (self.max_age) cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, self.max_age) self.assertEqual(cookie.expires, None) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue; Max-Age=%d" % (self.max_age)) self.assertEqual(cookie.get_expiration(), self.age_expiration) # Normalize self.assertEqual(cookie.normalize_expiration(), self.age_expiration) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, self.age_expiration) self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.age_string)) # 1 cookie with name/value and Expires s = 'color=blue; Expires=%s' % (self.expires_string) cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, self.expires) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.expires_string)) self.assertEqual(cookie.get_expiration(), self.expires) # Normalize self.assertEqual(cookie.normalize_expiration(), self.expires) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, self.expires) self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.expires_string)) # 1 cookie with name/value witht both Max-Age and Expires, Max-Age takes precedence s = 'color=blue; Expires=%s; max-age=%d' % (self.expires_string, self.max_age) cookies = Cookie.parse(s) self.assertEqual(len(cookies), 1) cookie = cookies[0] # Force timestamp to known value cookie.timestamp = self.now self.assertEqual(cookie.key, 'color') self.assertEqual(cookie.value, 'blue') self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) self.assertEqual(cookie.max_age, self.max_age) self.assertEqual(cookie.expires, self.expires) self.assertEqual(cookie.secure, None) self.assertEqual(cookie.httponly, None) self.assertEqual(str(cookie), "color=blue; Max-Age=%d; Expires=%s" % (self.max_age, self.expires_string)) self.assertEqual(cookie.get_expiration(), self.age_expiration) # Normalize self.assertEqual(cookie.normalize_expiration(), self.age_expiration) self.assertEqual(cookie.max_age, None) self.assertEqual(cookie.expires, self.age_expiration) self.assertEqual(str(cookie), "color=blue; Expires=%s" % (self.age_string)) # Verify different types can be assigned to the timestamp and # expires attribute. cookie = Cookie('color', 'blue') cookie.timestamp = self.now self.assertEqual(cookie.timestamp, self.now) cookie.timestamp = self.now_timestamp self.assertEqual(cookie.timestamp, self.now) cookie.timestamp = self.now_string self.assertEqual(cookie.timestamp, self.now) self.assertEqual(cookie.expires, None) cookie.expires = self.expires self.assertEqual(cookie.expires, self.expires) cookie.expires = self.expires_timestamp self.assertEqual(cookie.expires, self.expires) cookie.expires = self.expires_string self.assertEqual(cookie.expires, self.expires)
def test_normalization(self): cookie = Cookie('color', 'blue', expires=self.expires) cookie.timestamp = self.now_timestamp self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) url = 'http://example.COM/foo' cookie.normalize(url) self.assertEqual(cookie.domain, 'example.com') self.assertEqual(cookie.path, '/') self.assertEqual(cookie.expires, self.expires) cookie = Cookie('color', 'blue', max_age=self.max_age) cookie.timestamp = self.now_timestamp self.assertEqual(cookie.domain, None) self.assertEqual(cookie.path, None) url = 'http://example.com/foo/' cookie.normalize(url) self.assertEqual(cookie.domain, 'example.com') self.assertEqual(cookie.path, '/foo') self.assertEqual(cookie.expires, self.age_expiration) cookie = Cookie('color', 'blue') url = 'http://example.com/foo' cookie.normalize(url) self.assertEqual(cookie.domain, 'example.com') self.assertEqual(cookie.path, '/') cookie = Cookie('color', 'blue') url = 'http://example.com/foo/bar' cookie.normalize(url) self.assertEqual(cookie.domain, 'example.com') self.assertEqual(cookie.path, '/foo') cookie = Cookie('color', 'blue') url = 'http://example.com/foo/bar/' cookie.normalize(url) self.assertEqual(cookie.domain, 'example.com') self.assertEqual(cookie.path, '/foo/bar')
def test_secure(self): cookie = Cookie("color", "blue", secure=True) self.assertTrue(cookie.http_return_ok("https://Xexample.com")) with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok("http://Xexample.com"))
def test_attributes(self): cookie = Cookie('color', 'blue') assert cookie.key == 'color' assert cookie.value == 'blue' assert cookie.domain is None assert cookie.path is None assert cookie.max_age is None assert cookie.expires is None assert cookie.secure is None assert cookie.httponly is None cookie.domain = 'example.com' assert cookie.domain == 'example.com' cookie.domain = None assert cookie.domain is None cookie.path = '/toplevel' assert cookie.path == '/toplevel' cookie.path = None assert cookie.path is None cookie.max_age = 400 assert cookie.max_age == 400 cookie.max_age = None assert cookie.max_age is None cookie.expires = 'Sun, 06 Nov 1994 08:49:37 GMT' assert cookie.expires == datetime.datetime( 1994, 11, 6, 8, 49, 37, tzinfo=datetime.timezone.utc) cookie.expires = None assert cookie.expires is None cookie.secure = True assert cookie.secure is True assert str(cookie) == "color=blue; Secure" cookie.secure = False assert cookie.secure is False assert str(cookie) == "color=blue" cookie.secure = None assert cookie.secure is None assert str(cookie) == "color=blue" cookie.httponly = True assert cookie.httponly is True assert str(cookie) == "color=blue; HttpOnly" cookie.httponly = False assert cookie.httponly is False assert str(cookie) == "color=blue" cookie.httponly = None assert cookie.httponly is None assert str(cookie) == "color=blue"
Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. ''' # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) except Exception, e: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string( cookie_string, COOKIE_NAME) except Exception, e: return None return session_cookie def apply_session_cookie(self, url): ''' Attempt to load a session cookie for the current principal from the persistent secure storage. If the cookie is successfully loaded adjust the input url's to point to the session path and insert the session cookie into the per thread context for later insertion into the HTTP request. If the cookie is not successfully loaded then the original url is returned and the per thread context is not modified.
def test_domain(self): cookie = Cookie('color', 'blue', domain='www.foo.bar.com') assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', domain='.foo.bar.com') assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', domain='.bar.com') assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', domain='bar.com') with pytest.raises(Cookie.URLMismatch): assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', domain='bogus.com') with pytest.raises(Cookie.URLMismatch): assert cookie.http_return_ok(self.url) cookie = Cookie('color', 'blue', domain='www.foo.bar.com') with pytest.raises(Cookie.URLMismatch): assert cookie.http_return_ok('http://192.168.1.1/one/two')
def test_secure(self): cookie = Cookie('color', 'blue', secure=True) assert cookie.http_return_ok('https://Xexample.com') with pytest.raises(Cookie.URLMismatch): assert cookie.http_return_ok('http://Xexample.com')
def test_normalization(self): cookie = Cookie('color', 'blue', expires=self.expires) cookie.timestamp = self.now_timestamp assert cookie.domain is None assert cookie.path is None url = 'http://example.COM/foo' cookie.normalize(url) assert cookie.domain == 'example.com' assert cookie.path == '/' assert cookie.expires == self.expires cookie = Cookie('color', 'blue', max_age=self.max_age) cookie.timestamp = self.now_timestamp assert cookie.domain is None assert cookie.path is None url = 'http://example.com/foo/' cookie.normalize(url) assert cookie.domain == 'example.com' assert cookie.path == '/foo' assert cookie.expires == self.age_expiration cookie = Cookie('color', 'blue') url = 'http://example.com/foo' cookie.normalize(url) assert cookie.domain == 'example.com' assert cookie.path == '/' cookie = Cookie('color', 'blue') url = 'http://example.com/foo/bar' cookie.normalize(url) assert cookie.domain == 'example.com' assert cookie.path == '/foo' cookie = Cookie('color', 'blue') url = 'http://example.com/foo/bar/' cookie.normalize(url) assert cookie.domain == 'example.com' assert cookie.path == '/foo/bar'
def test_domain(self): cookie = Cookie("color", "blue", domain="www.foo.bar.com") self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", domain=".foo.bar.com") self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", domain=".bar.com") self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", domain="bar.com") with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", domain="bogus.com") with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie("color", "blue", domain="www.foo.bar.com") with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok("http://192.168.1.1/one/two"))
def test_no_attributes(self): cookie = Cookie("color", "blue") self.assertTrue(cookie.http_return_ok(self.url))
class xmlclient(Connectible): """ Forwarding backend plugin for XML-RPC client. Also see the `ipaserver.rpcserver.xmlserver` plugin. """ def __init__(self): super(xmlclient, self).__init__() self.__errors = dict((e.errno, e) for e in public_errors) def get_url_list(self, xmlrpc_uri): """ Create a list of urls consisting of the available IPA servers. """ # the configured URL defines what we use for the discovered servers (scheme, netloc, path, params, query, fragment) = urlparse.urlparse(xmlrpc_uri) servers = [] name = '_ldap._tcp.%s.' % self.env.domain rs = dnsclient.query(name, dnsclient.DNS_C_IN, dnsclient.DNS_T_SRV) for r in rs: if r.dns_type == dnsclient.DNS_T_SRV: rsrv = r.rdata.server.rstrip('.') servers.append('https://%s%s' % (ipautil.format_netloc(rsrv), path)) servers = list(set(servers)) # the list/set conversion won't preserve order so stick in the # local config file version here. cfg_server = xmlrpc_uri if cfg_server in servers: # make sure the configured master server is there just once and # it is the first one servers.remove(cfg_server) servers.insert(0, cfg_server) else: servers.insert(0, cfg_server) return servers def get_session_cookie_from_persistent_storage(self, principal): ''' Retrieves the session cookie for the given principal from the persistent secure storage. Returns None if not found or unable to retrieve the session cookie for any reason, otherwise returns a Cookie object containing the session cookie. ''' # Get the session data, it should contain a cookie string # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) except Exception, e: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string( cookie_string, COOKIE_NAME) except Exception, e: return None
def test_domain(self): cookie = Cookie('color', 'blue', domain='www.foo.bar.com') self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', domain='.foo.bar.com') self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', domain='.bar.com') self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', domain='bar.com') with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', domain='bogus.com') with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok(self.url)) cookie = Cookie('color', 'blue', domain='www.foo.bar.com') with self.assertRaises(Cookie.URLMismatch): self.assertTrue(cookie.http_return_ok('http://192.168.1.1/one/two'))