def testCreateCookieHttpOnly(self):
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=True)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual(
'Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'
.format(d.cookieName(), result['cookie']), result['header'])
def setUp(self):
SeecrTestCase.setUp(self)
self.handler = SessionHandler()
self.cookiestore = CookieMemoryStore(name='session', timeout=10)
self.handler.addObserver(self.cookiestore)
self.handler._zulutime = lambda: ZuluTime('2015-01-27T13:34:45Z')
self.observer = CallTrace('Observer')
self.handler.addObserver(self.observer)
def setUp(self):
SeecrTestCase.setUp(self)
self.handler = SessionHandler()
self.cookiestore = CookieMemoryStore(name='session', timeout=10)
self.handler.addObserver(self.cookiestore)
self.handler._zulutime = lambda: ZuluTime('2015-01-27T13:34:45Z')
class SessionHandlerTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.handler = SessionHandler()
self.cookiestore = CookieMemoryStore(name='session', timeout=10)
self.handler.addObserver(self.cookiestore)
self.handler._zulutime = lambda: ZuluTime('2015-01-27T13:34:45Z')
def testCreateSession(self):
called = []
class MyObserver(Observable):
def handleRequest(self, *args, **kwargs):
session = self.ctx.session
called.append({
'args': args,
'kwargs': kwargs,
'session': session
})
yield utils.okHtml
yield '<ht'
yield 'ml/>'
self.handler.addObserver(MyObserver())
result = generatorToString(
self.handler.handleRequest(RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={'a': 'b'}))
self.assertEqual(1, len(called))
self.assertEqual({}, called[0]['session'])
session = called[0]['kwargs']['session']
self.assertEqual({}, session)
self.assertEqual({'a': 'b'}, called[0]['kwargs']['Headers'])
self.assertTrue(('127.0.0.1', 12345), called[0]['kwargs']['Client'])
header, body = result.split(utils.CRLF * 2, 1)
self.assertEqual('<html/>', body)
self.assertTrue('Set-Cookie' in header, header)
headerParts = header.split(utils.CRLF)
self.assertEqual("HTTP/1.0 200 OK", headerParts[0])
sessionCookie = [p for p in headerParts[1:] if 'Set-Cookie' in p][0]
self.assertTrue(sessionCookie.startswith('Set-Cookie: session'))
def testRetrieveCookie(self):
sessions = []
class MyObserver(Observable):
def handleRequest(self, *args, **kwargs):
session = self.ctx.session
sessions.append(session)
yield utils.okHtml + '<html/>'
self.handler.addObserver(MyObserver())
headers, _ = parseResponse(
asBytes(
self.handler.handleRequest(RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={})))
headers = headers['Headers']
self.assertTrue('Set-Cookie' in headers, headers)
cookie = findCookies(headers, self.cookiestore.cookieName(),
'Set-Cookie')[0]
consume(
self.handler.handleRequest(RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={
'Cookie':
'{0}={1}'.format(
self.cookiestore.cookieName(),
cookie)
}))
self.assertEqual(sessions[0], sessions[1])
self.assertEqual(id(sessions[0]), id(sessions[1]))
def testInjectAnyCookie(self):
sessions = []
class MyObserver(Observable):
def handleRequest(self, session=None, *args, **kwargs):
sessions.append(session)
yield utils.okHtml + '<html/>'
self.handler.addObserver(MyObserver())
headers, _ = parseResponse(
asBytes(
self.handler.handleRequest(
RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={
'Cookie':
'%s=%s' %
(self.cookiestore.cookieName(), 'injected_id')
})))
headers = headers["Headers"]
self.assertTrue('injected_id' not in ' '.join(headers['Set-Cookie']))
def testPassThroughOfCallables(self):
def callableMethod():
pass
class MyObserver(Observable):
def handleRequest(*args, **kwargs):
yield callableMethod
yield "HTTP/1.0 200 OK\r\n\r\nBODY"
yield callableMethod
yield "THE END"
self.handler.addObserver(MyObserver())
result = asList(self.handler.handleRequest(Headers={}))
self.assertEqual(callableMethod, result[0])
self.assertEqual(b"HTTP/1.0 200 OK\r\n", result[1])
self.assertEqual(b"\r\nBODY", result[3])
self.assertEqual(callableMethod, result[4])
self.assertTrue(result[2].startswith(b'Set-Cookie: session'),
result[2])
self.assertEqual("THE END", result[5])
class SessionHandlerTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.handler = SessionHandler()
self.cookiestore = CookieMemoryStore(name='session', timeout=10)
self.handler.addObserver(self.cookiestore)
self.handler._zulutime = lambda: ZuluTime('2015-01-27T13:34:45Z')
self.observer = CallTrace('Observer')
self.handler.addObserver(self.observer)
def testCreateSession(self):
called = []
def handleRequest(*args, **kwargs):
called.append({'args':args, 'kwargs':kwargs})
yield utils.okHtml
yield '<ht'
yield 'ml/>'
self.observer.handleRequest = handleRequest
result = asString(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={'a':'b'}))
self.assertEquals(1, len(called))
session = called[0]['kwargs']['session']
self.assertEqual({}, session)
self.assertEquals({'a':'b'}, called[0]['kwargs']['Headers'])
self.assertTrue(('127.0.0.1', 12345), called[0]['kwargs']['Client'])
header, body = result.split(utils.CRLF*2,1)
self.assertEquals('<html/>', body)
self.assertTrue('Set-Cookie' in header, header)
headerParts = header.split(utils.CRLF)
self.assertEquals("HTTP/1.0 200 OK", headerParts[0])
sessionCookie = [p for p in headerParts[1:] if 'Set-Cookie' in p][0]
self.assertTrue(sessionCookie.startswith('Set-Cookie: session'))
def testRetrieveCookie(self):
sessions = []
def handleRequest(session=None, *args, **kwargs):
sessions.append(session)
yield utils.okHtml + '<html/>'
self.observer.handleRequest = handleRequest
headers = asString(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={})).split(CRLF*2,1)[0]
headers = parseHeaders(headers)
self.assertTrue('Set-Cookie' in headers, headers)
cookie = findCookies(headers, self.cookiestore.cookieName(), 'Set-Cookie')[0]
consume(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={'Cookie': '{0}={1}'.format(self.cookiestore.cookieName(), cookie)}))
self.assertEquals(sessions[0], sessions[1])
self.assertEquals(id(sessions[0]),id(sessions[1]))
def testInjectAnyCookie(self):
sessions = []
def handleRequest(session=None, *args, **kwargs):
sessions.append(session)
yield utils.okHtml + '<html/>'
self.observer.handleRequest = handleRequest
headers = asString(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={'Cookie': '%s=%s' % (self.cookiestore.cookieName(), 'injected_id')})).split(CRLF*2,1)[0]
headers = parseHeaders(headers)
self.assertTrue('injected_id' not in headers['Set-Cookie'])
def testPassThroughOfCallables(self):
def callableMethod():
pass
def handleRequest(*args, **kwargs):
yield callableMethod
yield "HTTP/1.0 200 OK\r\n\r\nBODY"
yield callableMethod
yield "THE END"
self.observer.handleRequest = handleRequest
result = asList(self.handler.handleRequest(Headers={}))
self.assertEquals(callableMethod, result[0])
self.assertEquals("HTTP/1.0 200 OK\r\n", result[1])
self.assertEquals("\r\nBODY", result[3])
self.assertEquals(callableMethod, result[4])
self.assertTrue(result[2].startswith('Set-Cookie: session'), result[2])
self.assertEquals("THE END", result[5])
def dna(reactor, port, dataPath, logPath, statePath, externalUrl, customerLogoUrl, deproxyIps=None, **ignored):
environment = createEnvironment(dataPath)
harvesterData = environment.createHarvesterData()
harvesterDataRetrieve = environment.createHarvesterDataRetrieve()
deproxy = Deproxy(deproxyForIps=deproxyIps)
repositoryStatus = be(
(RepositoryStatus(logPath, statePath),
(harvesterData, )
)
)
configDict = JsonDict(
logPath=logPath,
statePath=statePath,
externaUrl=externalUrl,
dataPath=dataPath,
)
print("Started Metastreams with configuration:\n" + configDict.pretty_print())
userGroup = initializeUserGroupManagement(join(statePath, 'users'), harvesterData)
basicHtmlLoginHelix = (BasicHtmlLoginForm(
action="/login.action",
loginPath="/login",
home="/index",
rememberMeCookie=False,
lang="nl"),
(userGroup.basicHtmlObserver,),
)
varWwwdataPath = join(statePath, 'www-data', 'var')
isdir(varWwwdataPath) or makedirs(varWwwdataPath)
staticFilePaths = []
staticFiles = Transparent()
for path, libdir in [
('/js/bootstrap', '/usr/share/javascript/bootstrap5/js'),
('/css/bootstrap', '/usr/share/javascript/bootstrap5/css'),
('/css/bootstrap-icons', '/usr/share/javascript/bootstrap-icons'),
('/js/jquery', '/usr/share/javascript/jquery'),
('/js/jquery-tablesorter', '/usr/share/javascript/jquery-tablesorter'),
('/css/jquery-tablesorter', '/usr/share/javascript/jquery-tablesorter/css'),
('/js/autosize', '/usr/share/javascript/autosize'),
('/static', staticHtmlPath),
('/var', varWwwdataPath),
]:
staticFiles.addObserver(StaticFiles(libdir=libdir, path=path))
staticFilePaths.append(path)
return \
(Observable(),
(ObservableHttpServer(reactor, port),
(LogCollector(),
(ApacheLogWriter(stdout),),
(deproxy,
(HandleRequestLog(),
(BasicHttpHandler(),
(SessionHandler(),
(CookieMemoryStore(name="meresco-harvester", timeout=2*60*60), ),
(UserFromSession(),
(PathFilter("/info/version"),
(StringServer(VERSION_STRING, ContentTypePlainText), )
),
(PathFilter("/info/config"),
(StringServer(configDict.dumps(), ContentTypeJson), )
),
(PathFilter('/login.action'),
basicHtmlLoginHelix
),
(staticFiles,),
(PathFilter('/', excluding=['/info/version', '/info/config', '/action', '/login.action'] + harvesterDataRetrieve.paths + staticFilePaths),
(SecureZone("/login", excluding=["/index", "/invalid", "/rss", '/running.rss', '/showHarvesterStatus'], defaultLanguage="nl"),
(PathFilter('/', excluding=userGroup.excludedPaths),
(DynamicHtml(
[dynamicHtmlPath],
reactor=reactor,
additionalGlobals={
'externalUrl': externalUrl,
'escapeXml': escapeXml,
'compose': compose,
'dumps': dumps,
'VERSION': VERSION,
'CONFIG': configDict,
'Timeslot': Timeslot,
'ThroughputAnalyser': ThroughputAnalyser,
'dateSince': dateSince,
'callable': callable,
'OnlineHarvest': OnlineHarvest,
'StringIO': StringIO,
'okPlainText': okPlainText,
'ZuluTime': ZuluTime,
'xpathFirst': xpathFirst,
'customerLogoUrl': customerLogoUrl,
'uuid': lambda: str(uuid4()),
},
indexPage="/index",
),
basicHtmlLoginHelix,
(harvesterData,),
(repositoryStatus,),
(userGroup.dynamicHtmlObserver,),
)
),
(userGroup.actions,),
),
),
(PathFilter('/action'),
(HarvesterDataActions(),
(harvesterData,)
),
),
(PathFilter(harvesterDataRetrieve.paths),
(harvesterDataRetrieve,
(FilterFields(),
(harvesterData,),
),
(repositoryStatus,),
)
)
)
)
)
)
)
)
)
)
def setUp(self):
SeecrTestCase.setUp(self)
self.d = CookieMemoryStore(name='name', timeout=0.1)
self.d._now = lambda: 123456789.0
class CookieMemoryStoreTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.d = CookieMemoryStore(name='name', timeout=0.1)
self.d._now = lambda: 123456789.0
def testCookieName(self):
name = self.d.cookieName()
self.assertTrue(name.startswith('name'))
self.assertEquals(name, self.d.cookieName())
self.assertNotEqual(name, CookieMemoryStore(timeout=0.1).cookieName())
def testCreateCookie(self):
result = self.d.createCookie('username')
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
self.assertNotEqual(result, self.d.createCookie('username'))
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
self.d.cookieName(), result['cookie']), result['header'])
sleep(0.06)
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.06)
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.12)
self.assertEquals(None, self.d.validateCookie(result['cookie']))
def testCreateCookieForAnyObject(self):
o = object()
result = self.d.createCookie(o)
self.assertEquals(o, self.d.validateCookie(result['cookie'])['value'])
def testRemoveCookie(self):
result = self.d.createCookie('username')
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
self.d.removeCookie(result['cookie'])
self.assertEquals(None, self.d.validateCookie(result['cookie']))
self.d.removeCookie(result['cookie'])
def testRemoveCookiesWithObjectFilter(self):
c1 = self.d.createCookie({'username': '******'})
c2 = self.d.createCookie(object())
c3 = self.d.createCookie('otheruser')
self.d.removeCookies(filter=lambda o:o.get('username') == 'name')
self.assertFalse(self.d.validateCookie(c1['cookie']))
self.assertTrue(self.d.validateCookie(c2['cookie']))
self.assertTrue(self.d.validateCookie(c3['cookie']))
def testCreateCookieHttpOnly(self):
d = CookieMemoryStore(name='name', timeout=0.1)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=True)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
d.cookieName(), result['cookie']), result['header'])
def testCookieName(self):
name = self.d.cookieName()
self.assertTrue(name.startswith('name'))
self.assertEqual(name, self.d.cookieName())
self.assertNotEqual(name, CookieMemoryStore(timeout=0.1).cookieName())
def setUp(self):
SeecrTestCase.setUp(self)
self.d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
self.d._now = lambda: 123456789.0
class CookieMemoryStoreTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
self.d._now = lambda: 123456789.0
def testCookieName(self):
name = self.d.cookieName()
self.assertTrue(name.startswith('name'))
self.assertEqual(name, self.d.cookieName())
self.assertNotEqual(name, CookieMemoryStore(timeout=0.1).cookieName())
def testCreateCookie(self):
result = self.d.createCookie('username')
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
self.assertNotEqual(result, self.d.createCookie('username'))
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
self.d.cookieName(), result['cookie']), result['header'])
sleep(0.06)
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.06)
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.12)
self.assertEqual(None, self.d.validateCookie(result['cookie']))
def testCreateCookieSecure(self):
d = CookieMemoryStore(name='name', timeout=0.1, secure=True, httpOnly=False)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; Secure'.format(
d.cookieName(), result['cookie']), result['header'])
def testCreateCookieHttpOnly(self):
d = CookieMemoryStore(name='name', timeout=0.1)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=True)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
d.cookieName(), result['cookie']), result['header'])
def testCreateCookieForAnyObject(self):
o = object()
result = self.d.createCookie(o)
self.assertEqual(o, self.d.validateCookie(result['cookie'])['value'])
def testRemoveCookie(self):
result = self.d.createCookie('username')
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
self.d.removeCookie(result['cookie'])
self.assertEqual(None, self.d.validateCookie(result['cookie']))
self.d.removeCookie(result['cookie'])
def testRemoveCookiesWithObjectFilter(self):
c1 = self.d.createCookie({'username': '******'})
c2 = self.d.createCookie(object())
c3 = self.d.createCookie('otheruser')
self.d.removeCookies(filter=lambda o:o.get('username') == 'name')
self.assertFalse(self.d.validateCookie(c1['cookie']))
self.assertTrue(self.d.validateCookie(c2['cookie']))
self.assertTrue(self.d.validateCookie(c3['cookie']))
