def test_replay_protect_repeated_message(caplog): client = OpenADRClient( ven_name='myven', vtn_url=f'https://localhost:{SERVER_PORT}/OpenADR2/Simple/2.0b', cert=VEN_CERT, key=VEN_KEY, vtn_fingerprint=VTN_FINGERPRINT) message = client._create_message('oadrPoll', ven_id='ven123') tree = etree.fromstring(message.encode('utf-8')) messaging._verify_replay_protect(tree) with pytest.raises(ValueError) as err: messaging._verify_replay_protect(tree) assert str(err.value ) == 'This combination of timestamp and nonce was already used.'
def test_replay_protect_missing_nonce(caplog): client = OpenADRClient( ven_name='myven', vtn_url=f'https://localhost:{SERVER_PORT}/OpenADR2/Simple/2.0b', cert=VEN_CERT, key=VEN_KEY, vtn_fingerprint=VTN_FINGERPRINT) message = client._create_message('oadrPoll', ven_id='ven123') message = re.sub('<dsp:nonce>.*?</dsp:nonce>', '', message) tree = etree.fromstring(message.encode('utf-8')) with pytest.raises(ValueError) as err: messaging._verify_replay_protect(tree) assert str( err.value ) == "Missing 'nonce' element in ReplayProtect in incoming message."
def test_replay_protect_message_too_old(caplog): client = OpenADRClient( ven_name='myven', vtn_url=f'https://localhost:{SERVER_PORT}/OpenADR2/Simple/2.0b', cert=VEN_CERT, key=VEN_KEY, vtn_fingerprint=VTN_FINGERPRINT) _temp = messaging.REPLAY_PROTECT_MAX_TIME_DELTA messaging.REPLAY_PROTECT_MAX_TIME_DELTA = timedelta(seconds=0) message = client._create_message('oadrPoll', ven_id='ven123') tree = etree.fromstring(message.encode('utf-8')) with pytest.raises(ValueError) as err: messaging._verify_replay_protect(tree) assert str(err.value) == 'The message was signed too long ago.' messaging.REPLAY_PROTECT_MAX_TIME_DELTA = _temp
async def test_invalid_signature_error(start_server_with_signatures, caplog): client = OpenADRClient( ven_name='myven', vtn_url=f'https://localhost:{SERVER_PORT}/OpenADR2/Simple/2.0b', cert=VEN_CERT, key=VEN_KEY, vtn_fingerprint=VTN_FINGERPRINT) message = client._create_message('oadrPoll', ven_id='ven123') fake_sig = b64encode("HelloThere".encode('utf-8')).decode('utf-8') message = re.sub(r'<ds:SignatureValue>.*?</ds:SignatureValue>', f'<ds:SignatureValue>{fake_sig}</ds:SignatureValue>', message) result = await client._perform_request('OadrPoll', message) assert result == (None, {}) logs = [rec.message for rec in caplog.records] for log in logs: if log.startswith("Non-OK status 403 when performing a request"): assert "Invalid Signature" in log break else: assert False