class BrainSecuritiesConfiguration(BaseSectionConfigurationData): def __init__(self): BaseSectionConfigurationData.__init__(self, "security") self._authorisation = None self._authentication = None self._account_linker = None @property def authorisation(self): return self._authorisation @property def authentication(self): return self._authentication @property def account_linker(self): return self._account_linker def load_config_section(self, configuration_file, configuration, bot_root): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityAuthenticationConfiguration() self._authentication.load_config_section(configuration_file, securities, bot_root) self._authorisation = BrainSecurityAuthorisationConfiguration() self._authorisation.load_config_section(configuration_file, securities, bot_root) self._account_linker = BrainSecurityAccountLinkerConfiguration() self._account_linker.load_config_section(configuration_file, securities, bot_root) def to_yaml(self, data, defaults=True): self.config_to_yaml(data, BrainSecurityAuthenticationConfiguration(), defaults) self.config_to_yaml(data, BrainSecurityAuthorisationConfiguration(), defaults) self.config_to_yaml(data, BrainSecurityAccountLinkerConfiguration(), defaults)
def load_config_section(self, configuration_file, configuration, bot_root, subs: Substitutions = None): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityAuthenticationConfiguration() self._authentication.load_config_section(configuration_file, securities, bot_root, subs=subs) self._authorisation = BrainSecurityAuthorisationConfiguration() self._authorisation.load_config_section(configuration_file, securities, bot_root, subs=subs) self._account_linker = BrainSecurityAccountLinkerConfiguration() self._account_linker.load_config_section(configuration_file, securities, bot_root, subs=subs)
class BrainSecuritiesConfiguration(BaseSectionConfigurationData): def __init__(self): BaseSectionConfigurationData.__init__(self, "security") self._authorisation = None self._authentication = None @property def authorisation(self): return self._authorisation @property def authentication(self): return self._authentication def load_config_section(self, configuration_file, configuration, bot_root): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityAuthenticationConfiguration() self._authentication.load_config_section(configuration_file, securities, bot_root) self._authorisation = BrainSecurityAuthorisationConfiguration() self._authorisation.load_config_section(configuration_file, securities, bot_root) def to_yaml(self, data, defaults=True): self.config_to_yaml(data, BrainSecurityAuthenticationConfiguration(), defaults) self.config_to_yaml(data, BrainSecurityAuthorisationConfiguration(), defaults)
def test_authentication_with_data_denied_srai(self): yaml = YamlConfigurationFile() self.assertIsNotNone(yaml) yaml.load_from_text( """ brain: security: authentication: classname: programy.security.authenticate.passthrough.PassThroughAuthenticationService denied_srai: AUTHENTICATION_FAILED """, ConsoleConfiguration(), ".") brain_config = yaml.get_section("brain") self.assertIsNotNone(brain_config) services_config = yaml.get_section("security", brain_config) self.assertIsNotNone(services_config) service_config = BrainSecurityAuthenticationConfiguration() service_config.load_config_section(yaml, services_config, ".") self.assertEqual( "programy.security.authenticate.passthrough.PassThroughAuthenticationService", service_config.classname) self.assertEqual("AUTHENTICATION_FAILED", service_config.denied_srai) self.assertEqual( BrainSecurityAuthenticationConfiguration.DEFAULT_ACCESS_DENIED, service_config.denied_text)
def load_config_section(self, configuration_file, configuration, bot_root): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityAuthenticationConfiguration() self._authentication.load_config_section(configuration_file, securities, bot_root) self._authorisation = BrainSecurityAuthorisationConfiguration() self._authorisation.load_config_section(configuration_file, securities, bot_root)
def to_yaml(self, data, defaults=True): self.config_to_yaml(data, BrainSecurityAuthenticationConfiguration(), defaults) self.config_to_yaml(data, BrainSecurityAuthorisationConfiguration(), defaults) self.config_to_yaml(data, BrainSecurityAccountLinkerConfiguration(), defaults)
def test_init(self): service = ClientIdAuthenticationService(BrainSecurityAuthenticationConfiguration()) self.assertIsNotNone(service) self._client_context._userid = "console" self.assertTrue(service.authenticate(self._client_context)) self._client_context._userid = "anyone" self.assertFalse(service.authenticate(self._client_context))
def load_config_section(self, configuration_file, configuration, bot_root): securities = configuration_file.get_section(self.section_name, configuration) if securities is not None: self._authentication = BrainSecurityAuthenticationConfiguration() self._authentication.load_config_section(configuration_file, securities, bot_root) self._authorisation = BrainSecurityAuthorisationConfiguration() self._authorisation.load_config_section(configuration_file, securities, bot_root)
def load_configuration(self, arguments): super(AuthenticateTestClient, self).load_configuration(arguments) self.configuration.client_configuration.configurations[0].configurations[ 0].security._authentication = BrainSecurityAuthenticationConfiguration( "authentication") self.configuration.client_configuration.configurations[0].configurations[ 0].security.authentication._classname = "programytest.aiml_tests.authenticate_tests.test_authenticate_aiml.MockAuthenticationService" self.configuration.client_configuration.configurations[ 0].configurations[ 0].security.authentication._denied_srai = "AUTHENTICATED_FAILED"
def test_authorise_success(self): service = MockClientIdAuthenticationService(BrainSecurityAuthenticationConfiguration()) service.should_authorised = True self.assertTrue("console" in service.authorised) self._client_context._userid = "console" self.assertTrue(service.authenticate(self._client_context)) self.assertFalse("unknown" in service.authorised) self._client_context._userid = "unknown" self.assertTrue(service.authenticate(self._client_context)) self.assertTrue("unknown" in service.authorised)
def test_defaults(self): authenticate_config = BrainSecurityAuthenticationConfiguration() data = {} authenticate_config.to_yaml(data, True) BrainSecurityConfigurationTests.assert_authenticate_defaults( self, data) authorise_config = BrainSecurityAuthorisationConfiguration() data = {} authorise_config.to_yaml(data, True) BrainSecurityConfigurationTests.assert_authorise_defaults(self, data) accountlinker_config = BrainSecurityAccountLinkerConfiguration() data = {} accountlinker_config.to_yaml(data, True) BrainSecurityConfigurationTests.assert_accountlinker_defaults( self, data)
def test_authentication_with_data_neither_denied_srai_or_text(self): yaml = YamlConfigurationFile() self.assertIsNotNone(yaml) yaml.load_from_text(""" brain: security: authentication: classname: programy.security.authenticate.passthrough.PassThroughAuthenticationService """, ConsoleConfiguration(), ".") brain_config = yaml.get_section("brain") self.assertIsNotNone(brain_config) services_config = yaml.get_section("security", brain_config) self.assertIsNotNone(services_config) service_config = BrainSecurityAuthenticationConfiguration() service_config.load_config_section(yaml, services_config, ".") self.assertEqual("programy.security.authenticate.passthrough.PassThroughAuthenticationService", service_config.classname) self.assertEqual(BrainSecurityAuthenticationConfiguration.DEFAULT_ACCESS_DENIED, service_config.denied_text) self.assertEqual(BrainSecurityAuthenticationConfiguration.DEFAULT_ACCESS_DENIED, service_config.denied_text)
def test_fail_load_authorisation_class(self): config = BrainSecuritiesConfiguration() config._authorisation = BrainSecurityAuthorisationConfiguration() config._authentication = BrainSecurityAuthenticationConfiguration() config._account_linker = BrainSecurityAccountLinkerConfiguration() mgr = MockSecurityManager(config, fail_authorise=True) self.assertIsNotNone(mgr) client = TestClient() mgr.load_security_services(client) self.assertIsNone(mgr.authorisation) self.assertIsNotNone(mgr.authentication) self.assertIsNotNone(mgr.account_linker)
def test_service(self): client = TestClient() client_context = ClientContext(client, "unknown") client_context.bot = Bot(BotConfiguration(), client) client_context.bot.configuration.conversations._max_histories = 3 client_context.brain = client_context.bot.brain service = BasicPassThroughAuthenticationService( BrainSecurityAuthenticationConfiguration("authentication")) self.assertIsNotNone(service) self.assertIsNotNone(service.configuration) client_context._userid = "console" self.assertTrue(service.authenticate(client_context)) client_context._userid = "anyone" self.assertTrue(service.authenticate(client_context))
def test_fail_load_account_linking_class_missing(self): config = BrainSecuritiesConfiguration() config._authorisation = BrainSecurityAuthorisationConfiguration() config._authentication = BrainSecurityAuthenticationConfiguration() config._account_linker = BrainSecurityAccountLinkerConfiguration() config._account_linker._classname = None mgr = SecurityManager(config) self.assertIsNotNone(mgr) client = TestClient() mgr.load_security_services(client) self.assertIsNotNone(mgr.authorisation) self.assertIsNotNone(mgr.authentication) self.assertIsNone(mgr.account_linker)
def test_authorise_failure(self): service = MockClientIdAuthenticationService( BrainSecurityAuthenticationConfiguration()) service.should_authorised = False self.assertFalse("unknown" in service.authorised) self.assertFalse(service.authenticate(self._client_context))
def test_authorise_exception(self): service = MockClientIdAuthenticationService( BrainSecurityAuthenticationConfiguration()) service.should_authorised = True service.raise_exception = True self.assertFalse(service.authenticate(self._client_context._userid))