def test_with_wrong_secret(self): key = "unittest_key" secret = "unittest_secret" server_name = "testserver" path_info = "/api/v1/ping/" url = "http://%s%s" % (server_name, path_info) method = "GET" consumer = oauth2.Consumer(key, secret) oauth_request = oauth2.Request.from_consumer_and_token( consumer, http_method=method, http_url=url) oauth_request.sign_request(oauth2.SignatureMethod_HMAC_SHA1(), consumer, None) headers = oauth_request.to_header() # Create the request req = self.request_factory.request( REQUEST_METHOD=method, SERVER_NAME=server_name, PATH_INFO=path_info) # Add OAuth parameters req.META['HTTP_AUTHORIZATION'] = headers['Authorization'] two_leg_oauth = TwoLeggedOAuthAuthentication(key=key, secret="WRONG_SECRET") self.assertFalse(two_leg_oauth.is_authenticated(request=req))
def test_with_no_auth_headers(self): req = self.request_factory.request() two_leg_oauth = TwoLeggedOAuthAuthentication(key="keyvalue", secret="secertvalue") self.assertFalse(two_leg_oauth.is_authenticated(request=req))