def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual( auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode( 'daniel'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode( 'daniel:pass'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META[ 'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=john_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge( auth_request['WWW-Authenticate']), password=john_doe.api_key.key) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_check_active_false(self): auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username="******") create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri="/", nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request["WWW-Authenticate"]), password=bob_doe.api_key.key, ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual(auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=john_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=john_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)