async def test_saslprep(self):
# Use Roman numeral for password, normalized by SASLprep to ASCII "IV",
# see RFC 4013. MongoDB SASL mech normalizes password only, not user.
env.create_user('scramtestdb',
'saslprep-test-user',
u'\u2163',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-256'])
client = self.motor_client(username='******',
password='******',
authsource='scramtestdb')
await client.scramtestdb.collection.insert_one({})
def test_saslprep(self):
# Use Roman numeral for password, normalized by SASLprep to ASCII "IV",
# see RFC 4013. MongoDB SASL mech normalizes password only, not user.
env.create_user('scramtestdb',
'saslprep-test-user',
u'\u2163',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-256'])
client = self.motor_client(username='******',
password='******',
authsource='scramtestdb')
yield client.scramtestdb.collection.insert_one({})
async def test_saslprep(self):
# Use Roman numeral for password, normalized by SASLprep to ASCII "IV",
# see RFC 4013. MongoDB SASL mech normalizes password only, not user.
env.create_user(
"scramtestdb",
"saslprep-test-user",
"\u2163",
roles=["dbOwner"],
mechanisms=["SCRAM-SHA-256"],
)
client = self.motor_client(username="******",
password="******",
authsource="scramtestdb")
await client.scramtestdb.collection.insert_one({})
async def test_scram(self):
env.create_user("scramtestdb",
"sha1",
"pwd",
roles=["dbOwner"],
mechanisms=["SCRAM-SHA-1"])
env.create_user("scramtestdb",
"sha256",
"pwd",
roles=["dbOwner"],
mechanisms=["SCRAM-SHA-256"])
env.create_user(
"scramtestdb",
"both",
"pwd",
roles=["dbOwner"],
mechanisms=["SCRAM-SHA-1", "SCRAM-SHA-256"],
)
for user, mechanism, should_work in [
("sha1", "SCRAM-SHA-1", True),
("sha1", "SCRAM-SHA-256", False),
("sha256", "SCRAM-SHA-256", True),
("sha256", "SCRAM-SHA-1", False),
("both", "SCRAM-SHA-1", True),
("both", "SCRAM-SHA-256", True),
]:
client = self.motor_client(username=user,
password="******",
authsource="scramtestdb",
authmechanism=mechanism)
if should_work:
await client.scramtestdb.collection.insert_one({})
else:
with self.assertRaises(OperationFailure):
await client.scramtestdb.collection.insert_one({})
# No mechanism specified, always works.
for user in ("sha1", "sha256", "both"):
client = self.motor_client(username=user,
password="******",
authsource="scramtestdb")
await client.scramtestdb.collection.insert_one({})
async def test_scram(self):
env.create_user('scramtestdb',
'sha1',
'pwd',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-1'])
env.create_user('scramtestdb',
'sha256',
'pwd',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-256'])
env.create_user('scramtestdb',
'both',
'pwd',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-1', 'SCRAM-SHA-256'])
for user, mechanism, should_work in [('sha1', 'SCRAM-SHA-1', True),
('sha1', 'SCRAM-SHA-256', False),
('sha256', 'SCRAM-SHA-256', True),
('sha256', 'SCRAM-SHA-1', False),
('both', 'SCRAM-SHA-1', True),
('both', 'SCRAM-SHA-256', True)]:
client = self.motor_client(username=user,
password='******',
authsource='scramtestdb',
authmechanism=mechanism)
if should_work:
await client.scramtestdb.collection.insert_one({})
else:
with self.assertRaises(OperationFailure):
await client.scramtestdb.collection.insert_one({})
# No mechanism specified, always works.
for user, mechanism, should_work in [('sha1', None, True),
('sha256', None, False),
('both', None, True)]:
client = self.motor_client(username=user,
password='******',
authsource='scramtestdb')
await client.scramtestdb.collection.insert_one({})
def test_scram(self):
env.create_user('scramtestdb',
'sha1',
'pwd',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-1'])
env.create_user('scramtestdb',
'sha256',
'pwd',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-256'])
env.create_user('scramtestdb',
'both',
'pwd',
roles=['dbOwner'],
mechanisms=['SCRAM-SHA-1', 'SCRAM-SHA-256'])
for user, mechanism, should_work in [('sha1', 'SCRAM-SHA-1', True),
('sha1', 'SCRAM-SHA-256', False),
('sha256', 'SCRAM-SHA-256', True),
('sha256', 'SCRAM-SHA-1', False),
('both', 'SCRAM-SHA-1', True),
('both', 'SCRAM-SHA-256', True)]:
client = self.motor_client(username=user,
password='******',
authsource='scramtestdb',
authmechanism=mechanism)
if should_work:
yield client.scramtestdb.collection.insert_one({})
else:
with self.assertRaises(OperationFailure):
yield client.scramtestdb.collection.insert_one({})
# No mechanism specified, always works.
for user, mechanism, should_work in [('sha1', None, True),
('sha256', None, False),
('both', None, True)]:
client = self.motor_client(username=user,
password='******',
authsource='scramtestdb')
yield client.scramtestdb.collection.insert_one({})