def test6(self): # test a faulty login, re-using challenge creds = MemoryCredentialStore() creds.add("uid", "pwdhash") chals = MemoryChallengeStore() a = Auth(creds, chals) # client asks for challenge c = a.new_challenge() # client calculates response res = hashlib.sha1(c + "pwdhash").hexdigest() # check response v = a.validate(c, "uid", res) self.assertTrue(v) # try to use it again v = a.validate(c, "uid", res) self.assertFalse(v)
def test2(self): # test a faulty login, with unknown user creds = MemoryCredentialStore() chals = MemoryChallengeStore() a = Auth(creds, chals) # client asks for challenge c = a.new_challenge() # client calculates response res = hashlib.sha1(c + "pwdhash").hexdigest() # check response v = a.validate(c, "uid", res) self.assertFalse(v)
def test1(self): # test a proper login creds = MemoryCredentialStore() creds.add("uid", "pwdhash") chals = MemoryChallengeStore() a = Auth(creds, chals) # client asks for challenge c = a.new_challenge() # client calculates response res = hashlib.sha1(c + "pwdhash").hexdigest() # check response v = a.validate(c, "uid", res) self.assertTrue(v)
def test5(self): # test a faulty login, with invalid resopnse creds = MemoryCredentialStore() creds.add("uid", "pwdhash") chals = MemoryChallengeStore() a = Auth(creds, chals) # client asks for challenge c = a.new_challenge() # client calculates response res = hashlib.sha1(c + "pwdhash" + "this is wrong").hexdigest() # check response v = a.validate(c, "uid", res) self.assertFalse(v)
def test3(self): # test a faulty login, with expired challenge creds = MemoryCredentialStore() creds.add("uid", "pwdhash") chals = MemoryChallengeStore() a = Auth(creds, chals, challenge_ttl=1) # client asks for challenge c = a.new_challenge() time.sleep(a.challenge_ttl.seconds) # client calculates response res = hashlib.sha1(c + "pwdhash").hexdigest() # check response v = a.validate(c, "uid", res) self.assertFalse(v)