def test_incorrect_headers(self):
HOST = "example.com"
METHOD = "POST"
PATH = '/foo?param=value&pet=dog'
hs = HeaderSigner(secret=self.sign_secret,
key_id="Test",
algorithm=self.algorithm,
headers=[
'(request-target)',
'host',
'date',
'content-type',
'content-md5',
'content-length'])
unsigned = {
'Host': HOST,
'Date': 'Thu, 05 Jan 2012 21:31:40 GMT',
'Content-Type': 'application/json',
'Content-MD5': 'Sd/dVLAcvNLSq16eXua5uQ==',
'Content-Length': '18',
}
signed = hs.sign(unsigned, method=METHOD, path=PATH)
hv = HeaderVerifier(headers=signed, secret=self.verify_secret, required_headers=["some-other-header"], host=HOST, method=METHOD, path=PATH)
with self.assertRaises(Exception) as ex:
hv.verify()
def test_incorrect_headers(self):
HOST = "example.com"
METHOD = "POST"
PATH = '/foo?param=value&pet=dog'
hs = HeaderSigner(secret=self.sign_secret,
key_id="Test",
algorithm=self.algorithm,
headers=[
'(request-target)', 'host', 'date',
'content-type', 'content-md5', 'content-length'
])
unsigned = {
'Host': HOST,
'Date': 'Thu, 05 Jan 2012 21:31:40 GMT',
'Content-Type': 'application/json',
'Content-MD5': 'Sd/dVLAcvNLSq16eXua5uQ==',
'Content-Length': '18',
}
signed = hs.sign(unsigned, method=METHOD, path=PATH)
hv = HeaderVerifier(headers=signed,
secret=self.verify_secret,
required_headers=["some-other-header"],
host=HOST,
method=METHOD,
path=PATH)
with self.assertRaises(Exception) as ex:
hv.verify()
def test_extra_auth_headers(self):
HOST = "example.com"
METHOD = "POST"
PATH = '/foo?param=value&pet=dog'
hs = HeaderSigner(key_id="Test",
secret=self.sign_secret,
algorithm=self.algorithm,
headers=[
'(request-target)', 'host', 'date',
'content-type', 'content-md5', 'content-length'
])
unsigned = {
'Host': HOST,
'Date': 'Thu, 05 Jan 2012 21:31:40 GMT',
'Content-Type': 'application/json',
'Content-MD5': 'Sd/dVLAcvNLSq16eXua5uQ==',
'Content-Length': '18',
}
signed = hs.sign(unsigned, method=METHOD, path=PATH)
hv = HeaderVerifier(headers=signed,
secret=self.verify_secret,
method=METHOD,
path=PATH,
required_headers=['date', '(request-target)'])
self.assertTrue(hv.verify())
def test_default(self):
unsigned = {
'Date': 'Thu, 05 Jan 2012 21:31:40 GMT'
}
hs = HeaderSigner(key_id="Test", secret=self.sign_secret, algorithm=self.algorithm)
signed = hs.sign(unsigned)
hv = HeaderVerifier(headers=signed, secret=self.verify_secret)
self.assertTrue(hv.verify())
def test_default(self):
unsigned = {'Date': 'Thu, 05 Jan 2012 21:31:40 GMT'}
hs = HeaderSigner(key_id="Test",
secret=self.sign_secret,
algorithm=self.algorithm)
signed = hs.sign(unsigned)
hv = HeaderVerifier(headers=signed, secret=self.verify_secret)
self.assertTrue(hv.verify())
def test_extra_auth_headers(self):
HOST = "example.com"
METHOD = "POST"
PATH = '/foo?param=value&pet=dog'
hs = HeaderSigner(key_id="Test", secret=self.sign_secret, algorithm=self.algorithm, headers=[
'(request-target)',
'host',
'date',
'content-type',
'content-md5',
'content-length'
])
unsigned = {
'Host': HOST,
'Date': 'Thu, 05 Jan 2012 21:31:40 GMT',
'Content-Type': 'application/json',
'Content-MD5': 'Sd/dVLAcvNLSq16eXua5uQ==',
'Content-Length': '18',
}
signed = hs.sign(unsigned, method=METHOD, path=PATH)
hv = HeaderVerifier(headers=signed, secret=self.verify_secret, method=METHOD, path=PATH, required_headers=['date', '(request-target)'])
self.assertTrue(hv.verify())