def test_check_active_false(self):
auth = DigestAuthentication(require_active=False)
request = HttpRequest()
bob_doe = User.objects.get(username='******')
create_api_key(User, instance=bob_doe, created=True)
auth_request = auth.is_authenticated(request)
request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
username=bob_doe.username,
method=request.method,
uri='/',
nonce_count=1,
digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']),
password=bob_doe.api_key.key
)
auth_request = auth.is_authenticated(request)
self.assertTrue(auth_request, True)
def test_check_active_true(self):
auth = DigestAuthentication()
request = HttpRequest()
bob_doe = User.objects.get(username='******')
create_api_key(User, instance=bob_doe, created=True)
auth_request = auth.is_authenticated(request)
request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
bob_doe.username,
request.method,
'/', # uri
1, # nonce_count
digest_challenge=auth_request['WWW-Authenticate'],
password=bob_doe.api_key.key
)
auth_request = auth.is_authenticated(request)
self.assertFalse(auth_request)
class Meta:
queryset = User.objects.all()
authentication = DigestAuthentication()
resource_name = 'users_via_digest_auth'
filtering = {
'label': ALL,
}
allowed_methods = ['get']
def test_check_active_false(self):
auth = DigestAuthentication(require_active=False)
request = HttpRequest()
bob_doe = User.objects.get(username='******')
create_api_key(User, instance=bob_doe, created=True)
auth_request = auth.is_authenticated(request)
request.META[
'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
bob_doe.username,
request.method,
'/', # uri
1, # nonce_count
digest_challenge=auth_request['WWW-Authenticate'],
password=bob_doe.api_key.key)
auth_request = auth.is_authenticated(request)
self.assertTrue(auth_request, True)
def test_check_active_true(self):
auth = DigestAuthentication()
request = HttpRequest()
bob_doe = User.objects.get(username="******")
create_api_key(User, instance=bob_doe, created=True)
auth_request = auth.is_authenticated(request)
request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request(
username=bob_doe.username,
method=request.method,
uri="/",
nonce_count=1,
digest_challenge=python_digest.parse_digest_challenge(auth_request["WWW-Authenticate"]),
password=bob_doe.api_key.key,
)
auth_request = auth.is_authenticated(request)
self.assertFalse(auth_request)
def test_check_active_true(self):
auth = DigestAuthentication()
request = HttpRequest()
bob_doe = User.objects.get(username='******')
create_api_key(User, instance=bob_doe, created=True)
auth_request = auth.is_authenticated(request)
request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
username=bob_doe.username,
method=request.method,
uri='/',
nonce_count=1,
digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']),
password=bob_doe.api_key.key
)
auth_request = auth.is_authenticated(request)
self.assertFalse(auth_request)
def test_check_active_false(self):
if django.VERSION >= (1, 10):
# Authenticating inactive users via ModelUserBackend not supported for Django >= 1.10"
return
auth = DigestAuthentication(require_active=False)
request = HttpRequest()
bob_doe = User.objects.get(username='******')
create_api_key(User, instance=bob_doe, created=True)
auth_request = auth.is_authenticated(request)
request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
bob_doe.username,
request.method,
'/', # uri
1, # nonce_count
digest_challenge=auth_request['WWW-Authenticate'],
password=bob_doe.api_key.key
)
auth_request = auth.is_authenticated(request)
self.assertTrue(auth_request, True)
def test_whitelisting(self):
auth = DigestAuthentication(whitelisted_methods=['a_method'])
request = HttpRequest()
# Simulate sending the signal.
john_doe = User.objects.get(username='******')
create_api_key(User, instance=john_doe, created=True)
# Calling with a whitelisted method_name without credentials should work
self.assertEqual(auth.is_authenticated(request, method_name='a_method'), True)
# Calling any other method should require the Api Key
self.assertEqual(isinstance(auth.is_authenticated(request, method_name='another_method'), HttpUnauthorized), True)
# Correct digest
john_doe = User.objects.get(username='******')
request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
john_doe.username,
request.method,
'/', # uri
1, # nonce_count
digest_challenge=auth.is_authenticated(request)['WWW-Authenticate'],
password=john_doe.api_key.key
)
self.assertEqual(auth.is_authenticated(request, method_name="another_method"), True)
self.assertEqual(auth.is_authenticated(request, method_name="a_method"), True)
def test_is_authenticated(self):
auth = DigestAuthentication()
request = HttpRequest()
# Simulate sending the signal.
john_doe = User.objects.get(username='******')
create_api_key(User, instance=john_doe, created=True)
# No HTTP Basic auth details should fail.
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# HttpUnauthorized with auth type and realm
self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0)
self.assertEqual(
auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') >
0, True)
self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0,
True)
self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0,
True)
# Wrong basic auth details.
request.META['HTTP_AUTHORIZATION'] = 'abcdefg'
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# No password.
request.META['HTTP_AUTHORIZATION'] = base64.b64encode(
'daniel'.encode('utf-8')).decode('utf-8')
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# Wrong user/password.
request.META['HTTP_AUTHORIZATION'] = base64.b64encode(
'daniel:pass'.encode('utf-8')).decode('utf-8')
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# Correct user/password.
john_doe = User.objects.get(username='******')
request.META[
'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
username=john_doe.username,
method=request.method,
uri='/',
nonce_count=1,
digest_challenge=python_digest.parse_digest_challenge(
auth_request['WWW-Authenticate']),
password=john_doe.api_key.key)
auth_request = auth.is_authenticated(request)
self.assertEqual(auth_request, True)
def test_is_authenticated(self):
auth = DigestAuthentication()
request = HttpRequest()
# Simulate sending the signal.
john_doe = User.objects.get(username='******')
create_api_key(User, instance=john_doe, created=True)
# No HTTP Basic auth details should fail.
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# HttpUnauthorized with auth type and realm
self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0)
self.assertEqual(auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True)
self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True)
self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True)
# Wrong basic auth details.
request.META['HTTP_AUTHORIZATION'] = 'abcdefg'
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# No password.
request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel'.encode('utf-8')).decode('utf-8')
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# Wrong user/password.
request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass'.encode('utf-8')).decode('utf-8')
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# Correct user/password.
john_doe = User.objects.get(username='******')
request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request(
username=john_doe.username,
method=request.method,
uri='/',
nonce_count=1,
digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']),
password=john_doe.api_key.key
)
auth_request = auth.is_authenticated(request)
self.assertEqual(auth_request, True)
def test_is_authenticated(self):
auth = DigestAuthentication()
request = HttpRequest()
# Simulate sending the signal.
john_doe = User.objects.get(username="******")
create_api_key(User, instance=john_doe, created=True)
# No HTTP Basic auth details should fail.
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# HttpUnauthorized with auth type and realm
self.assertEqual(auth_request["WWW-Authenticate"].find("Digest"), 0)
self.assertEqual(auth_request["WWW-Authenticate"].find(' realm="django-tastypie"') > 0, True)
self.assertEqual(auth_request["WWW-Authenticate"].find(" opaque=") > 0, True)
self.assertEqual(auth_request["WWW-Authenticate"].find("nonce=") > 0, True)
# Wrong basic auth details.
request.META["HTTP_AUTHORIZATION"] = "abcdefg"
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# No password.
request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel")
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# Wrong user/password.
request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel:pass")
auth_request = auth.is_authenticated(request)
self.assertEqual(isinstance(auth_request, HttpUnauthorized), True)
# Correct user/password.
john_doe = User.objects.get(username="******")
request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request(
john_doe.username,
request.method,
"/", # uri
1, # nonce_count
digest_challenge=auth_request["WWW-Authenticate"],
password=john_doe.api_key.key,
)
auth_request = auth.is_authenticated(request)
self.assertEqual(auth_request, True)
