def test_check_active_false(self): auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( bob_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
class Meta: queryset = User.objects.all() authentication = DigestAuthentication() resource_name = 'users_via_digest_auth' filtering = { 'label': ALL, } allowed_methods = ['get']
def test_check_active_false(self): auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META[ 'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( bob_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=bob_doe.api_key.key) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username="******") create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri="/", nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request["WWW-Authenticate"]), password=bob_doe.api_key.key, ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
def test_check_active_false(self): if django.VERSION >= (1, 10): # Authenticating inactive users via ModelUserBackend not supported for Django >= 1.10" return auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( bob_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_whitelisting(self): auth = DigestAuthentication(whitelisted_methods=['a_method']) request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # Calling with a whitelisted method_name without credentials should work self.assertEqual(auth.is_authenticated(request, method_name='a_method'), True) # Calling any other method should require the Api Key self.assertEqual(isinstance(auth.is_authenticated(request, method_name='another_method'), HttpUnauthorized), True) # Correct digest john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( john_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth.is_authenticated(request)['WWW-Authenticate'], password=john_doe.api_key.key ) self.assertEqual(auth.is_authenticated(request, method_name="another_method"), True) self.assertEqual(auth.is_authenticated(request, method_name="a_method"), True)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual( auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode( 'daniel'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode( 'daniel:pass'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META[ 'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=john_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge( auth_request['WWW-Authenticate']), password=john_doe.api_key.key) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual(auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=john_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=john_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username="******") create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request["WWW-Authenticate"].find("Digest"), 0) self.assertEqual(auth_request["WWW-Authenticate"].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request["WWW-Authenticate"].find(" opaque=") > 0, True) self.assertEqual(auth_request["WWW-Authenticate"].find("nonce=") > 0, True) # Wrong basic auth details. request.META["HTTP_AUTHORIZATION"] = "abcdefg" auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel") auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel:pass") auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username="******") request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request( john_doe.username, request.method, "/", # uri 1, # nonce_count digest_challenge=auth_request["WWW-Authenticate"], password=john_doe.api_key.key, ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)