예제 #1
0
    def test_apikey_and_basic_auth(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')

        # No API Key or HTTP Basic auth details should fail.
        self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True)

        # Basic Auth still returns appropriately.
        self.assertEqual(auth.is_authenticated(request)['WWW-Authenticate'], 'Basic Realm="django-tastypie"')

        # API Key Auth works.
        request = HttpRequest()
        request.GET['username'] = '******'
        request.GET['api_key'] = john_doe.api_key.key
        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'johndoe')


        # Basic Auth works.
        request = HttpRequest()
        john_doe = User.objects.get(username='******')
        john_doe.set_password('pass')
        john_doe.save()
        request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode('johndoe:pass'.encode('utf-8')).decode('utf-8')
        self.assertEqual(auth.is_authenticated(request), True)
예제 #2
0
    def test_apikey_and_basic_auth(self):
        auth = MultiAuthentication(BasicAuthentication(),
                                   ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')

        # No API Key or HTTP Basic auth details should fail.
        self.assertEqual(
            isinstance(auth.is_authenticated(request), HttpUnauthorized), True)

        # Basic Auth still returns appropriately.
        self.assertEqual(
            auth.is_authenticated(request)['WWW-Authenticate'],
            'Basic Realm="django-tastypie"')

        # API Key Auth works.
        request = HttpRequest()
        request.GET['username'] = '******'
        request.GET['api_key'] = john_doe.api_key.key
        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'johndoe')

        # Basic Auth works.
        request = HttpRequest()
        john_doe = User.objects.get(username='******')
        john_doe.set_password('pass')
        john_doe.save()
        request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode(
            'johndoe:pass'.encode('utf-8')).decode('utf-8')
        self.assertEqual(auth.is_authenticated(request), True)
예제 #3
0
    def test_multiauth_apikey_and_basic_auth__api_key_works_in_header(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')

        request.META['HTTP_AUTHORIZATION'] = 'ApiKey %s:%s' % (john_doe.username, john_doe.api_key.key,)

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #4
0
    def test_multiauth_apikey_and_basic_auth__api_key_works_in_header(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')

        request.META['HTTP_AUTHORIZATION'] = 'ApiKey %s:%s' % (john_doe.username, john_doe.api_key.key,)

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #5
0
    def test_multiauth_apikey_and_basic_auth__api_key_works_in_query(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')

        request.GET['username'] = john_doe.username
        request.GET['api_key'] = john_doe.api_key.key

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #6
0
    def test_multiauth_apikey_and_basic_auth__api_key_works_in_query(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')

        request.GET['username'] = john_doe.username
        request.GET['api_key'] = john_doe.api_key.key

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #7
0
    def test_multiauth_apikey_and_basic_auth__basic_auth_works(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')
        john_doe.set_password('pass')
        john_doe.save()

        request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode('johndoe:pass'.encode('utf-8')).decode('utf-8')

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
    def test_multiauth_apikey_and_basic_auth__api_key_works_in_header__space_in_username(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username="******")
        john_doe.username = "******"
        john_doe.save()

        request.META["HTTP_AUTHORIZATION"] = "ApiKey %s:%s" % (john_doe.username, john_doe.api_key.key)

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #9
0
    def test_multiauth_apikey_and_basic_auth__basic_auth_works(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username='******')
        john_doe.set_password('pass')
        john_doe.save()

        request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % base64.b64encode('johndoe:pass'.encode('utf-8')).decode('utf-8')

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #10
0
    def test_apikey_and_authentication(self):
        auth = MultiAuthentication(ApiKeyAuthentication(), Authentication())
        request = HttpRequest()

        john_doe = User.objects.get(username='******')

        # No username/api_key details should pass.
        self.assertEqual(auth.is_authenticated(request), True)

        # The identifier should be the basic auth stock.
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        # Wrong username details.
        request = HttpRequest()
        request.GET['username'] = '******'

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        # No api_key.
        request = HttpRequest()
        request.GET['username'] = '******'

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        # Wrong user/api_key.
        request = HttpRequest()
        request.GET['username'] = '******'
        request.GET['api_key'] = 'foo'

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        request = HttpRequest()
        request.GET['username'] = '******'
        request.GET['api_key'] = john_doe.api_key.key

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #11
0
    def test_apikey_and_authentication(self):
        auth = MultiAuthentication(ApiKeyAuthentication(), Authentication())
        request = HttpRequest()

        john_doe = User.objects.get(username='******')

        # No username/api_key details should pass.
        self.assertEqual(auth.is_authenticated(request), True)

        # The identifier should be the basic auth stock.
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        # Wrong username details.
        request = HttpRequest()
        request.GET['username'] = '******'

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        # No api_key.
        request = HttpRequest()
        request.GET['username'] = '******'

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        # Wrong user/api_key.
        request = HttpRequest()
        request.GET['username'] = '******'
        request.GET['api_key'] = 'foo'

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), 'noaddr_nohost')

        request = HttpRequest()
        request.GET['username'] = '******'
        request.GET['api_key'] = john_doe.api_key.key

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #12
0
    def test_apikey_and_authentication(self):
        auth = MultiAuthentication(ApiKeyAuthentication(), Authentication())
        request = HttpRequest()

        john_doe = User.objects.get(username="******")

        # No username/api_key details should pass.
        self.assertEqual(auth.is_authenticated(request), True)

        # The identifier should be the basic auth stock.
        self.assertEqual(auth.get_identifier(request), "noaddr_nohost")

        # Wrong username details.
        request = HttpRequest()
        request.GET["username"] = "******"

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), "noaddr_nohost")

        # No api_key.
        request = HttpRequest()
        request.GET["username"] = "******"

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), "noaddr_nohost")

        # Wrong user/api_key.
        request = HttpRequest()
        request.GET["username"] = "******"
        request.GET["api_key"] = "foo"

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), "noaddr_nohost")

        request = HttpRequest()
        request.GET["username"] = "******"
        request.GET["api_key"] = john_doe.api_key.key

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)
예제 #13
0
    def test_multiauth_apikey_and_basic_auth__basic_auth_works(self):
        auth = MultiAuthentication(BasicAuthentication(), ApiKeyAuthentication())
        request = HttpRequest()
        john_doe = User.objects.get(username="******")
        john_doe.set_password("pass")
        john_doe.save()

        request.META["HTTP_AUTHORIZATION"] = "Basic %s" % base64.b64encode("johndoe:pass".encode("utf-8")).decode(
            "utf-8"
        )

        self.assertEqual(auth.is_authenticated(request), True)
        self.assertEqual(auth.get_identifier(request), john_doe.username)