def test_negative_auth_post_saml_invalid_saml(self): """ Check exception raised while posting saml with invalid saml, and verify the exception contains correct error messages. """ # get auth first head, content = utils.auth_get_auth() # get cookie cookie = head['set-cookie'] logging.info("The retrieved cookie from Auth server is '%s'" % str(cookie)) header = utils.headers header['cookie'] = cookie logging.debug("The requested headers are '%s'" % str(header)) http = httplib2.Http() # construct invalid responses invalid_saml = [utils.random_str()] for isa in invalid_saml: logging.info("The invalid saml to be tested is '%s'" % str(isa)) url = 'http://' + utils.auth_server + '/' + utils.auth_partner + '/saml' logging.info("The requested url is '%s'" % url) saml = {'SAMLResponse': isa} h, c = http.request(url, 'POST', headers = header, body = urlencode(saml)) # assert response head status is 400 self.assertEqual(int(h['status']), 400) # assert error msg is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception("InvalidSAML", "AuthPostSamlGrantExceptions"), self)
def test_negative_get_auth_horizon_partner_not_exist(self): """ Check exception raised while getting auth for not existent partner, and verify the exception contains correct error messages. """ nosub = utils.random_str() logging.info("The not existent subdomain to be tested is '%s'" % nosub) with self.assertRaises(rest.RequestFailed) as e: self.res.get('/auth/config/' + (nosub), headers=utils.headers) self.assertEqual(self.res.response.status, 400) # verify the exception is expected utils.verify_rest_requetfailed_exception(e,utils.get_exception('UnknownSubdomain', 'GetAuthExceptions'), self)
def test_negative_delete_tokens_parameter_missing(self): """ Check exception raised while deleting tokens without giving parameter, and verify the exception contains correct error messages. """ malpayloads = [''] for mp in malpayloads: logging.info("The malpayload acting unauthorized client is '%s'" % mp) with self.assertRaises(rest.RequestFailed) as e: self.res.delete('/tokens/'+mp, headers=utils.headers) self.assertEqual(self.res.response.status, 400) # verify the retrieved exception is expected utils.verify_rest_requetfailed_exception(e, utils.get_exception('ParameterMissing', 'DeleteTokensExceptions'), self)
def test_negative_get_tokens_invalid_token(self): """ Check exception raised while getting tokens information with invalid tokens, and verify the exception contains correct error messages. """ malpayloads = [utils.random_str()] for mp in malpayloads: logging.info("The malpayload acting unauthorized client is '%s'" % mp) with self.assertRaises(Exception) as e: self.res.get('/tokens/'+mp, headers=utils.headers) self.assertEqual(self.res.response.status, 404) # verify the retrieved exception is expected utils.verify_rest_requetfailed_exception(e, utils.get_exception('InvalidToken', 'GetTokensExceptions'), self)
def test_negative_auth_get_auth_missing_URI(self): """ Check exception raised while getting auth for missing uri, and verify the exception contains correct error messages. """ http = httplib2.Http() # construct invalid client id url = 'http://' + utils.auth_server + '/' + utils.auth_partner + '/authorize?' + 'response_type=token' + '&client_id=' + utils.auth_client_id_no_uri logging.info("The requested url is '%s'" % url) h,c = http.request(url, 'GET', headers = utils.headers) logging.debug("The retrieved header is '%s'" % str(h)) logging.debug("The retrieved content is '%s'" % str(c)) # assert it's a bad request self.assertEqual(int(h['status']), 400) # assert the exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception('MissingURI', 'AuthGetAuthExceptions'), self)
def test_negative_auth_get_auth_invalid_response_type(self): """ Check exception raised while getting auth for invalid respone type other than 'token', and verify the exception contains correct error messages. """ http = httplib2.Http() # construct invalid responses invalid_response = ['', utils.random_str()] for ir in invalid_response: logging.info("The invalid response type to be tested is '%s'" % str(ir)) url = 'http://' + utils.auth_server + '/' + utils.auth_partner + '/authorize?' + 'response_type=' + ir + '&client_id=' + utils.auth_client_id logging.info("The requested url is '%s'" % url) h,c = http.request(url, 'GET', headers = utils.headers) # assert it's a bad request self.assertEqual(int(h['status']), 400) # assert the exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception('UnknownResponseType', 'AuthGetAuthExceptions'), self, ir)
def test_negative_auth_get_auth_empty_partner(self): """ Check exception raised while getting auth with empty partner, and verify the exception contains correct error messages. """ http = httplib2.Http() # construct invalid invalid partner invalid_partners= [' '] for ip in invalid_partners: logging.info("The invalid partner to be tested is '%s'" % str(ip)) url = urllib.quote('http://' + utils.auth_server + '/' + ip + '/authorize?' + 'response_type=token' + '&client_id=' + utils.auth_client_id, ':/&=') logging.info("The requested url is '%s'" % url) h,c = http.request(url, 'GET', headers = utils.headers) logging.debug("The retrieved header is '%s'" % str(h)) logging.debug("The retrieved content is '%s'" % str(c)) # assert it's a bad request self.assertEqual(int(h['status']), 500) # assert the exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception('EmptySubdomain', 'AuthGetAuthExceptions'), self)
def test_negative_auth_get_auth_invalid_URI(self): """ Check exception raised while getting auth for uri, and verify the exception contains correct error messages. """ http = httplib2.Http() # construct invalid client id invalid_request = [utils.random_str()] for ir in invalid_request: logging.info("The invalid uri to be tested is '%s'" % str(ir)) url = urllib.quote('http://' + utils.auth_server + '/' + utils.auth_partner + '/authorize?' + 'response_type=token' + '&client_id=' + utils.auth_client_id + '&redirect_uri=' + ir, ':/&=?') logging.info("The requested url is '%s'" % url) h,c = http.request(url, 'GET', headers = utils.headers) logging.debug("The retrieved header is '%s'" % str(h)) logging.debug("The retrieved content is '%s'" % str(c)) # assert it's a bad request self.assertEqual(int(h['status']), 400) # assert the exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception('UnmatchedURI', 'AuthGetAuthExceptions'), self)
def test_negative_auth_get_config_invalid_client(self): """ Check exception raised while getting auth for invalid client, and verify the exception contains correct error messages. """ # get config headers = utils.headers # compose basic auth invalid_auth = ["Basic %s" % base64.encodestring('%s:%s' % (utils.auth_client_id, utils.random_str()))[:-1], "Basic %s" % base64.encodestring('%s:%s' % (utils.random_str(), utils.auth_client_secret))[:-1], "", " "] for ia in invalid_auth: headers['Authorization'] = ia logging.debug("The requested url is '%s'" % str(self.url)) logging.info("The invalid authentication head is '%s'" % ia) h, c = self.http.request(self.url, 'GET', headers = utils.headers) logging.debug("The response head is '%s'" % str(h)) logging.debug("The response body is '%s'" % str(c)) # assert status code is '400' self.assertEqual(int(h['status']), 400) # verify exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception("UnknownClient", "AuthGetConfigExceptions"), self)
def test_negative_auth_post_token_empty_SAML(self): """ Check exception raised while posting token with empty SAML, and verify the exception contains correct error messages. """ headers = utils.headers # compose basic auth headers['Authorization'] = "Basic %s" % base64.encodestring('%s:%s' % (utils.auth_client_id, utils.auth_client_secret))[:-1] logging.debug("The requested header is '%s'" % str(headers)) # construct invalid responses invalid_SAML= [' ', ''] for ism in invalid_SAML: logging.info("The invalid SAML to be tested is '%s'" % str(ism)) logging.info("The requested url is '%s'" % self.url) # post token body = {'grant_type': 'http://oauth.net/grant_type/assertion/saml/2.0/bearer', 'assertion': ism} h, c = self.http.request(self.url, 'POST', headers = headers, body = urllib.urlencode(body)) # assert response head status is 400 self.assertEqual(int(h['status']), 400) # assert error msg is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception("EmptySAML", "AuthPostTokenExceptions"), self)
def test_negative_auth_post_token_invalid_grant_type(self): """ Check exception raised while posting token with invalid grant_type, and verify the exception contains correct error messages. """ headers = utils.headers # compose basic auth headers['Authorization'] = "Basic %s" % base64.encodestring('%s:%s' % (utils.auth_client_id, utils.auth_client_secret))[:-1] logging.debug("The requested header is '%s'" % str(headers)) # construct invalid responses invalid_grant_type= [utils.random_str(), ' ', ''] for ig in invalid_grant_type: logging.info("The invalid grant_type to be tested is '%s'" % str(ig)) logging.info("The requested url is '%s'" % self.url) # post token body = {'grant_type': ig, 'assertion': utils.SAMLResponse} h, c = self.http.request(self.url, 'POST', headers = headers, body = urllib.urlencode(body)) # assert response head status is 400 self.assertEqual(int(h['status']), 400) # assert error msg is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception("UnsupportedGrantType", "AuthPostTokenExceptions"), self)
def test_negative_auth_get_config_empty_partner(self): """ Check exception raised while getting auth for empty partner, and verify the exception contains correct error messages. """ # get config headers = utils.headers # compose basic auth headers['Authorization'] = "Basic %s" % base64.encodestring('%s:%s' % (utils.auth_client_id, utils.auth_client_secret))[:-1] invalid_partners = [' '] for ip in invalid_partners: logging.info("The invalid partner is '%s'" % ip) url = urllib.quote('http://' + utils.auth_server + '/' + ip + '/config', ':/&=') logging.debug("The requested url is '%s'" % str(url)) h, c = self.http.request(url, 'GET', headers = utils.headers) logging.debug("The response head is '%s'" % str(h)) logging.debug("The response body is '%s'" % str(c)) # assert status code is '500' self.assertEqual(int(h['status']), 500) # verify exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception("EmptySubdomain", "AuthGetConfigExceptions"), self)
def test_negative_auth_post_token_empty_partner(self): """ Check exception raised while getting auth for empty partner, and verify the exception contains correct error messages. """ # get config headers = utils.headers # compose basic auth headers['Authorization'] = "Basic %s" % base64.encodestring('%s:%s' % (utils.auth_client_id, utils.auth_client_secret))[:-1] body = {'grant_type': 'http://oauth.net/grant_type/assertion/saml/2.0/bearer', 'assertion': utils.SAMLResponse} invalid_partners = [' '] for ip in invalid_partners: logging.info("The invalid partner is '%s'" % ip) url = urllib.quote('http://' + utils.auth_server + '/' + ip + '/token', ':/&=') logging.debug("The requested url is '%s'" % str(url)) h, c = self.http.request(url, 'POST', headers = utils.headers, body = urllib.urlencode(body)) logging.debug("The response head is '%s'" % str(h)) logging.debug("The response body is '%s'" % str(c)) # assert status code is '400' self.assertEqual(int(h['status']), 400) # verify exception content is correct utils.verify_rest_requetfailed_exception(c, utils.get_exception("InvalidSubdomain", "AuthPostTokenExceptions"), self)