예제 #1
0
 def setUp(self):
     from weblayer.cookie import SignedSecureCookieWrapper
     self.request = Mock()
     self.response = Mock()
     self.settings = {'cookie_secret': ''}
     self.cookie_wrapper = SignedSecureCookieWrapper(
         self.request, self.response, self.settings)
예제 #2
0
class TestDeleteCookie(unittest.TestCase):
    """ Test the logic of deleting a cookie.
    """
    def setUp(self):
        from weblayer.cookie import SignedSecureCookieWrapper
        self.request = Mock()
        self.response = Mock()
        self.settings = {'cookie_secret': ''}
        self.cookie_wrapper = SignedSecureCookieWrapper(
            self.request, self.response, self.settings)

    def test_delete(self):
        """ Calls `self.context.response.set_cookie` with
          `expires=datetime.timedelta(days=-5)`.
        """

        self.cookie_wrapper.delete('name')
        args = self.response.set_cookie.call_args[0]
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(args[0] == 'name')
        self.assertTrue(kwargs['expires'] == timedelta(days=-5))

    def test_delete_defaults(self):
        """ `path` defaults to '/' and domain defaults to `None`.
        """

        self.cookie_wrapper.delete('name')
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['path'] == '/')
        self.assertTrue(kwargs['domain'] is None)

        self.cookie_wrapper.delete('name', path='/foo', domain='bar')
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['path'] == '/foo')
        self.assertTrue(kwargs['domain'] == 'bar')
예제 #3
0
class TestSetCookie(unittest.TestCase):
    """ Test the logic of setting a secure cookie.
    """
    def setUp(self):
        from weblayer.cookie import SignedSecureCookieWrapper
        self.request = Mock()
        self.response = Mock()
        self.settings = {'cookie_secret': ''}
        self.cookie_wrapper = SignedSecureCookieWrapper(
            self.request, self.response, self.settings)

    def test_name(self):
        """ Setting the cookie calls `self.context.response.set_cookie`
          with the 'name' as the first argument.
        """

        self.cookie_wrapper.set('name', 'value')
        args = self.response.set_cookie.call_args[0]
        self.assertTrue(args[0] == 'name')

    def test_name_is_basestring(self):
        """ The cookie name must be a basestring.
        """

        errs = (ValueError, TypeError)
        self.assertRaises(errs, self.cookie_wrapper.set, 0, 'value')

    def test_value(self):
        """ Setting the cookie runs the value through 
          `base64.b64encode` and puts into a '|' delimited string 
          with timestamp and hmac signature.
        """

        self.cookie_wrapper.set('name', 'value', timestamp='1')
        kwargs = self.response.set_cookie.call_args[1]
        value = 'dmFsdWU=|1|7bcc09ebef2f6c967201709ed3cbeac3e4cb2872'
        self.assertTrue(kwargs['value'] == value)

    def test_value_is_basestring(self):
        """ The cookie value must be a basestring.
        """

        errs = (ValueError, TypeError)
        self.assertRaises(errs, self.cookie_wrapper.set, 'name', 0)

    def test_expires_days(self):
        """ `expires_days` gets converted from days into seconds 
          and passed through as the `max_age`.
        """

        self.cookie_wrapper.set('name', 'value', expires_days=5)
        kwargs = self.response.set_cookie.call_args[1]
        five_days_as_seconds = 5 * 24 * 60 * 60
        self.assertTrue(kwargs['max_age'] == five_days_as_seconds)

    def test_expires_days_is_none(self):
        """ If the `expires_days` keyword argument is `None`,
          `max_age` is `None`.
        """

        self.cookie_wrapper.set('name', 'value', expires_days=None)
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['max_age'] == None)

    def test_expires_days_is_int(self):
        """ If the `expires_days` keyword argument isn't `None` it
          must be an `int`.
        """

        self.cookie_wrapper.set('name', 'value', expires_days=None)
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['max_age'] == None)
        self.assertRaises(TypeError,
                          self.cookie_wrapper.set,
                          'name',
                          'value',
                          expires_days='30')

    def test_kwargs(self):
        """ Other kwargs are passed through to 
          `self.context.response.set_cookie`,
        """

        self.cookie_wrapper.set('name', 'value', foo='bar')
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['foo'] == 'bar')
예제 #4
0
class TestGetCookie(unittest.TestCase):
    """ Test the logic of getting a secure cookie.
    """
    def setUp(self):
        from weblayer.cookie import SignedSecureCookieWrapper
        self.request = Mock()
        self.response = Mock()
        self.settings = {'cookie_secret': ''}
        self.cookie_wrapper = SignedSecureCookieWrapper(
            self.request, self.response, self.settings)

    def test_get_name(self):
        """ Calling `get('name')` tries to get the value from
          `self.context.request.cookies`.
        """

        self.request.cookies.get.return_value = None
        self.cookie_wrapper.get('name')
        self.request.cookies.get.assert_called_with('name', None)

    def test_not_present(self):
        """ If the cookie doesn't exist, returns `None`.
        """

        self.request.cookies.get.return_value = None
        self.assertTrue(self.cookie_wrapper.get('name') is None)

    def test_split_value(self):
        """ If the cookie value doesn't split into three parts,
          delimited by '|' returns `None`.
        """

        value = Mock()
        value.__len__ = Mock()
        value.split.return_value = ['a', 'b']
        result = self.cookie_wrapper.get('name', value=value)
        value.split.assert_called_with("|")
        self.assertTrue(result is None)

    def test_timestamp_expired(self):
        """ If the timestamp is more than 31 days old, returns `None`.
        """

        from weblayer.cookie import _generate_cookie_signature

        t = time.time()
        too_old = str(int(t - 32 * 24 * 60 * 60))

        cs = self.settings['cookie_secret']
        sig = _generate_cookie_signature(cs, 'name', 'dmFsdWU=', too_old)
        value = 'dmFsdWU=|%s|%s' % (too_old, sig)

        result = self.cookie_wrapper.get('name', value=value)
        self.assertTrue(result is None)

    def test_signature_doesnt_match(self):
        """ If the signature doesn't match, returns `None`.
        """

        t = time.time()
        ts = str(int(t))

        value = 'dmFsdWU=|%s|%s' % (ts, 'not the right sig')

        result = self.cookie_wrapper.get('name', value=value)
        self.assertTrue(result is None)

    def test_value_is_base64_decodable(self):
        """ If the signature matches, the value comes back
          run through `base64.b64decode`.  If it can't be
          decoded, it raises a TypeError.
        """

        from weblayer.cookie import _generate_cookie_signature

        t = time.time()
        ts = str(int(t))

        cs = self.settings['cookie_secret']
        sig = _generate_cookie_signature(cs, 'name', 'a', ts)
        value = 'a|%s|%s' % (ts, sig)

        result = self.cookie_wrapper.get('name', value=value)
        self.assertTrue(result is None)

    def test_get_value(self):
        """ If the signature matches, the value comes back
          run through `base64.b64decode`.
        """

        from weblayer.cookie import _generate_cookie_signature

        t = time.time()
        ts = str(int(t))

        cs = self.settings['cookie_secret']
        sig = _generate_cookie_signature(cs, 'name', 'dmFsdWU=', ts)
        value = 'dmFsdWU=|%s|%s' % (ts, sig)

        result = self.cookie_wrapper.get('name', value=value)
        self.assertTrue(result == 'value')

    def test_delete(self):
        """ Calls `self.context.response.set_cookie` with
          `expires=datetime.timedelta(days=-5)`.
        """

        self.cookie_wrapper.delete('name')
        args = self.response.set_cookie.call_args[0]
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(args[0] == 'name')
        self.assertTrue(kwargs['expires'] == timedelta(days=-5))

    def test_delete_path_domain_defaults(self):
        """ `path` defaults to '/' and domain defaults to `None`.
        """

        self.cookie_wrapper.delete('name')
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['path'] == '/')
        self.assertTrue(kwargs['domain'] is None)

        self.cookie_wrapper.delete('name', path='/foo', domain='bar')
        kwargs = self.response.set_cookie.call_args[1]
        self.assertTrue(kwargs['path'] == '/foo')
        self.assertTrue(kwargs['domain'] == 'bar')