def test_normalized_request_string_with_custom_port(self):
req = "GET / HTTP/1.1\r\nHost: example.com:88\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
sigstr = "1\n2\nGET\n/\nexample.com\n88\n\n"
mysigstr = get_normalized_request_string(req)
self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_with_custom_port(self):
req = "GET / HTTP/1.1\r\nHost: example.com:88\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
sigstr = "1\n2\nGET\n/\nexample.com\n88\n\n"
mysigstr = get_normalized_request_string(req)
self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_with_https_scheme(self):
req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
req.scheme = "https"
sigstr = "1\n2\nGET\n/\nexample.com\n443\n\n"
mysigstr = get_normalized_request_string(req)
self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_with_https_scheme(self):
req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
req.scheme = "https"
sigstr = "1\n2\nGET\n/\nexample.com\n443\n\n"
mysigstr = get_normalized_request_string(req)
self.assertEquals(sigstr, mysigstr)
def test_compatability_with_ff_sync_client(self):
# These are test values used in the FF Sync Client testsuite.
# Trying to make sure we're compatible.
id, key = (
"vmo1txkttblmn51u2p3zk2xiy16hgvm5ok8qiv1yyi86ffjzy9zj0ez9x6wnvbx7",
"b8u1cc5iiio5o319og7hh8faf2gi5ym4aq0zwf112cv1287an65fudu5zj7zo7dz",
)
req = b"GET /alias/ HTTP/1.1\r\nHost: 10.250.2.176\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1329181221", "nonce": "wGX71"})
sig = "jzh5chjQc2zFEvLbyHnPdX11Yck="
mysig = get_signature(req, key)
self.assertEquals(sig, mysig)
def test_compatability_with_ff_sync_client(self):
# These are test values used in the FF Sync Client testsuite.
# Trying to make sure we're compatible.
id, key = (
"vmo1txkttblmn51u2p3zk2xiy16hgvm5ok8qiv1yyi86ffjzy9zj0ez9x6wnvbx7",
"b8u1cc5iiio5o319og7hh8faf2gi5ym4aq0zwf112cv1287an65fudu5zj7zo7dz",
)
req = b"GET /alias/ HTTP/1.1\r\nHost: 10.250.2.176\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1329181221", "nonce": "wGX71"})
sig = "jzh5chjQc2zFEvLbyHnPdX11Yck="
mysig = get_signature(req, key)
self.assertEquals(sig, mysig)
def test_get_signature_against_example_from_spec(self):
req = b"GET /resource/1?b=1&a=2 HTTP/1.1\r\n"\
b"Host: example.com:8000\r\n"\
b"\r\n"
params = {
"id": "dh37fgj492je",
"ts": "1353832234",
"nonce": "j4h3g2",
"ext": "some-app-ext-data"
}
key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn"
algorithm = "sha256"
sig = "6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE="
req = Request.from_bytes(req)
mysig = get_signature(req, key, algorithm, params=params)
self.assertEquals(sig, mysig)
def test_get_signature_against_example_from_spec(self):
req = b"GET /resource/1?b=1&a=2 HTTP/1.1\r\n"\
b"Host: example.com:8000\r\n"\
b"\r\n"
params = {
"id": "dh37fgj492je",
"ts": "1353832234",
"nonce": "j4h3g2",
"ext": "some-app-ext-data"
}
key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn"
algorithm = "sha256"
sig = "6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE="
req = Request.from_bytes(req)
mysig = get_signature(req, key, algorithm, params=params)
self.assertEquals(sig, mysig)
def test_get_signature_against_example_from_spec(self):
# This is the example used in Section 1.1 of RFC-TODO
req = b"GET /resource/1?b=1&a=2 HTTP/1.1\r\n"\
b"Host: example.com\r\n"\
b"\r\n"
params = {
"id": "h480djs93hd8",
"ts": "1336363200",
"nonce": "dj83hs9s"
}
key = "489dks293j39"
sig = "bhCQXTVyfj5cmA9uKkPFx1zeOXM="
req = Request.from_bytes(req)
mysig = get_signature(req, key, params=params)
# XXX: disagrees with spec, but I'm wondering if spec is broken..?
if False:
self.assertEquals(sig, mysig) # pragma: nocover
def test_get_signature_against_example_from_spec(self):
# This is the example used in Section 1.1 of RFC-TODO
req = b"GET /resource/1?b=1&a=2 HTTP/1.1\r\n"\
b"Host: example.com\r\n"\
b"\r\n"
params = {
"id": "h480djs93hd8",
"ts": "1336363200",
"nonce": "dj83hs9s"
}
key = "489dks293j39"
sig = "bhCQXTVyfj5cmA9uKkPFx1zeOXM="
req = Request.from_bytes(req)
mysig = get_signature(req, key, params=params)
# XXX: disagrees with spec, but I'm wondering if spec is broken..?
if False:
self.assertEquals(sig, mysig) # pragma: nocover
def test_normalized_request_string_against_example_from_spec(self):
req = b"GET /resource/1?b=1&a=2 HTTP/1.1\r\n"\
b"Host: example.com:8000\r\n"\
b"\r\n"
params = {
"ts": "1353832234",
"nonce": "j4h3g2",
"ext": "some-app-ext-data",
}
sigstr = "hawk.1.header\n"\
"1353832234\n"\
"j4h3g2\n"\
"GET\n"\
"/resource/1?b=1&a=2\n"\
"example.com\n"\
"8000\n"\
"\n"\
"some-app-ext-data\n"
# IanB, *thank you* for Request.from_bytes!
req = Request.from_bytes(req)
mysigstr = get_normalized_request_string(req, params)
self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_against_example_from_spec(self):
# This is the example used in Section 3.2.1 of RFC-TODO
req = "POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q"\
" HTTP/1.1\r\n"\
"Host: example.com\r\n"\
"\r\n"\
"Hello World!"
params = {
"ts": "264095",
"nonce": "7d8f3e4a",
"ext": "a,b,c",
}
sigstr = "264095\n"\
"7d8f3e4a\n"\
"POST\n"\
"/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q\n"\
"example.com\n"\
"80\n"\
"a,b,c\n"
# IanB, *thank you* for Request.from_bytes!
req = Request.from_bytes(req)
mysigstr = get_normalized_request_string(req, params)
self.assertEquals(sigstr, mysigstr)
def test_normalized_request_string_against_example_from_spec(self):
# This is the example used in Section 3.2.1 of RFC-TODO
req = "POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q"\
" HTTP/1.1\r\n"\
"Host: example.com\r\n"\
"\r\n"\
"Hello World!"
params = {
"ts": "264095",
"nonce": "7d8f3e4a",
"ext": "a,b,c",
}
sigstr = "264095\n"\
"7d8f3e4a\n"\
"POST\n"\
"/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q\n"\
"example.com\n"\
"80\n"\
"a,b,c\n"
# IanB, *thank you* for Request.from_bytes!
req = Request.from_bytes(req)
mysigstr = get_normalized_request_string(req, params)
self.assertEquals(sigstr, mysigstr)
def test_check_signature_errors_when_missing_id(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
self.assertFalse(check_signature(req, "secretkeyohsecretkey"))
def test_get_id_returns_none_if_the_id_is_missing(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("Hawk", {"ts": "1", "nonce": "2"})
self.assertEquals(get_id(req), None)
def test_get_id_returns_none_for_other_auth_schemes(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("OAuth", {"id": "user1", "ts": "1", "nonce": "2"})
self.assertEquals(get_id(req), None)
def test_get_id_works_on_valid_header(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("Hawk", {"id": "user1", "ts": "1", "nonce": "2"})
self.assertEquals(get_id(req), "user1")
def test_normalized_request_string_errors_when_no_default_port(self):
req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
req.scheme = "httptypo"
self.assertRaises(ValueError, get_normalized_request_string, req)
def test_normalized_request_string_errors_when_no_default_port(self):
req = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
req.scheme = "httptypo"
self.assertRaises(ValueError, get_normalized_request_string, req)
def test_get_id_works_on_valid_header(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"id": "user1", "ts": "1", "nonce": "2"})
self.assertEquals(get_id(req), "user1")
def test_get_id_returns_none_for_other_auth_schemes(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("OAuth", {"id": "user1", "ts": "1", "nonce": "2"})
self.assertEquals(get_id(req), None)
def test_get_id_returns_none_if_the_id_is_missing(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("MAC", {"ts": "1", "nonce": "2"})
self.assertEquals(get_id(req), None)
def test_check_signature_errors_when_missing_id(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
req.authorization = ("Hawk", {"ts": "1", "nonce": "2"})
self.assertFalse(check_signature(req, "secretkeyohsecretkey"))
def test_check_signature_fails_with_non_mac_scheme(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
sign_request(req, "myid", "mykey")
req.authorization = ("OAuth", req.authorization[1])
self.assertFalse(check_signature(req, "mykey"))
def test_check_signature_fails_with_non_mac_scheme(self):
req = b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
req = Request.from_bytes(req)
sign_request(req, "myid", "mykey")
req.authorization = ("OAuth", req.authorization[1])
self.assertFalse(check_signature(req, "mykey"))
