def test_authextra_tls(self):
"""
We pass along the authextra to a dynamic authenticator
"""
session = Mock()
session._transport.transport_details = types.TransportDetails()
def fake_call(method, *args, **kw):
realm, authid, details = args
self.assertEqual("foo.auth_a_doodle", method)
self.assertEqual("realm", realm)
self.assertEqual(details["authmethod"], "tls")
self.assertEqual(details["authextra"], {"foo": "bar"})
return defer.succeed({
"secret":
'deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',
"role": "some_role",
"extra": {
"what": "authenticator-supplied authextra",
}
})
session.call = Mock(side_effect=fake_call)
realm = Mock()
realm._realm.session = session
session._pending_session_id = 'pending session id'
session._router_factory = {
"realm": realm,
}
config = {
"type": "dynamic",
"authenticator": "foo.auth_a_doodle",
"authenticator-realm": "realm",
"authenticator-role": "myauth_role"
}
extra = {
"foo": "bar",
}
details = Mock()
details.authid = 'alice'
details.authextra = extra
pending_session_id = 1
transport_details = types.TransportDetails(
channel_id={'tls-unique': b'anything'},
peer_cert={'some': 'thing'})
realm_container = MockRealmContainer("realm",
["some_role", "myauth_role"],
session)
auth = tls.PendingAuthTLS(pending_session_id, transport_details,
realm_container, config)
val = yield auth.hello("realm", details)
self.assertTrue(isinstance(val, types.Accept))
self.assertEqual(val.authmethod, "tls")
self.assertEqual(val.authextra,
{"what": "authenticator-supplied authextra"})
def test_authextra_wampcryptosign(self):
"""
We pass along the authextra to a dynamic authenticator
"""
session = Mock()
session._transport.transport_details = types.TransportDetails()
def fake_call(method, *args, **kw):
realm, authid, details = args
self.assertEqual("foo.auth_a_doodle", method)
self.assertEqual("realm", realm)
self.assertEqual(details["authmethod"], "cryptosign")
self.assertEqual(details["authextra"], {"foo": "bar"})
return defer.succeed({
"pubkey":
'deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',
"role": "some_role",
"extra": {
"what": "authenticator-supplied authextra",
}
})
session.call = Mock(side_effect=fake_call)
realm = Mock()
realm._realm.session = session
session._router_factory = {
"realm": realm,
}
config = {
"type": "dynamic",
"authenticator": "foo.auth_a_doodle",
"authenticator-realm": "realm",
"authenticator-role": "myauth_role"
}
extra = {
"foo": "bar",
}
details = Mock()
details.authextra = extra
pending_session_id = 1
transport_details = types.TransportDetails()
realm_container = MockRealmContainer("realm",
["some_role", "myauth_role"],
session)
auth = cryptosign.PendingAuthCryptosign(pending_session_id,
transport_details,
realm_container, config)
val = yield auth.hello("realm", details)
self.assertTrue(isinstance(val, types.Challenge))
self.assertEqual("cryptosign", val.method)
self.assertTrue("challenge" in val.extra)
self.assertEqual(auth._authextra,
{"what": "authenticator-supplied authextra"})
def setUp(self):
self.key = SigningKey.from_ssh_data(keybody)
self.privkey_hex = self.key._key.encode(encoder=HexEncoder)
m = hashlib.sha256()
m.update("some TLS message".encode())
channel_id = m.digest()
self.transport_details = types.TransportDetails(channel_id={'tls-unique': channel_id})
def test_authextra_ticket(self):
"""
We pass along the authextra to a dynamic authenticator
"""
session = Mock()
session._transport.transport_details = types.TransportDetails()
def fake_call(method, *args, **kw):
realm, authid, details = args
self.assertEqual("foo.auth_a_doodle", method)
self.assertEqual("realm", realm)
self.assertEqual(details["authmethod"], "ticket")
self.assertEqual(details["authextra"], {"foo": "bar"})
return defer.succeed({
"secret":
'deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',
"role": "some_role",
"extra": {
"what": "authenticator-supplied authextra",
}
})
session.call = Mock(side_effect=fake_call)
realm = Mock()
realm._realm.session = session
session._pending_session_id = 'pending session id'
session._router_factory = {
"realm": realm,
}
config = {
"type": "dynamic",
"authenticator": "foo.auth_a_doodle",
"authenticator-realm": "realm",
"authenticator-role": "myauth_role"
}
extra = {
"foo": "bar",
}
details = Mock()
details.authid = 'alice'
details.authextra = extra
pending_session_id = 1
transport_details = types.TransportDetails()
realm_container = MockRealmContainer("realm",
["some_role", "myauth_role"],
session)
auth = ticket.PendingAuthTicket(pending_session_id, transport_details,
realm_container, config)
val = yield auth.hello("realm", details)
self.assertTrue(isinstance(val, types.Challenge))
self.assertEqual("ticket", val.method)
self.assertEqual({}, val.extra)
d = auth.authenticate("fake signature")
self.assertTrue(isinstance(d.result, types.Accept))
acc = d.result
self.assertEqual(acc.authextra,
{"what": "authenticator-supplied authextra"})
self.assertEqual(acc.authid, 'alice')