def testDoublyEncodedCookieWithIncorrectPadding(self):
from urllib import quote
from base64 import encodestring
from collective.usernamelogger import username
TEST_USERNAME = '******'
TEST_PASSWORD = '******'
hex_credentials = ':'.join([token.encode('hex') for token in \
(TEST_USERNAME, TEST_PASSWORD)])
# base64 encode credentials - this will add '='s for padding
b64encoded_credentials = encodestring(hex_credentials).strip()
# Quote the base64 encoded string *twice*
# This will mess up the padding unless it's unquoted twice
broken_cookie = "__ac=%s" % quote(quote(b64encoded_credentials))
self.assertTrue(username(broken_cookie) == TEST_USERNAME)
def testDoublyEncodedCookieWithIncorrectPadding(self):
from urllib import quote
from base64 import encodestring
from collective.usernamelogger import username
TEST_USERNAME = '******'
TEST_PASSWORD = '******'
hex_credentials = ':'.join([token.encode('hex') for token in \
(TEST_USERNAME, TEST_PASSWORD)])
# base64 encode credentials - this will add '='s for padding
b64encoded_credentials = encodestring(hex_credentials).strip()
# Quote the base64 encoded string *twice*
# This will mess up the padding unless it's unquoted twice
broken_cookie = "__ac=%s" % quote(quote(b64encoded_credentials))
self.assertTrue(username(broken_cookie) == TEST_USERNAME)
def username(self, value):
from collective.usernamelogger import username
from base64 import encodestring
return username('__ac=%s' % encodestring(value))
def username(self, value):
from collective.usernamelogger import username
from base64 import encodestring
return username('__ac=%s' % encodestring(value))
