def test_11_api_key_required(self): g.logged_in_user = {} builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) g.policy_object = PolicyClass() # No policy and no Auth token req.all_data = {} r = api_key_required(req) # The request was not modified self.assertTrue(r) # Set a policy, that allows two tokens per realm set_policy(name="pol_api", scope=SCOPE.AUTHZ, action=ACTION.APIKEY) g.policy_object = PolicyClass() # A request with no API Key fails self.assertRaises(PolicyError, api_key_required, req) # A request with an API key succeeds secret = current_app.config.get("SECRET_KEY") token = jwt.encode( { "role": ROLE.VALIDATE, "exp": datetime.utcnow() + timedelta(hours=1) }, secret) req.headers = {"Authorization": token} r = api_key_required(req) self.assertTrue(r) # A request with a valid Admin Token does not succeed token = jwt.encode( { "role": ROLE.ADMIN, "username": "******", "exp": datetime.utcnow() + timedelta(hours=1) }, secret) req.headers = {"Authorization": token} self.assertRaises(PolicyError, api_key_required, req) delete_policy("pol_api")
def test_11_api_key_required(self): g.logged_in_user = {} builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) g.policy_object = PolicyClass() # No policy and no Auth token req.all_data = {} r = api_key_required(req) # The request was not modified self.assertTrue(r) # Set a policy, that allows two tokens per realm set_policy(name="pol_api", scope=SCOPE.AUTHZ, action=ACTION.APIKEY) g.policy_object = PolicyClass() # A request with no API Key fails self.assertRaises(PolicyError, api_key_required, req) # A request with an API key succeeds secret = current_app.config.get("SECRET_KEY") token = jwt.encode({"role": ROLE.VALIDATE, "exp": datetime.utcnow() + timedelta(hours=1)}, secret) req.headers = {"Authorization": token} r = api_key_required(req) self.assertTrue(r) # A request with a valid Admin Token does not succeed token = jwt.encode({"role": ROLE.ADMIN, "username": "******", "exp": datetime.utcnow() + timedelta(hours=1)}, secret) req.headers = {"Authorization": token} self.assertRaises(PolicyError, api_key_required, req) delete_policy("pol_api")
def test_authenticated(self): secret = 'Basic {0}'.format(self.get_hash()) h = {'Authorization': secret} r = Request({}) r.headers = MultiDict(h) self.assertTrue(charon.views.authenticated(r))