def test_11_api_key_required(self):
g.logged_in_user = {}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
g.policy_object = PolicyClass()
# No policy and no Auth token
req.all_data = {}
r = api_key_required(req)
# The request was not modified
self.assertTrue(r)
# Set a policy, that allows two tokens per realm
set_policy(name="pol_api", scope=SCOPE.AUTHZ, action=ACTION.APIKEY)
g.policy_object = PolicyClass()
# A request with no API Key fails
self.assertRaises(PolicyError, api_key_required, req)
# A request with an API key succeeds
secret = current_app.config.get("SECRET_KEY")
token = jwt.encode(
{
"role": ROLE.VALIDATE,
"exp": datetime.utcnow() + timedelta(hours=1)
}, secret)
req.headers = {"Authorization": token}
r = api_key_required(req)
self.assertTrue(r)
# A request with a valid Admin Token does not succeed
token = jwt.encode(
{
"role": ROLE.ADMIN,
"username": "******",
"exp": datetime.utcnow() + timedelta(hours=1)
}, secret)
req.headers = {"Authorization": token}
self.assertRaises(PolicyError, api_key_required, req)
delete_policy("pol_api")
def test_11_api_key_required(self):
g.logged_in_user = {}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
g.policy_object = PolicyClass()
# No policy and no Auth token
req.all_data = {}
r = api_key_required(req)
# The request was not modified
self.assertTrue(r)
# Set a policy, that allows two tokens per realm
set_policy(name="pol_api",
scope=SCOPE.AUTHZ,
action=ACTION.APIKEY)
g.policy_object = PolicyClass()
# A request with no API Key fails
self.assertRaises(PolicyError, api_key_required, req)
# A request with an API key succeeds
secret = current_app.config.get("SECRET_KEY")
token = jwt.encode({"role": ROLE.VALIDATE,
"exp": datetime.utcnow() + timedelta(hours=1)},
secret)
req.headers = {"Authorization": token}
r = api_key_required(req)
self.assertTrue(r)
# A request with a valid Admin Token does not succeed
token = jwt.encode({"role": ROLE.ADMIN,
"username": "******",
"exp": datetime.utcnow() + timedelta(hours=1)},
secret)
req.headers = {"Authorization": token}
self.assertRaises(PolicyError, api_key_required, req)
delete_policy("pol_api")
def test_authenticated(self):
secret = 'Basic {0}'.format(self.get_hash())
h = {'Authorization': secret}
r = Request({})
r.headers = MultiDict(h)
self.assertTrue(charon.views.authenticated(r))
