Exemplo n.º 1
0
 def testAttributes(self):
     """
     The arguments passed to C{OAuth2Credentials} should be
     available as atttributes of the instance.
     """
     credentials = OAuth2Credentials('user', 'pass', 'token')
     self.assertEqual('user', credentials.consumerKey)
     self.assertEqual('pass', credentials.consumerPassword)
     self.assertEqual('token', credentials.token)
Exemplo n.º 2
0
 def testRequestAvatarIdWithInvalidToken(self):
     """
     L{FacadeOAuth2Checker.requestAvatarId} creates a
     L{FluidinfoSession} for the authenticated user only if the access
     token was properly formed (by calling dataToToken).
     """
     user = createUser(u'user', u'pass', u'User', u'*****@*****.**')
     createOAuthConsumer(user, secret='secret16charlng1')
     self.store.commit()
     credentials = OAuth2Credentials(u'user', u'pass', token='xxx')
     deferred = self.checker.requestAvatarId(credentials)
     return self.assertFailure(deferred, UnauthorizedLogin)
Exemplo n.º 3
0
    def testAuthenticateUserWithOAuth2UnknownUsernameInToken(self):
        """
        L{FacadeAuthMixin.authenticateUserWithOAuth2} ignores the case in the
        consumer key.
        """
        user = createUser(u'user', u'pass', u'User', u'*****@*****.**')
        oauthConsumer = createOAuthConsumer(user, secret='secret16charlng1')
        self.store.commit()

        token = dataToToken(oauthConsumer.secret, {'username': u'unknownUser'})
        credentials = OAuth2Credentials(u'user', u'pass', token)
        deferred = self.facade.authenticateUserWithOAuth2(credentials)

        return self.assertFailure(deferred, TNoSuchUser)
Exemplo n.º 4
0
 def testRequestAvatarIdWithTokenMadeFromWrongSecret(self):
     """
     L{FacadeOAuth2Checker.requestAvatarId} creates a
     L{FluidinfoSession} for the authenticated user only if the access
     token was created using the consumer's secret.
     """
     user1 = createUser(u'user1', u'pass1', u'User1', u'*****@*****.**')
     createOAuthConsumer(user1, secret='secret16charlng1')
     user2 = createUser(u'user2', u'pass2', u'User2', u'*****@*****.**')
     self.store.commit()
     token = dataToToken('a' * 16, {'username': user2.username})
     credentials = OAuth2Credentials(u'user1', u'pass1', token)
     deferred = self.checker.requestAvatarId(credentials)
     return self.assertFailure(deferred, UnauthorizedLogin)
Exemplo n.º 5
0
    def testAuthenticateUserWithOAuth2UnregisteredConsumer(self):
        """
        L{FacadeAuthMixin.authenticateUserWithOAuth2} raises
        L{TPasswordIncorrect} if the consumer exists as a Fluidinfo user
        but is not registered as an OAuth consumer.
        """
        createUser(u'user1', u'pass1', u'User1', u'*****@*****.**')
        createUser(u'user2', u'pass2', u'User2', u'*****@*****.**')
        self.store.commit()

        token = dataToToken('a' * 16, {'username': u'user2'})
        credentials = OAuth2Credentials(u'user1', u'pass1', token)
        deferred = self.facade.authenticateUserWithOAuth2(credentials)

        return self.assertFailure(deferred, TPasswordIncorrect)
Exemplo n.º 6
0
    def testAuthenticateOAuth2WithUnknownConsumer(self):
        """
        L{OAuthConsumerAPI.authenticate} raises an L{AuthenticationError}
        exception if the consumer is not registered.
        """
        UserAPI().create([(u'user1', u'secret1', u'User1',
                           u'*****@*****.**')])

        secret = 'a' * 16
        oauthEchoSecret = getConfig().get('oauth', 'access-secret')
        token = dataToToken(oauthEchoSecret + secret, {'user1': 'secret1'})

        oauthConsumerAPI = OAuthConsumerAPI()
        credentials = OAuth2Credentials(u'user1', u'secret1', token)

        self.assertRaises(AuthenticationError, oauthConsumerAPI.authenticate,
                          credentials)
Exemplo n.º 7
0
    def testAuthenticateUserWithOAuth2ConsumerPasswordIncorrect(self):
        """
        L{FacadeAuthMixin.authenticateUserWithOAuth2} raises
        L{TPasswordIncorrect} if the consumer's password is not correct.
        """
        user1 = createUser(u'user1', u'pass1', u'User1', u'*****@*****.**')
        oauthConsumer1 = createOAuthConsumer(user1, secret='secret16charlng1')
        user2 = createUser(u'user2', u'pass2', u'User2', u'*****@*****.**')
        self.store.commit()

        token = dataToToken(oauthConsumer1.secret,
                            {'username': user2.username})

        credentials = OAuth2Credentials(u'user1', u'invalid', token)
        deferred = self.facade.authenticateUserWithOAuth2(credentials)

        return self.assertFailure(deferred, TPasswordIncorrect)
Exemplo n.º 8
0
    def testAuthenticateAnonymousUserWithOAuth2(self):
        """
        L{FacadeAuthMixin.authenticateUserWithOAuth2} should create a
        L{FluidinfoSession} for the anonymous user.
        """
        anonymous = self.system.users[u'anon']
        UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')])
        user = getUser(u'user')
        api = OAuthConsumerAPI()
        api.register(anonymous)
        token = api.getAccessToken(anonymous, user)
        self.store.commit()

        credentials = OAuth2Credentials(u'anon', None, token.encrypt())
        session = yield self.facade.authenticateUserWithOAuth2(credentials)
        self.assertEqual(user.username, session.auth.username)
        self.assertEqual(user.objectID, session.auth.objectID)
Exemplo n.º 9
0
    def testAuthenticateOAuth2WithUnknownUser(self):
        """
        L{OAuthConsumerAPI.authenticate} raises a L{UnknownUserError} exception
        if the user in the L{OAuth2Credentials} token doesn't exist.
        """
        UserAPI().create([(u'user1', u'secret1', u'User1',
                           u'*****@*****.**')])
        user1 = getUser(u'user1')

        oauthConsumerAPI = OAuthConsumerAPI()
        consumer = oauthConsumerAPI.register(user1, secret='abyOTsAfo9MVN0qz')
        oauthEchoSecret = getConfig().get('oauth', 'access-secret')
        token = dataToToken(oauthEchoSecret + consumer.secret,
                            {'username': '******'})

        credentials = OAuth2Credentials(u'user1', u'secret1', token)
        self.assertRaises(UnknownUserError, oauthConsumerAPI.authenticate,
                          credentials)
Exemplo n.º 10
0
    def testAuthenticateOAuth2(self):
        """
        L{OAuthConsumerAPI.authenticate} returns the L{User} when passed valid
        L{OAuth2Credentials}.  In the case of OAuth Echo, and in the case of
        this test, a consumer makes a request using a token that grants it
        access to act on behalf of a particular user.
        """
        UserAPI().create([(u'consumer', u'password', u'Consumer',
                           u'*****@*****.**')])
        UserAPI().create([(u'user', u'secret', u'User', u'*****@*****.**')])
        consumer = getUser(u'consumer')
        user = getUser(u'user')

        api = OAuthConsumerAPI()
        api.register(consumer, secret='abyOTsAfo9MVN0qz')
        token = api.getAccessToken(consumer, user)
        credentials = OAuth2Credentials(u'consumer', u'secret1',
                                        token.encrypt())
        self.assertIdentical(user, api.authenticate(credentials))
Exemplo n.º 11
0
    def testRequestAvatarId(self):
        """
        L{FacadeOAuth2Checker.requestAvatarId} creates a
        L{FluidinfoSession} for the authenticated user only if credentials are
        correct.
        """
        UserAPI().create([(u'consumer', u'secret', u'Consumer',
                           u'*****@*****.**'),
                          (u'user', u'secret', u'User', u'*****@*****.**')])
        consumerUser = getUser(u'consumer')
        user = getUser(u'user')
        api = OAuthConsumerAPI()
        api.register(consumerUser)
        token = api.getAccessToken(consumerUser, user)
        self.store.commit()

        credentials = OAuth2Credentials(u'consumer', 'secret', token.encrypt())
        session = yield self.checker.requestAvatarId(credentials)
        self.assertEqual(user.username, session.auth.username)
        self.assertEqual(user.objectID, session.auth.objectID)
Exemplo n.º 12
0
    def testAuthenticateUserWithOAuthWithMixedCaseToken(self):
        """
        L{FacadeAuthMixin.authenticateUserWithOAuth2} ignores case in the
        username in the token.
        """
        UserAPI().create([
            (u'consumer', u'secret', u'Consumer', u'*****@*****.**'),
            (u'user', u'secret', u'User', u'*****@*****.**')])
        consumer = getUser(u'consumer')
        user = getUser(u'user')
        api = OAuthConsumerAPI()
        oauthConsumer = api.register(consumer)
        token = dataToToken(oauthConsumer.secret,
                            {'username': u'UseR',
                             'creationTime': '20121228-161823'})
        self.store.commit()

        credentials = OAuth2Credentials(consumer.username, u'secret', token)
        session = yield self.facade.authenticateUserWithOAuth2(credentials)
        self.assertEqual(user.username, session.auth.username)
        self.assertEqual(user.objectID, session.auth.objectID)
Exemplo n.º 13
0
    def testAuthenticateUserWithOAuth2IgnoresCase(self):
        """
        L{FacadeAuthMixin.authenticateUserWithOAuth2} creates a
        L{FluidinfoSession} for the authenticated user only if credentials are
        correct.
        """
        UserAPI().create([
            (u'consumer', u'secret', u'Consumer', u'*****@*****.**'),
            (u'user', u'secret', u'User', u'*****@*****.**')])
        consumer = getUser(u'consumer')
        user = getUser(u'user')
        api = OAuthConsumerAPI()
        api.register(consumer)
        token = api.getAccessToken(consumer, user)
        self.store.commit()

        credentials = OAuth2Credentials(u'ConsumeR', u'secret',
                                        token.encrypt())
        session = yield self.facade.authenticateUserWithOAuth2(credentials)
        self.assertEqual(user.username, session.auth.username)
        self.assertEqual(user.objectID, session.auth.objectID)
Exemplo n.º 14
0
    def testAuthenticateOAuth2WithTokenMadeFromBadOAuthEchoSecret(self):
        """
        L{OAuthConsumerAPI.authenticate} raises an L{AuthenticationError}
        exception if the token in the L{OAuthCredentials} is invalid
        because it is not made with our oauthEchoSecret in the key.
        """
        UserAPI().create([(u'user1', u'secret1', u'User1',
                           u'*****@*****.**')])
        user1 = getUser(u'user1')

        UserAPI().create([(u'user2', u'secret2', u'User2',
                           u'*****@*****.**')])

        oauthConsumerAPI = OAuthConsumerAPI()
        consumer = oauthConsumerAPI.register(user1, secret='abyOTsAfo9MVN0qz')

        oauthEchoSecret = 'x' * 16
        token = dataToToken(oauthEchoSecret + consumer.secret,
                            {'username': '******'})
        credentials = OAuth2Credentials(u'user1', u'secret1', token)

        self.assertRaises(AuthenticationError, oauthConsumerAPI.authenticate,
                          credentials)
Exemplo n.º 15
0
    def testAuthenticateOAuth2WithInvalidToken(self):
        """
        L{OAuthConsumerAPI.authenticate} raises an L{AuthenticationError}
        exception if the token in the L{OAuthCredentials} is invalid.
        """
        UserAPI().create([(u'user1', u'secret1', u'User1',
                           u'*****@*****.**')])
        user1 = getUser(u'user1')

        # NOTE This second user is not used, but it's created anyway to make
        # sure that the environment is the same as the other tests, but this
        # time the test will only fail because of an invalid token.
        # This is here to avoid regressions.
        UserAPI().create([(u'user2', u'secret2', u'User2',
                           u'*****@*****.**')])

        oauthConsumerAPI = OAuthConsumerAPI()
        oauthConsumerAPI.register(user1, secret='abyOTsAfo9MVN0qz')

        token = 'invalid'
        credentials = OAuth2Credentials(u'user1', u'secret1', token)

        self.assertRaises(AuthenticationError, oauthConsumerAPI.authenticate,
                          credentials)
Exemplo n.º 16
0
 def testVerifySignature(self):
     """
     C{OAuth2Credentials}.verifySignature must return C{True}.
     """
     credentials = OAuth2Credentials('user', 'pass', 'token')
     self.assertEqual(True, credentials.verifySignature())