def test_plain_http_no_args_fails(self): """The default behaviour should be to refuse to send credentials over HTTP""" transport = HTTPSTransport() transport.session = self.mocked_session with self.assertRaises((SSLError, TransportError)): transport.open(make_request('http://example.com/'))
def test_plain_http_rewrite_rewritten(self): transport = HTTPSTransport(rewrite_to_https=True) transport.session = self.mocked_session return_value = mock.MagicMock() return_value.content = b'' transport.session.get.return_value = return_value transport.open(make_request('http://example.com')) # mock.MagicMock.assert_called_with does not allow specifying interest in a single argument self.assertEqual( transport.session.get.call_args[1].get('url'), 'https://example.com' )
def test_plain_http_no_rewrite_fails(self): """ Some buggy SOAP servers reference plain HTTP urls in the WSDL even when served over HTTPS. The ``SudsClientStrictSSL`` Transport has an option to rewrite urls to HTTPS before making the request. If this is `False`, and `verify_ssl == True` We expect the request to fail. Assert that the default behaviour of the transport is strict. Does not allow plain HTTP unless overriden with verify_ssl=False""" transport = HTTPSTransport(rewrite_to_https=False) transport.session = self.mocked_session with self.assertRaises((SSLError, TransportError)): transport.open(make_request('http://example.com/'))
class TestSSLCertificateHandling(unittest.TestCase): """ urllib<3 is deficient in SSL handling. It does not do verification of the server certificate, which amounts to *no security at all*. This test is here to make sure that failure does not make it into our suds transport that is meant to be checking certificates. See https://bitbucket.org/jurko/suds/issue/23/ssl-certificate-verification for the discussion. """ def setUp(self): self.transport = HTTPSTransport() def test_certname_handling(self): with HTTPSServerProcess( cert=os.path.join(os.path.dirname(__file__), 'certs/selfsigned.pem') ) as server: url = 'https://localhost:%s/' % (server.server_address[1],) data = 'thisdataissecret' request = suds.transport.Request(url, data) with self.assertRaises((ssl.SSLError, TransportError)): self.transport.open(request)
def setUp(self): self.transport = HTTPSTransport()