def test_valid_http_signature_ec_p521(self): privkey_path = self.ec_p521_key_path signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme=signing.SCHEME_HS2019, private_key_path=privkey_path, private_key_passphrase=self.private_key_passphrase, hash_algorithm=signing.HASH_SHA512, signed_headers=[ signing.HEADER_REQUEST_TARGET, signing.HEADER_CREATED, ] ) config = Configuration(host=HOST, signing_info=signing_cfg) # Set the OAuth2 acces_token to None. Here we are interested in testing # the HTTP signature scheme. config.access_token = None api_client = petstore_api.ApiClient(config) pet_api = PetApi(api_client) mock_pool = MockPoolManager(self) api_client.rest_client.pool_manager = mock_pool mock_pool.set_signing_config(signing_cfg) mock_pool.expect_request('POST', 'http://petstore.swagger.io/v2/pet', body=json.dumps(api_client.sanitize_for_serialization(self.pet)), headers={'Content-Type': r'application/json', 'Authorization': r'Signature keyId="my-key-id",algorithm="hs2019",created=[0-9]+,' r'headers="\(request-target\) \(created\)",' r'signature="[a-zA-Z0-9+/=]+"', 'User-Agent': r'OpenAPI-Generator/1.0.0/python'}, preload_content=True, timeout=None) pet_api.add_pet(self.pet)
def test_invalid_configuration(self): # Signing scheme must be valid. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme='foo', private_key_path=self.ec_p521_key_path) self.assertTrue( re.match('Unsupported security scheme', str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception))) # Signing scheme must be specified. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", private_key_path=self.ec_p521_key_path, signing_scheme=None) self.assertTrue( re.match('Unsupported security scheme', str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception))) # Private key passphrase is missing but key is encrypted. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme=signing.SCHEME_HS2019, private_key_path=self.ec_p521_key_path, ) self.assertTrue( re.match('Not a valid clear PKCS#8 structure', str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception))) # File containing private key must exist. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme=signing.SCHEME_HS2019, private_key_path='foobar', ) self.assertTrue( re.match('Private key file does not exist', str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception))) # The max validity must be a positive value. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme=signing.SCHEME_HS2019, private_key_path=self.ec_p521_key_path, signature_max_validity=timedelta(hours=-1)) self.assertTrue( re.match('The signature max validity must be a positive value', str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception))) # Cannot include the 'Authorization' header. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme=signing.SCHEME_HS2019, private_key_path=self.ec_p521_key_path, signed_headers=['Authorization']) self.assertTrue( re.match("'Authorization' header cannot be included", str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception))) # Cannot specify duplicate headers. with self.assertRaises(Exception) as cm: signing_cfg = signing.HttpSigningConfiguration( key_id="my-key-id", signing_scheme=signing.SCHEME_HS2019, private_key_path=self.ec_p521_key_path, signed_headers=['Host', 'Date', 'Host']) self.assertTrue( re.match('Cannot have duplicates in the signed_headers parameter', str(cm.exception)), 'Exception message: {0}'.format(str(cm.exception)))