def test_good_man_http_header_middleware(self): signature = sign(self.params, self.salt) request = self.factory.get('/some/private/view/', self.params, **self.get_auth_header(self.code, signature)) user_as_response = self.get_user_as_response(request) self.assertFalse(user_as_response is None, msg='fake_view returned None instead of good_user') self.assertEqual(user_as_response, self.good_user, msg='wrong user returned')
def test_bad_user_request_params_attempt(self): signature = sign(self.params, 'BAD SALT') self.params['code'] = self.code self.params['sign'] = signature # middleware testing... request = self.factory.get('/some/private/view/', data=self.params) user_as_response = self.get_user_as_response(request) self.assertTrue(user_as_response is None) # no user is in request
def test_params_names_settings(self): with patch_settings('signn', 'codee'): signature = sign(self.params, self.salt) self.params['codee'] = self.code self.params['signn'] = signature request = self.factory.get('/some/private/view/', data=self.params) user_as_response = self.get_user_as_response(request) self.assertFalse(user_as_response is None, msg='fake_view returned None instead of good_user') self.assertEqual(user_as_response, self.good_user, msg='wrong user returned')
def test_good_man_request_params_middleware(self): signature = sign(self.params, self.salt) self.params['code'] = self.code self.params['sign'] = signature params_copy = deepcopy(self.params) # middleware testing... request = self.factory.get('/some/private/view/', data=self.params) user_as_response = self.get_user_as_response(request) self.assertFalse(user_as_response is None, msg='fake_view returned None instead of good_user') self.assertEqual(user_as_response, self.good_user, msg='wrong user returned') # params were not hurt... self.assertEqual(params_copy, self.params, msg='params were likely hurt in the middleware')
def test_bad_user_http_header_attempt(self): signature = sign(self.params, 'BAD SALT') request = self.factory.get('/some/private/view/', self.params, **self.get_auth_header(self.code, signature)) user_as_response = self.get_user_as_response(request) self.assertTrue(user_as_response is None) # no user is in request
def test_good_man_params_signature_ok(self): signature = sign(self.params, self.salt) self.assertTrue(self.hk.signature_ok(self.params, signature))
def sign(params, salt, date=None): return client.sign(params, salt, date)