def testCreateCookieHttpOnly(self):
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=True)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual(
'Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'
.format(d.cookieName(), result['cookie']), result['header'])
class CookieMemoryStoreTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.d = CookieMemoryStore(name='name', timeout=0.1)
self.d._now = lambda: 123456789.0
def testCookieName(self):
name = self.d.cookieName()
self.assertTrue(name.startswith('name'))
self.assertEquals(name, self.d.cookieName())
self.assertNotEqual(name, CookieMemoryStore(timeout=0.1).cookieName())
def testCreateCookie(self):
result = self.d.createCookie('username')
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
self.assertNotEqual(result, self.d.createCookie('username'))
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
self.d.cookieName(), result['cookie']), result['header'])
sleep(0.06)
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.06)
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.12)
self.assertEquals(None, self.d.validateCookie(result['cookie']))
def testCreateCookieForAnyObject(self):
o = object()
result = self.d.createCookie(o)
self.assertEquals(o, self.d.validateCookie(result['cookie'])['value'])
def testRemoveCookie(self):
result = self.d.createCookie('username')
self.assertEquals('username', self.d.validateCookie(result['cookie'])['value'])
self.d.removeCookie(result['cookie'])
self.assertEquals(None, self.d.validateCookie(result['cookie']))
self.d.removeCookie(result['cookie'])
def testRemoveCookiesWithObjectFilter(self):
c1 = self.d.createCookie({'username': '******'})
c2 = self.d.createCookie(object())
c3 = self.d.createCookie('otheruser')
self.d.removeCookies(filter=lambda o:o.get('username') == 'name')
self.assertFalse(self.d.validateCookie(c1['cookie']))
self.assertTrue(self.d.validateCookie(c2['cookie']))
self.assertTrue(self.d.validateCookie(c3['cookie']))
def testCreateCookieHttpOnly(self):
d = CookieMemoryStore(name='name', timeout=0.1)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=True)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
d.cookieName(), result['cookie']), result['header'])
class SessionHandlerTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.handler = SessionHandler()
self.cookiestore = CookieMemoryStore(name='session', timeout=10)
self.handler.addObserver(self.cookiestore)
self.handler._zulutime = lambda: ZuluTime('2015-01-27T13:34:45Z')
def testCreateSession(self):
called = []
class MyObserver(Observable):
def handleRequest(self, *args, **kwargs):
session = self.ctx.session
called.append({
'args': args,
'kwargs': kwargs,
'session': session
})
yield utils.okHtml
yield '<ht'
yield 'ml/>'
self.handler.addObserver(MyObserver())
result = generatorToString(
self.handler.handleRequest(RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={'a': 'b'}))
self.assertEqual(1, len(called))
self.assertEqual({}, called[0]['session'])
session = called[0]['kwargs']['session']
self.assertEqual({}, session)
self.assertEqual({'a': 'b'}, called[0]['kwargs']['Headers'])
self.assertTrue(('127.0.0.1', 12345), called[0]['kwargs']['Client'])
header, body = result.split(utils.CRLF * 2, 1)
self.assertEqual('<html/>', body)
self.assertTrue('Set-Cookie' in header, header)
headerParts = header.split(utils.CRLF)
self.assertEqual("HTTP/1.0 200 OK", headerParts[0])
sessionCookie = [p for p in headerParts[1:] if 'Set-Cookie' in p][0]
self.assertTrue(sessionCookie.startswith('Set-Cookie: session'))
def testRetrieveCookie(self):
sessions = []
class MyObserver(Observable):
def handleRequest(self, *args, **kwargs):
session = self.ctx.session
sessions.append(session)
yield utils.okHtml + '<html/>'
self.handler.addObserver(MyObserver())
headers, _ = parseResponse(
asBytes(
self.handler.handleRequest(RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={})))
headers = headers['Headers']
self.assertTrue('Set-Cookie' in headers, headers)
cookie = findCookies(headers, self.cookiestore.cookieName(),
'Set-Cookie')[0]
consume(
self.handler.handleRequest(RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={
'Cookie':
'{0}={1}'.format(
self.cookiestore.cookieName(),
cookie)
}))
self.assertEqual(sessions[0], sessions[1])
self.assertEqual(id(sessions[0]), id(sessions[1]))
def testInjectAnyCookie(self):
sessions = []
class MyObserver(Observable):
def handleRequest(self, session=None, *args, **kwargs):
sessions.append(session)
yield utils.okHtml + '<html/>'
self.handler.addObserver(MyObserver())
headers, _ = parseResponse(
asBytes(
self.handler.handleRequest(
RequestURI='/path',
Client=('127.0.0.1', 12345),
Headers={
'Cookie':
'%s=%s' %
(self.cookiestore.cookieName(), 'injected_id')
})))
headers = headers["Headers"]
self.assertTrue('injected_id' not in ' '.join(headers['Set-Cookie']))
def testPassThroughOfCallables(self):
def callableMethod():
pass
class MyObserver(Observable):
def handleRequest(*args, **kwargs):
yield callableMethod
yield "HTTP/1.0 200 OK\r\n\r\nBODY"
yield callableMethod
yield "THE END"
self.handler.addObserver(MyObserver())
result = asList(self.handler.handleRequest(Headers={}))
self.assertEqual(callableMethod, result[0])
self.assertEqual(b"HTTP/1.0 200 OK\r\n", result[1])
self.assertEqual(b"\r\nBODY", result[3])
self.assertEqual(callableMethod, result[4])
self.assertTrue(result[2].startswith(b'Set-Cookie: session'),
result[2])
self.assertEqual("THE END", result[5])
class SessionHandlerTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.handler = SessionHandler()
self.cookiestore = CookieMemoryStore(name='session', timeout=10)
self.handler.addObserver(self.cookiestore)
self.handler._zulutime = lambda: ZuluTime('2015-01-27T13:34:45Z')
self.observer = CallTrace('Observer')
self.handler.addObserver(self.observer)
def testCreateSession(self):
called = []
def handleRequest(*args, **kwargs):
called.append({'args':args, 'kwargs':kwargs})
yield utils.okHtml
yield '<ht'
yield 'ml/>'
self.observer.handleRequest = handleRequest
result = asString(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={'a':'b'}))
self.assertEquals(1, len(called))
session = called[0]['kwargs']['session']
self.assertEqual({}, session)
self.assertEquals({'a':'b'}, called[0]['kwargs']['Headers'])
self.assertTrue(('127.0.0.1', 12345), called[0]['kwargs']['Client'])
header, body = result.split(utils.CRLF*2,1)
self.assertEquals('<html/>', body)
self.assertTrue('Set-Cookie' in header, header)
headerParts = header.split(utils.CRLF)
self.assertEquals("HTTP/1.0 200 OK", headerParts[0])
sessionCookie = [p for p in headerParts[1:] if 'Set-Cookie' in p][0]
self.assertTrue(sessionCookie.startswith('Set-Cookie: session'))
def testRetrieveCookie(self):
sessions = []
def handleRequest(session=None, *args, **kwargs):
sessions.append(session)
yield utils.okHtml + '<html/>'
self.observer.handleRequest = handleRequest
headers = asString(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={})).split(CRLF*2,1)[0]
headers = parseHeaders(headers)
self.assertTrue('Set-Cookie' in headers, headers)
cookie = findCookies(headers, self.cookiestore.cookieName(), 'Set-Cookie')[0]
consume(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={'Cookie': '{0}={1}'.format(self.cookiestore.cookieName(), cookie)}))
self.assertEquals(sessions[0], sessions[1])
self.assertEquals(id(sessions[0]),id(sessions[1]))
def testInjectAnyCookie(self):
sessions = []
def handleRequest(session=None, *args, **kwargs):
sessions.append(session)
yield utils.okHtml + '<html/>'
self.observer.handleRequest = handleRequest
headers = asString(self.handler.handleRequest(RequestURI='/path', Client=('127.0.0.1', 12345), Headers={'Cookie': '%s=%s' % (self.cookiestore.cookieName(), 'injected_id')})).split(CRLF*2,1)[0]
headers = parseHeaders(headers)
self.assertTrue('injected_id' not in headers['Set-Cookie'])
def testPassThroughOfCallables(self):
def callableMethod():
pass
def handleRequest(*args, **kwargs):
yield callableMethod
yield "HTTP/1.0 200 OK\r\n\r\nBODY"
yield callableMethod
yield "THE END"
self.observer.handleRequest = handleRequest
result = asList(self.handler.handleRequest(Headers={}))
self.assertEquals(callableMethod, result[0])
self.assertEquals("HTTP/1.0 200 OK\r\n", result[1])
self.assertEquals("\r\nBODY", result[3])
self.assertEquals(callableMethod, result[4])
self.assertTrue(result[2].startswith('Set-Cookie: session'), result[2])
self.assertEquals("THE END", result[5])
class CookieMemoryStoreTest(SeecrTestCase):
def setUp(self):
SeecrTestCase.setUp(self)
self.d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
self.d._now = lambda: 123456789.0
def testCookieName(self):
name = self.d.cookieName()
self.assertTrue(name.startswith('name'))
self.assertEqual(name, self.d.cookieName())
self.assertNotEqual(name, CookieMemoryStore(timeout=0.1).cookieName())
def testCreateCookie(self):
result = self.d.createCookie('username')
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
self.assertNotEqual(result, self.d.createCookie('username'))
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
self.d.cookieName(), result['cookie']), result['header'])
sleep(0.06)
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.06)
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
sleep(0.12)
self.assertEqual(None, self.d.validateCookie(result['cookie']))
def testCreateCookieSecure(self):
d = CookieMemoryStore(name='name', timeout=0.1, secure=True, httpOnly=False)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; Secure'.format(
d.cookieName(), result['cookie']), result['header'])
def testCreateCookieHttpOnly(self):
d = CookieMemoryStore(name='name', timeout=0.1)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=True)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT; HttpOnly'.format(
d.cookieName(), result['cookie']), result['header'])
d = CookieMemoryStore(name='name', timeout=0.1, httpOnly=False)
d._now = lambda: 123456789.0
result = d.createCookie('username')
self.assertEqual('Set-Cookie: {0}={1}; path=/; expires=Thu, 29 Nov 1973 21:33:09 GMT'.format(
d.cookieName(), result['cookie']), result['header'])
def testCreateCookieForAnyObject(self):
o = object()
result = self.d.createCookie(o)
self.assertEqual(o, self.d.validateCookie(result['cookie'])['value'])
def testRemoveCookie(self):
result = self.d.createCookie('username')
self.assertEqual('username', self.d.validateCookie(result['cookie'])['value'])
self.d.removeCookie(result['cookie'])
self.assertEqual(None, self.d.validateCookie(result['cookie']))
self.d.removeCookie(result['cookie'])
def testRemoveCookiesWithObjectFilter(self):
c1 = self.d.createCookie({'username': '******'})
c2 = self.d.createCookie(object())
c3 = self.d.createCookie('otheruser')
self.d.removeCookies(filter=lambda o:o.get('username') == 'name')
self.assertFalse(self.d.validateCookie(c1['cookie']))
self.assertTrue(self.d.validateCookie(c2['cookie']))
self.assertTrue(self.d.validateCookie(c3['cookie']))
