def test_authorization_trust_request_not_permitted(self):
"""
Test the AuthorizationTrustRequestHandler returns an
AuthorizationViolation and closes the connection if the permission
verifier does not permit the connections public key.
"""
auth_trust_request = AuthorizationTrustRequest(
roles=[RoleType.Value("NETWORK")], public_key="public_key")
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(roles,
connection_status={
"connection_id":
ConnectionStatus.CONNECTION_REQUEST
})
# say that connection is not permitted
permission_verifer = MockPermissionVerifier(allow=False)
gossip = MockGossip()
handler = AuthorizationTrustRequestHandler(network, permission_verifer,
gossip)
handler_status = handler.handle("connection_id",
auth_trust_request.SerializeToString())
self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE)
self.assertEqual(handler_status.message_type,
validator_pb2.Message.AUTHORIZATION_VIOLATION)
def test_authorization_challenge_submit_bad_last_message(self):
"""
Test the AuthorizationChallengeSubmitHandler returns an
AuthorizationViolation and closes the connection if the last message
was not AuthorizaitonChallengeRequest.
"""
context = create_context('secp256k1')
private_key = context.new_random_private_key()
crypto_factory = CryptoFactory(context)
signer = crypto_factory.new_signer(private_key)
payload = os.urandom(10)
signature = signer.sign(payload)
auth_challenge_submit = AuthorizationChallengeSubmit(
public_key=signer.get_public_key().as_hex(),
signature=signature,
roles=[RoleType.Value("NETWORK")])
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(roles,
connection_status={"connection_id": "other"})
permission_verifer = MockPermissionVerifier()
gossip = MockGossip()
handler = AuthorizationChallengeSubmitHandler(
network, permission_verifer, gossip, {"connection_id": payload})
handler_status = handler.handle(
"connection_id", auth_challenge_submit.SerializeToString())
self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE)
self.assertEqual(handler_status.message_type,
validator_pb2.Message.AUTHORIZATION_VIOLATION)
def test_authorization_trust_request(self):
"""
Test the AuthorizationTrustRequestHandler returns an
AuthorizationTrustResponse if the AuthorizationTrustRequest should be
approved.
"""
auth_trust_request = AuthorizationTrustRequest(
roles=[RoleType.Value("NETWORK")], public_key="public_key")
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(roles,
connection_status={
"connection_id":
ConnectionStatus.CONNECTION_REQUEST
})
permission_verifer = MockPermissionVerifier()
gossip = MockGossip()
handler = AuthorizationTrustRequestHandler(network, permission_verifer,
gossip)
handler_status = handler.handle("connection_id",
auth_trust_request.SerializeToString())
self.assertEqual(handler_status.status, HandlerStatus.RETURN)
self.assertEqual(handler_status.message_type,
validator_pb2.Message.AUTHORIZATION_TRUST_RESPONSE)
def do_authorization_challenge_submit():
"""
Test the AuthorizationChallengeSubmitHandler returns an
AuthorizationChallengeResult.
"""
context = create_context('secp256k1')
private_key = context.new_random_private_key()
crypto_factory = CryptoFactory(context)
signer = crypto_factory.new_signer(private_key)
payload = os.urandom(10)
signature = signer.sign(payload)
auth_challenge_submit = AuthorizationChallengeSubmit(
public_key=signer.get_public_key().as_hex(),
signature=signature,
roles=[RoleType.Value("NETWORK")])
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(roles,
connection_status={
"connection_id":
ConnectionStatus.AUTH_CHALLENGE_REQUEST
})
permission_verifer = MockPermissionVerifier()
gossip = MockGossip()
handler = AuthorizationChallengeSubmitHandler(network, permission_verifer,
gossip,
{"connection_id": payload})
handler_status = handler.handle("connection_id",
auth_challenge_submit.SerializeToString())
return handler_status
def test_authorization_challenge_submit(self):
"""
Test the AuthorizationChallengeSubmitHandler returns an
AuthorizationViolation and closes the connection if the permission
verifier does not permit the public_key.
"""
private_key = signing.generate_private_key()
public_key = signing.generate_public_key(private_key)
payload = os.urandom(10)
signature = signing.sign(payload, private_key)
auth_challenge_submit = AuthorizationChallengeSubmit(
public_key=public_key,
payload=payload,
signature=signature,
roles=[RoleType.Value("NETWORK")])
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(roles,
connection_status={
"connection_id":
ConnectionStatus.AUTH_CHALLENGE_REQUEST
})
permission_verifer = MockPermissionVerifier(allow=False)
gossip = MockGossip()
handler = AuthorizationChallengeSubmitHandler(network,
permission_verifer,
gossip)
handler_status = handler.handle(
"connection_id", auth_challenge_submit.SerializeToString())
self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE)
self.assertEqual(handler_status.message_type,
validator_pb2.Message.AUTHORIZATION_VIOLATION)
def test_authorization_trust_request_bad_last_message(self):
"""
Test the AuthorizationTrustRequestHandler returns an
AuthorizationViolation and closes the connection if the last message
was not a ConnectionRequest.
"""
auth_trust_request = AuthorizationTrustRequest(
roles=[RoleType.Value("NETWORK")],
public_key="public_key")
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(
roles,
connection_status={"connection_id":
"other"})
permission_verifer = MockPermissionVerifier()
gossip = MockGossip()
handler = AuthorizationTrustRequestHandler(
network, permission_verifer, gossip)
handler_status = handler.handle(
"connection_id",
auth_trust_request.SerializeToString())
self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE)
self.assertEqual(
handler_status.message_type,
validator_pb2.Message.AUTHORIZATION_VIOLATION)
def do_authorization_trust_request():
"""
Test the AuthorizationTrustRequestHandler returns an
AuthorizationTrustResponse if the AuthorizationTrustRequest should be
approved.
"""
auth_trust_request = AuthorizationTrustRequest(
roles=[RoleType.Value("NETWORK")], public_key="public_key")
roles = {"network": AuthorizationType.TRUST}
network = MockNetwork(roles,
connection_status={
"connection_id":
ConnectionStatus.CONNECTION_REQUEST
})
permission_verifer = MockPermissionVerifier()
gossip = MockGossip()
handler = AuthorizationTrustRequestHandler(network, permission_verifer,
gossip)
handler_status = handler.handle("connection_id",
auth_trust_request.SerializeToString())
return handler_status