def test_basic_authentication(api):
autorization = {'Authorization': encode("edu", "edu")}
response = api.handle_request(method='GET',
path='/hello',
body=None,
headers=autorization)
assert 200 == response['statusCode']
def test_index(api):
headers = {'Authorization': encode("abc", "abc")}
response = api.handle_request(method='GET',
path='/',
headers=headers,
body=None)
assert 200 == response['statusCode']
def test_bind_user(self):
base_infos = {'fullname': u'John Doe',
'email': '*****@*****.**', }
infos = {'password': "******"}
public_infos = {'username': '******', 'sshkey': 'None'}
infos.update(base_infos)
public_infos.update(base_infos)
localuser.update_user(u'john', infos)
authorization = encode('john', "abc")
self.assertEqual(public_infos,
localuser.bind_user(authorization),
localuser.bind_user(authorization))
authorization = encode('john', "abc123")
self.assertRaises(localuser.BindForbidden,
lambda: localuser.bind_user(authorization))
authorization = encode('denis', "abc")
self.assertRaises(localuser.UserNotFound,
lambda: localuser.bind_user(authorization))
def get_encoded_string():
config = configparser.ConfigParser()
config.read(USERDATA_PATH)
username = config.get('default', 'username')
account_uuid = config.get('default', 'account-uuid')
password = config.get('default', 'password')
encoded_str = encode(username, password)
return encoded_str
def test_bind_user(self):
base_infos = {
'fullname': u'John Doe',
'email': '*****@*****.**',
}
infos = {'password': "******"}
public_infos = {'username': '******', 'sshkey': 'None'}
infos.update(base_infos)
public_infos.update(base_infos)
localuser.update_user(u'john', infos)
authorization = encode('john', "abc")
self.assertEqual(public_infos, localuser.bind_user(authorization),
localuser.bind_user(authorization))
authorization = encode('john', "abc123")
self.assertRaises(localuser.BindForbidden,
lambda: localuser.bind_user(authorization))
authorization = encode('denis', "abc")
self.assertRaises(localuser.UserNotFound,
lambda: localuser.bind_user(authorization))
def test_getuser_info(app, client):
user_from_db = User.query.filter_by(username='******').first()
res = client.get('/api/v1/user/id/' + user_from_db.username,
headers={
'shorturl-access-token':
encode(user_from_db.username, 'alpha').split(' ')[1],
'Content-Type':
'application/json'
})
assert res.status_code == 200
def test_properly_escapes_colons():
username, password = b'username', b'pass:word:'
encoded_str = encode(username, password)
assert (username, password) == decode(encoded_str)
# This test ensures things work even if the client doesn't properly URL
# encode the username / password fields.
encoded_str = b'Basic %s' % b64encode(b'%s:%s' % (username, password))
assert (username, password) == decode(encoded_str)
def test_properly_escapes_colons(self):
username, password = '******', 'pass:word:'
encoded_str = encode(username, password)
self.assertEqual((username, password), decode(encoded_str))
# This test ensures things work even if the client doesn't properly URL
# encode the username / password fields.
encoded_str = 'Basic %s' % b64encode('%s:%s' % (username, password))
self.assertEqual((username, password), decode(encoded_str))
def generateBasicAuthHeader(username, password):
# pdb.set_trace()
loginString = ("%@:%@" + username + password)
#concatString = username + ":" + password
utf8 = loginString.encode('utf-8')
base64String = base64.b64encode(utf8)
finalString = "Basic " + str(base64String)
encoded_str = encode(username, password)
username, password = decode(encoded_str)
return encoded_str
def test_activate_user(app, client):
data = {'username': '******'}
res = client.post('/api/v1/user/action/activate',
headers={
'shorturl-access-token':
encode('test', 'alpha').split(' ')[1],
'Content-Type':
'application/json'
},
data=json.dumps(data))
assert res.status_code == 200
def post(request):
username = request.data["username"]
password = request.data["password"]
print(username, password)
account = authenticate(username=username, password=password)
print(account)
if (account is not None):
return Response({"Token": encode(username, password)},
status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
def test_properly_escapes_colons(self):
username, password = '******', 'pass:word:'
encoded_str = encode(username, password)
self.assertEqual((username, password), decode(encoded_str))
# This test ensures things work even if the client doesn't properly URL
# encode the username / password fields.
username_password = '******' % (username, password)
encoded_str = 'Basic %s' % b64encode(
username_password.encode()).decode()
self.assertEqual((username, password), decode(encoded_str))
def test_activate_pvt_card(app, client):
card_from_db = Card.query.filter_by(short_url='test_url_pvt').first()
data = {'card_ids': [card_from_db.card_id]}
res = client.post('/api/v1/card/action/activate',
headers={
'shorturl-access-token':
encode('test', 'alpha').split(' ')[1],
'Content-Type':
'application/json'
},
data=json.dumps(data))
assert res.status_code == 200
def check_db_user(config, username, password):
localdb = config.auth.get('localdb')
if localdb:
bind_url = urllib.basejoin(localdb['managesf_url'], '/manage/bind')
headers = {"Authorization": encode(username, password)}
response = requests.get(bind_url, headers=headers)
if response.status_code > 399:
logger.error('localdb auth failed: %s' % response)
return None
infos = response.json()
return infos['email'], infos['fullname'], [{'key': infos['sshkey']}, ]
def generate_token(api_user, api_key):
try:
req = requests.post("https://sandbox.momodeveloper.mtn.com/collection/token/", headers={
'Authorization': encode(api_user, api_key),
'Ocp-Apim-Subscription-Key': literals.Ocp_Apim_Subscription_Key
})
data = req.json()
return data["access_token"]
except Exception as err:
print(err)
except requests.exceptions.RequestException as e:
print(e)
def _get_response_data(self, method, url_prefix, data=None, params=None):
basic_auth_signature = encode(self._credential, self._secret)
headers = {
'Authorization': basic_auth_signature
}
response = requests.request(method, self._base_url + '/' + url_prefix.lstrip('/'), headers=headers, json=data, params=params, verify=False)
try:
data = response.json()
if data['results'] == 'ERROR':
raise
return data['results']
except:
raise DartRequestException(response)
def _get_response_data(self, method, url_prefix, data=None, params=None):
basic_auth_signature = encode(self._credential, self._secret)
headers = {
'Authorization': basic_auth_signature
}
response = requests.request(method, self._base_url + '/' + url_prefix.lstrip('/'), headers=headers, json=data,
params=params, verify=False)
try:
data = response.json()
if data['results'] == 'ERROR':
raise
return data['results']
except:
raise DartRequestException(response)
def test_verify_user(app, client):
user_from_db = User.query.filter_by(username='******').first()
data = {
'username': '******',
'verification_code': user_from_db.verification_code
}
res = client.post('/api/v1/user/action/verify/',
headers={
'shorturl-access-token':
encode('test', 'alpha').split(' ')[1],
'Content-Type':
'application/json'
},
data=json.dumps(data))
assert res.status_code == 200
def test_add_pvt_card(app, client):
data = {
'title': 'test pvt card',
'description': 'test pvt card',
'redirect_url': 'https://www.google.com/',
'short_url': 'test_url_pvt'
}
res = client.post('/api/v1/card/add/',
headers={
'shorturl-access-token':
encode('test', 'alpha').split(' ')[1],
'Content-Type':
'application/json'
},
data=json.dumps(data))
assert res.status_code == 200 or res.status_code == 409
def test_add_pvt_card_access(app, client):
card_from_db = Card.query.filter_by(short_url='test_url_pvt').first()
data = {
'card_id': card_from_db.card_id,
'username': ['public'],
'access_type': 'RW'
}
res = client.post('/api/v1/card_access/add/',
headers={
'shorturl-access-token':
encode('test', 'alpha').split(' ')[1],
'Content-Type':
'application/json'
},
data=json.dumps(data))
assert res.status_code == 200
def test_unicode_user(self):
infos = {'fullname': u'うずまきナルト',
'email': 'hokage@konoha',
'password': "******"}
localuser.update_user(u'七代目火影4lyf', infos)
expected = {'username': u'七代目火影4lyf',
'fullname': u'うずまきナルト',
'email': 'hokage@konoha',
'sshkey': 'None'}
ret = localuser.model.get_user(u'七代目火影4lyf')
del ret['hashed_password']
self.assertDictEqual(ret, expected)
authorization = encode(u'七代目火影4lyf'.encode('utf8'), "abc")
self.assertDictEqual(expected,
localuser.bind_user(authorization),
localuser.bind_user(authorization))
def _init_python_osdf_api(onap_ip):
api = API(
api_root_url="https://{}:30248/api/oof/v1/".format(onap_ip),
params={},
headers={
'Authorization': encode("test", "testpwd"),
'X-FromAppId': 'SCRIPT',
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-TransactionId': str(uuid.uuid4()),
},
timeout=30,
append_slash=False,
json_encode_body=True # encode body as json
)
api.add_resource(resource_name='osdf', resource_class=OSDFApiResource)
return api
def test_update_pvt_card(app, client):
data = {
'title': 'test pvt card' + code_gen(3),
'description': 'test pvt card',
'redirect_url': 'https://www.google.com/',
'short_url': 'test_url_pvt',
'username': '******'
}
card_from_db = Card.query.filter_by(short_url='test_url_pvt').first()
res = client.post('/api/v1/card/update/' + card_from_db.card_id,
headers={
'shorturl-access-token':
encode('test', 'alpha').split(' ')[1],
'Content-Type':
'application/json'
},
data=json.dumps(data))
assert res.status_code == 200
def test_unicode_user(self):
infos = {
'fullname': u'うずまきナルト',
'email': 'hokage@konoha',
'password': "******"
}
localuser.update_user(u'七代目火影4lyf', infos)
expected = {
'username': u'七代目火影4lyf',
'fullname': u'うずまきナルト',
'email': 'hokage@konoha',
'sshkey': 'None'
}
ret = localuser.model.get_user(u'七代目火影4lyf')
del ret['hashed_password']
self.assertDictEqual(ret, expected)
authorization = encode(u'七代目火影4lyf'.encode('utf8'), "abc")
self.assertDictEqual(expected, localuser.bind_user(authorization),
localuser.bind_user(authorization))
def basicAuth(username, password, hash):
#GET USER, PASSWORD
print(
"################ Uebergabe von Benutzername und Passwort ###############"
)
#username, password = "******", "MTB_Admin"
encode_str = encode(username, password)
print(encode_str)
print(
"################ Uebergabe von Benutzername und Passwort ###############"
)
print(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
)
print("################ Uebergabe von Hash ###############")
#GET HASH
username, password = decode(encode_str)
print(username, password)
print("################ Uebergabe von Hash ###############")
def _init_python_appc_lcm_api(onap_ip):
api = API(
api_root_url="https://{}:30230/restconf/operations/".format(onap_ip),
params={},
headers={
'Authorization':
encode("admin", "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U"),
'X-FromAppId':
'SCRIPT',
'Accept':
'application/json',
'Content-Type':
'application/json',
},
timeout=300,
append_slash=False,
json_encode_body=True # encode body as json
)
api.add_resource(resource_name='lcm', resource_class=APPCLcmApiResource)
return api
def getAccessToken():
url = 'https://demo-api-eccnetservices.gs1ca.org/oauth/token'
clientId = 'fclcduat'
clientSecret = '99759D7A-5B53-4465-9CB4-5FDFD02675E7'
# Dictionary of headers (Only Authentication here)
encoded_str = encode(clientId, clientSecret)
headers = {'Authorization': encoded_str}
# Dictionary of query parameters (if any)
payload = {
'grant_type': 'password',
'scope': 'basic',
'username': '******',
'password': '******',
}
response = requests.post(url, data=payload, headers=headers)
body = json.loads(response.content)
token = body["access_token"]
return token
def test_properly_escapes_colons(self):
username, password = '******', 'pass:word:'
encoded_str = encode(username, password)
self.assertEqual((username, password), decode(encoded_str))
def test_decodes_hashes_only(self):
username, password = '******', 'omgawesome!'
encoded_str = encode(username, password)
encoded_hash = encoded_str.split(' ')[1]
self.assertEqual((username, password), decode(encoded_hash))
def test_decodes_fully_encoded_strings(self):
username, password = '******', 'password'
encoded_str = encode(username, password)
self.assertEqual((username, password), decode(encoded_str))
def test_decodes_empty_username(self):
self.assertEqual('', decode(encode('', 'password'))[0])
def test_decodes_empty_password(self):
self.assertEqual('', decode(encode('username', ''))[1])
def test_decodes_empty_username(self):
self.assertEqual('', decode(encode('', 'password'))[0])
def test_encodes_long_password(self):
self.assertTrue(encode('', 'password'*1000000))
def test_decodes_fully_encoded_strings(self):
username, password = '******', 'password'
encoded_str = encode(username, password)
self.assertEqual((username, password), decode(encoded_str))
def test_encodes_short_password(self):
self.assertTrue(encode('username', ''))
def test_encodes_long_username(self):
self.assertTrue(encode('username' * 1000000, ''))
def test_prevent_colon_char(self):
self.assertRaises(EncodeError, lambda: encode(':', 'password'))
def test_encodes_long_password(self):
self.assertTrue(encode('', 'password' * 1000000))
def test_prevent_colon_char(self):
self.assertRaises(EncodeError, lambda: encode(':', 'password'))
def test_decodes_hashes_only(self):
username, password = '******', 'omgawesome!'
encoded_str = encode(username, password)
encoded_hash = encoded_str.split(' ')[1]
self.assertEqual((username, password), decode(encoded_hash))
def test_prepends_basic_auth(self):
self.assertTrue(encode('', '').lower().startswith('basic'))
def test_encodes_long_username(self):
self.assertTrue(encode('username'*1000000, ''))
def test_adds_space_after_basic(self):
self.assertTrue(encode('', '').lower().startswith('basic '))
def test_decodes_empty_password(self):
self.assertEqual('', decode(encode('username', ''))[1])
def test_encodes_short_username(self):
self.assertTrue(encode('', 'password'))
def test_prepends_basic_auth(self):
self.assertTrue(encode('', '').lower().startswith('basic'))