def test_get_assertion_info(self):
assertion = """
eyJjZXJ0aWZpY2F0ZXMiOlsiZXlKaGJHY2lPaUpTVXpFeU9DSjkuZXlKcGMzTWlPaUppY
205M2MyVnlhV1F1YjNKbklpd2laWGh3SWpveE16SXhPVFF4T1Rnek1EVXdMQ0p3ZFdKc2
FXTXRhMlY1SWpwN0ltRnNaMjl5YVhSb2JTSTZJbEpUSWl3aWJpSTZJamd4TmpreE5UQTB
OVGswTkRVek5EVTFPREF4TlRreU5Ea3hNemsyTkRFNE56RTJNVFUwTkRNNE5EWXdPREl6
TXpBMU1USXlPRGN3TURRNE56TTFNREk1TURrek16a3lNRFkzTURFMU1qQTBORGd6TWpVM
U56WXdOREE1TnpFeU9EYzNNVGswT1RVek1UQXdNVFEyTkRVek56TTJOakU0TlRVek5EY3
hNakkxT0RreU16TTFPRFV4TWpZNU1EQXdOREF5TVRrMk9ERTBNRGtpTENKbElqb2lOalU
xTXpjaWZTd2ljSEpwYm1OcGNHRnNJanA3SW1WdFlXbHNJam9pY25saGJrQnlabXN1YVdR
dVlYVWlmWDAua19oaEtYMFRCVnUyX2szbV9uRDVOVWJfTktwX19PLTY1MW1CRUl3S1NZZ
GlOenQwQm9WRkNEVEVueEhQTWJCVjJaejk0WDgtLVRjVXJidEV0MWV1S1dWdjMtNTFUOU
xBZnV6SEhfekNCUXJVbmxkMVpXSmpBM185ZEhQeTMwZzRMSU9YZTJWWmd0T1Nva3MyZFE
4ZDNvazlSUTJQME5ERzB1MDBnN3lGejE4Il0sImFzc2VydGlvbiI6ImV5SmhiR2NpT2lK
U1V6WTBJbjAuZXlKbGVIQWlPakV6TWpFNU1qazBOelU0TWprc0ltRjFaQ0k2SW1oMGRIQ
TZMeTl0ZVdaaGRtOXlhWFJsWW1WbGNpNXZjbWNpZlEuQWhnS2Q0eXM0S3FnSGJYcUNSS3
hHdlluVmFJOUwtb2hYSHk0SVBVWDltXzI0TWdfYlU2aGRIMTNTNnFnQy1vSHBpS3BfTGl
6cDRGRjlUclBjNjBTRXcifQ
""".replace(" ", "").replace("\n", "").strip()
data = get_assertion_info(assertion)
self.assertEquals(data["principal"]["email"], "*****@*****.**")
self.assertEquals(data["audience"], "http://myfavoritebeer.org")
self.assertRaises(ValueError, get_assertion_info, "JUNK")
self.assertRaises(ValueError, get_assertion_info, "X")
self.assertRaises(ValueError, get_assertion_info, "\x00\x01\x02")
bad_assertion = encode_json_bytes({"fake": "assertion"})
self.assertRaises(ValueError, get_assertion_info, bad_assertion)
def test_get_assertion_info(self):
assertion = """
eyJjZXJ0aWZpY2F0ZXMiOlsiZXlKaGJHY2lPaUpTVXpFeU9DSjkuZXlKcGMzTWlPaUppY
205M2MyVnlhV1F1YjNKbklpd2laWGh3SWpveE16SXhPVFF4T1Rnek1EVXdMQ0p3ZFdKc2
FXTXRhMlY1SWpwN0ltRnNaMjl5YVhSb2JTSTZJbEpUSWl3aWJpSTZJamd4TmpreE5UQTB
OVGswTkRVek5EVTFPREF4TlRreU5Ea3hNemsyTkRFNE56RTJNVFUwTkRNNE5EWXdPREl6
TXpBMU1USXlPRGN3TURRNE56TTFNREk1TURrek16a3lNRFkzTURFMU1qQTBORGd6TWpVM
U56WXdOREE1TnpFeU9EYzNNVGswT1RVek1UQXdNVFEyTkRVek56TTJOakU0TlRVek5EY3
hNakkxT0RreU16TTFPRFV4TWpZNU1EQXdOREF5TVRrMk9ERTBNRGtpTENKbElqb2lOalU
xTXpjaWZTd2ljSEpwYm1OcGNHRnNJanA3SW1WdFlXbHNJam9pY25saGJrQnlabXN1YVdR
dVlYVWlmWDAua19oaEtYMFRCVnUyX2szbV9uRDVOVWJfTktwX19PLTY1MW1CRUl3S1NZZ
GlOenQwQm9WRkNEVEVueEhQTWJCVjJaejk0WDgtLVRjVXJidEV0MWV1S1dWdjMtNTFUOU
xBZnV6SEhfekNCUXJVbmxkMVpXSmpBM185ZEhQeTMwZzRMSU9YZTJWWmd0T1Nva3MyZFE
4ZDNvazlSUTJQME5ERzB1MDBnN3lGejE4Il0sImFzc2VydGlvbiI6ImV5SmhiR2NpT2lK
U1V6WTBJbjAuZXlKbGVIQWlPakV6TWpFNU1qazBOelU0TWprc0ltRjFaQ0k2SW1oMGRIQ
TZMeTl0ZVdaaGRtOXlhWFJsWW1WbGNpNXZjbWNpZlEuQWhnS2Q0eXM0S3FnSGJYcUNSS3
hHdlluVmFJOUwtb2hYSHk0SVBVWDltXzI0TWdfYlU2aGRIMTNTNnFnQy1vSHBpS3BfTGl
6cDRGRjlUclBjNjBTRXcifQ
""".replace(" ", "").replace("\n", "").strip()
data = get_assertion_info(assertion)
self.assertEquals(data["principal"]["email"], "*****@*****.**")
self.assertEquals(data["audience"], "http://myfavoritebeer.org")
self.assertRaises(ValueError, get_assertion_info, "JUNK")
self.assertRaises(ValueError, get_assertion_info, "X")
self.assertRaises(ValueError, get_assertion_info, "\x00\x01\x02")
bad_assertion = encode_json_bytes({"fake": "assertion"})
self.assertRaises(ValueError, get_assertion_info, bad_assertion)
def verify(self, assertion, audience=None):
info = get_assertion_info(assertion)
self.check_audience(assertion, audience)
return {
"status": "okay",
"audience": info["audience"],
"email": info["principal"]["email"]
}
def mock_verify_method(assertion):
if exc is not None:
raise exc
if response is not None:
return response
return {
"status": "okay",
"email": get_assertion_info(assertion)["principal"]["email"],
}
def mock_verify_method(assertion):
if exc is not None:
raise exc
if response is not None:
return response
return {
"status": "okay",
"email": get_assertion_info(assertion)["principal"]["email"],
}
def getSyncAuthToken(session, server, synckey, audience=None, keypair=None, certificate=None):
# build browserid assertion then then request sync auth token from token server
#
# GET /1.0/sync/1.5
# Host: token.services.mozilla.com
# Authorization: BrowserID <assertion>
if ( audience == None ):
parsed_url = urlparse(server)
audience = parsed_url.scheme + "://" + parsed_url.netloc
if ( keypair == None ):
if ( certificate != None ):
raise WeaveException("certificate param is invalid without keypair!")
keypair = create_fxa_keypair()
pubkey, privkey = keypair
#print "privkey:\n" + pprint.pformat(privkey.get_data())
#print "pubkey:\n" + pprint.pformat(pubkey.get_data())
if ( certificate == None ):
certificate = session.sign_certificate(pubkey.get_data())
#print "certificate:\n" + pprint.pformat(certificate)
logging.debug("certificate:\n" + pprint.pformat(decode_certificate(certificate)))
assertion = build_assertion(keypair, certificate, audience)
#assertion = build_assertion(keypair, certificate, audience, new_style=False)
#print "browserid assertion:\n" + pprint.pformat(assertion)
logging.debug("browserid assertion:\n" + pprint.pformat(get_assertion_info(assertion)))
if not verify_assertion(audience, assertion, local=False):
raise WeaveException("Failed to verify assertion for audience '%s'" % audience)
client_state = build_client_state_header(synckey)
logging.debug("clientstate: %s" % client_state)
url = server + "/1.0/sync/1.5"
logging.debug("token server: " + url)
headers = {
'Content-Type': "application/json",
'Authorization': "BrowserID %s" % assertion,
'X-Client-State': client_state,
}
res = requests.get(url, headers=headers)
if res == None:
raise WeaveException("Request failed, response object is empty")
#raise error for 4XX and 5XX status codes
res.raise_for_status()
logging.debug("response status: %s, content: %s" % (res.status_code, res.text))
return res.json()
def verify(self, assertion, audience=None):
info = get_assertion_info(assertion)
self.check_audience(assertion, audience)
return {"status": "okay",
"audience": info["audience"],
"email": info["principal"]["email"]}
