def test_serialize(self): """The principal can be serialized to just the OTP data.""" self.set_otp_test_ace() principal = OTPPrincipal(self.client) yield principal.create("foobar", "secret") otp_data = principal.serialize() path, user, password = base64.b64decode(otp_data).split(":") acl, stat = yield self.client.get_acl(path) self.assertEqual(principal.get_token(), make_identity("foobar:secret")) self.assertEqual(principal.name, "foobar")
def test_serialize(self): """The principal can be serialized to just the OTP data.""" self.set_otp_test_ace() principal = OTPPrincipal(self.client) yield principal.create("foobar", "secret") otp_data = principal.serialize() path, user, password = base64.b64decode(otp_data).split(":") acl, stat = yield self.client.get_acl(path) self.assertEqual(principal.get_token(), make_identity("foobar:secret")) self.assertEqual(principal.name, "foobar")
def test_consume(self): """The OTP serialization can be used to retrievethe actual credentials. """ principal = OTPPrincipal(self.client) yield principal.create("foobar", "secret") otp_data = principal.serialize() path, _ = base64.b64decode(otp_data).split(":", 1) acl, stat = yield self.client.get_acl(path) # Verify that the OTP data is secure yield self.assertFailure( self.client.get(path), zookeeper.NoAuthException) name, password = yield OTPPrincipal.consume(self.client, otp_data) self.assertEqual(name, "foobar") self.assertEqual(password, "secret") children = yield self.client.get_children("/otp") self.assertFalse(children)
def test_consume(self): """The OTP serialization can be used to retrievethe actual credentials. """ principal = OTPPrincipal(self.client) yield principal.create("foobar", "secret") otp_data = principal.serialize() path, _ = base64.b64decode(otp_data).split(":", 1) acl, stat = yield self.client.get_acl(path) # Verify that the OTP data is secure yield self.assertFailure(self.client.get(path), zookeeper.NoAuthException) name, password = yield OTPPrincipal.consume(self.client, otp_data) self.assertEqual(name, "foobar") self.assertEqual(password, "secret") children = yield self.client.get_children("/otp") self.assertFalse(children)