def test_authenticate_invalid_user(self): def error(*args): raise ValueError("Invalid Signature") self.replacer.replace("nexus.token_utils.validate_token", error) client = Client(self.config) self.assertFalse(client.authenticate_user("this is a bad token"))
def test_authenticate_valid_user(self): username = "******" def auth(*args, **kwargs): return username self.replacer.replace("nexus.token_utils.validate_token", auth) client = Client(self.config) self.assertEqual(username, client.authenticate_user("this is a good token"))
def test_full_authenticate_user(self): import rsa pubkey, privkey = rsa.newkeys(512) def get_cert(*args, **kwargs): return namedtuple("Request", ["content"])(json.dumps({"pubkey": pubkey.save_pkcs1()})) self.replacer.replace("requests.get", get_cert) token = "un=test|SigningSubject=https://graph.api.globusonline.org/goauth/keys/test1|expiry={0}" expires = datetime.datetime.utcnow() + datetime.timedelta(minutes=5) token = token.format(time.mktime(expires.timetuple())) sig = rsa.sign(token, privkey, "SHA-1") hex_sig = binascii.hexlify(sig) token = "{0}|sig={1}".format(token, hex_sig) client = Client(self.config) self.assertTrue(client.authenticate_user(token)) sig = sig + "f" hex_sig = binascii.hexlify(sig) token = "{0}|sig={1}".format(token, hex_sig) self.assertFalse(client.authenticate_user(token))
import os.path from getpass import getpass from nexus import Client # First instantiate a client object either with a dictionary or with a yaml file pwd = os.path.dirname(__file__) client = Client(config_file=os.path.join(pwd, 'sample.yml')) # Generate a url for the end user to use to authorize this client/authenticate. url = client.generate_request_url() print "Please authenticate using the following url" print url token = raw_input("Please copy the resulting code here: ") # At this point the end user needs to authenticate with the supplied url. The # easiest way to do this is: curl -k --user test:test1 "<supplied_url>". The # result will contain the token in the "code" field. Paste that here. # Validate the token: user = client.authenticate_user(token) if user is not None: print "Yup, you are {0}".format(user) else: print "That is not a valid authorization code" #Get an access key for yourself using rsa: print client.request_client_credential(user, lambda: getpass("Private Key Password")) print "Get a request token using rsa authentication" print client.rsa_get_request_token(user, lambda: getpass("Private Key Password"))