def test_bad_path(self):
path = '/a/b/c'
params = dict(d=5, e=6)
signed_params = security.sign_request(path, params, self.client['_id'], self.key_str)
req = testing.DummyRequest(path=path + 'd/', params=signed_params, remote_addr='1.2.3.5')
with self.assertRaises(exc.HTTPForbidden):
security.validate_request(req)
def test_valid(self):
path = '/a/b/c'
params = dict(d=5, e=6)
signed_params = security.sign_request(path, params, self.client['_id'], self.key_str)
req = testing.DummyRequest(path=path, params=signed_params, remote_addr='1.2.3.4')
client_doc = security.validate_request(req)
self.assertEqual(client_doc['_id'], self.client['_id'])
def test_no_client_id(self):
path = '/a/b/c'
params = dict(d=5, e=6)
signed_params = security.sign_request(path, params, self.client['_id'], self.key_str)
signed_params = dict(signed_params)
signed_params.pop('client_id')
req = testing.DummyRequest(path=path + 'd/', params=signed_params, remote_addr='1.2.3.5')
with self.assertRaises(exc.HTTPBadRequest):
security.validate_request(req)
def test_creds_prod(self):
path = '/pwcred/'
signed_params = security.sign_request(path, {}, self.prod_cli._id, self.key_str)
req = testing.DummyRequest(
path='/pwcred/', params=signed_params, remote_addr='1.2.3.4',
matchdict=dict(key='pwcred'))
resp = views.get_creds(req)
decrypted = M.decrypt_credentials(self.key_str, self.test_cli, **resp)
self.assertEqual(decrypted, dict(a=2))
def test_bad_client(self):
path = '/a/b/c'
params = dict(d=5, e=6)
signed_params = security.sign_request(path, params, self.client['_id'], self.key_str)
signed_params = dict(signed_params)
signed_params['client_id'] = bson.ObjectId()
req = testing.DummyRequest(path=path + 'd/', params=signed_params, remote_addr='1.2.3.5')
with self.assertRaises(exc.HTTPNotFound):
security.validate_request(req)
