def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsApplication.authManager() assert (authm.setMasterPassword('masterpassword', True)) cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_cert.pem') cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_key.pem') cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) os.environ['QGIS_SERVER_HOST'] = cls.hostname os.environ['QGIS_SERVER_PORT'] = str(cls.port) os.environ['QGIS_SERVER_OAUTH2_KEY'] = cls.server_key os.environ['QGIS_SERVER_OAUTH2_CERTIFICATE'] = cls.server_cert os.environ['QGIS_SERVER_OAUTH2_USERNAME'] = cls.username os.environ['QGIS_SERVER_OAUTH2_PASSWORD'] = cls.password os.environ['QGIS_SERVER_OAUTH2_AUTHORITY'] = cls.server_rootcert # Set default token expiration to 2 seconds, note that this can be # also controlled when issuing token requests by adding ttl=<int> # to the query string os.environ['QGIS_SERVER_OAUTH2_TOKEN_EXPIRES_IN'] = '2'
def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsAuthManager.instance() assert authm.setMasterPassword("masterpassword", True) cls.pg_conf = os.path.join(cls.tempfolder, "postgresql.conf") cls.pg_hba = os.path.join(cls.tempfolder, "pg_hba.conf") # Client side cls.sslrootcert_path = os.path.join(cls.certsdata_path, "chains_subissuer-issuer-root_issuer2-root2.pem") cls.sslcert = os.path.join(cls.certsdata_path, "gerardus_cert.pem") cls.sslkey = os.path.join(cls.certsdata_path, "gerardus_key.pem") assert os.path.isfile(cls.sslcert) assert os.path.isfile(cls.sslkey) assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslcert, stat.S_IRUSR) os.chmod(cls.sslkey, stat.S_IRUSR) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.auth_config = QgsAuthMethodConfig("PKI-Paths") cls.auth_config.setConfig("certpath", cls.sslcert) cls.auth_config.setConfig("keypath", cls.sslkey) cls.auth_config.setName("test_pki_auth_config") cls.username = "******" cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() authm.rebuildCertTrustCache() assert authm.storeAuthenticationConfig(cls.auth_config)[0] assert cls.auth_config.isValid() # Server side cls.server_cert = os.path.join(cls.certsdata_path, "localhost_ssl_cert.pem") cls.server_key = os.path.join(cls.certsdata_path, "localhost_ssl_key.pem") cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) # Place conf in the data folder with open(cls.pg_conf, "w+") as f: f.write( QGIS_POSTGRES_CONF_TEMPLATE % { "port": cls.port, "tempfolder": cls.tempfolder, "server_cert": cls.server_cert, "server_key": cls.server_key, "sslrootcert_path": cls.sslrootcert_path, } ) with open(cls.pg_hba, "w+") as f: f.write(QGIS_POSTGRES_HBA_TEMPLATE)
def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsApplication.authManager() assert (authm.setMasterPassword('masterpassword', True)) cls.pg_conf = os.path.join(cls.tempfolder, 'postgresql.conf') cls.pg_hba = os.path.join(cls.tempfolder, 'pg_hba.conf') # Client side cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') cls.sslcert = os.path.join(cls.certsdata_path, 'gerardus_cert.pem') cls.sslkey = os.path.join(cls.certsdata_path, 'gerardus_key.pem') assert os.path.isfile(cls.sslcert) assert os.path.isfile(cls.sslkey) assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslcert, stat.S_IRUSR) os.chmod(cls.sslkey, stat.S_IRUSR) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.auth_config = QgsAuthMethodConfig("PKI-Paths") cls.auth_config.setConfig('certpath', cls.sslcert) cls.auth_config.setConfig('keypath', cls.sslkey) cls.auth_config.setName('test_pki_auth_config') cls.username = '******' cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() authm.rebuildCertTrustCache() assert (authm.storeAuthenticationConfig(cls.auth_config)[0]) assert cls.auth_config.isValid() # Server side cls.server_cert = os.path.join(cls.certsdata_path, 'localhost_ssl_cert.pem') cls.server_key = os.path.join(cls.certsdata_path, 'localhost_ssl_key.pem') cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) # Place conf in the data folder with open(cls.pg_conf, 'w+') as f: f.write(QGIS_POSTGRES_CONF_TEMPLATE % { 'port': cls.port, 'tempfolder': cls.tempfolder, 'server_cert': cls.server_cert, 'server_key': cls.server_key, 'sslrootcert_path': cls.sslrootcert_path, }) with open(cls.pg_hba, 'w+') as f: f.write(QGIS_POSTGRES_HBA_TEMPLATE)
def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsAuthManager.instance() assert (authm.setMasterPassword('masterpassword', True)) cls.sslrootcert_path = os.path.join( cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') cls.sslcert = os.path.join(cls.certsdata_path, 'gerardus_cert.pem') cls.sslkey = os.path.join(cls.certsdata_path, 'gerardus_key.pem') assert os.path.isfile(cls.sslcert) assert os.path.isfile(cls.sslkey) assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslcert, stat.S_IRUSR) os.chmod(cls.sslkey, stat.S_IRUSR) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.auth_config = QgsAuthMethodConfig("PKI-Paths") cls.auth_config.setConfig('certpath', cls.sslcert) cls.auth_config.setConfig('keypath', cls.sslkey) cls.auth_config.setName('test_pki_auth_config') cls.username = '******' cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() assert (authm.storeAuthenticationConfig(cls.auth_config)[0]) assert cls.auth_config.isValid() # cls.server_cert = os.path.join(cls.certsdata_path, 'localhost_ssl_cert.pem') cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_cert.pem') # cls.server_key = os.path.join(cls.certsdata_path, 'localhost_ssl_key.pem') cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_key.pem') cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) os.environ['QGIS_SERVER_HOST'] = cls.hostname os.environ['QGIS_SERVER_PORT'] = str(cls.port) os.environ['QGIS_SERVER_PKI_KEY'] = cls.server_key os.environ['QGIS_SERVER_PKI_CERTIFICATE'] = cls.server_cert os.environ['QGIS_SERVER_PKI_USERNAME'] = cls.username os.environ['QGIS_SERVER_PKI_AUTHORITY'] = cls.server_rootcert
def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsApplication.authManager() assert (authm.setMasterPassword('masterpassword', True)) cls.pg_conf = os.path.join(cls.tempfolder, 'postgresql.conf') cls.pg_hba = os.path.join(cls.tempfolder, 'pg_hba.conf') # Client side cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.auth_config = QgsAuthMethodConfig("Basic") cls.auth_config.setConfig('username', cls.username) cls.auth_config.setConfig('password', cls.password) cls.auth_config.setName('test_basic_auth_config') cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() authm.rebuildCertTrustCache() assert (authm.storeAuthenticationConfig(cls.auth_config)[0]) assert cls.auth_config.isValid() cls.authcfg = cls.auth_config.id() # Server side cls.server_cert = os.path.join(cls.certsdata_path, 'localhost_ssl_cert.pem') cls.server_key = os.path.join(cls.certsdata_path, 'localhost_ssl_key.pem') cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) # Place conf in the data folder with open(cls.pg_conf, 'w+') as f: f.write(QGIS_POSTGRES_CONF_TEMPLATE % { 'port': cls.port, 'tempfolder': cls.tempfolder, 'server_cert': cls.server_cert, 'server_key': cls.server_key, 'sslrootcert_path': cls.sslrootcert_path, }) with open(cls.pg_hba, 'w+') as f: f.write(QGIS_POSTGRES_HBA_TEMPLATE)
def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsApplication.authManager() assert (authm.setMasterPassword('masterpassword', True)) cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') cls.sslcert = os.path.join(cls.certsdata_path, 'gerardus_cert.pem') cls.sslkey = os.path.join(cls.certsdata_path, 'gerardus_key.pem') assert os.path.isfile(cls.sslcert) assert os.path.isfile(cls.sslkey) assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslcert, stat.S_IRUSR) os.chmod(cls.sslkey, stat.S_IRUSR) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.auth_config = QgsAuthMethodConfig("PKI-Paths") cls.auth_config.setConfig('certpath', cls.sslcert) cls.auth_config.setConfig('keypath', cls.sslkey) cls.auth_config.setName('test_pki_auth_config') cls.username = '******' cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() assert (authm.storeAuthenticationConfig(cls.auth_config)[0]) assert cls.auth_config.isValid() # cls.server_cert = os.path.join(cls.certsdata_path, 'localhost_ssl_cert.pem') cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_cert.pem') # cls.server_key = os.path.join(cls.certsdata_path, 'localhost_ssl_key.pem') cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_key.pem') cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) os.environ['QGIS_SERVER_HOST'] = cls.hostname os.environ['QGIS_SERVER_PORT'] = str(cls.port) os.environ['QGIS_SERVER_PKI_KEY'] = cls.server_key os.environ['QGIS_SERVER_PKI_CERTIFICATE'] = cls.server_cert os.environ['QGIS_SERVER_PKI_USERNAME'] = cls.username os.environ['QGIS_SERVER_PKI_AUTHORITY'] = cls.server_rootcert
def setUpAuth(cls): """Run before all tests and set up authentication""" authm = QgsApplication.authManager() assert (authm.setMasterPassword('masterpassword', True)) cls.sslrootcert_path = os.path.join( cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') assert os.path.isfile(cls.sslrootcert_path) os.chmod(cls.sslrootcert_path, stat.S_IRUSR) cls.sslrootcert = QSslCertificate.fromPath(cls.sslrootcert_path) assert cls.sslrootcert is not None authm.storeCertAuthorities(cls.sslrootcert) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_cert.pem') cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_key.pem') cls.server_rootcert = cls.sslrootcert_path os.chmod(cls.server_cert, stat.S_IRUSR) os.chmod(cls.server_key, stat.S_IRUSR) os.chmod(cls.server_rootcert, stat.S_IRUSR) os.environ['QGIS_SERVER_HOST'] = cls.hostname os.environ['QGIS_SERVER_PORT'] = str(cls.port) os.environ['QGIS_SERVER_OAUTH2_KEY'] = cls.server_key os.environ['QGIS_SERVER_OAUTH2_CERTIFICATE'] = cls.server_cert os.environ['QGIS_SERVER_OAUTH2_USERNAME'] = cls.username os.environ['QGIS_SERVER_OAUTH2_PASSWORD'] = cls.password os.environ['QGIS_SERVER_OAUTH2_AUTHORITY'] = cls.server_rootcert # Set default token expiration to 2 seconds, note that this can be # also controlled when issuing token requests by adding ttl=<int> # to the query string os.environ['QGIS_SERVER_OAUTH2_TOKEN_EXPIRES_IN'] = '2'
def _populatePKITestCerts(): removePKITestCerts() assert (AUTHCFGID is None) # set alice PKI data pkipath = os.path.join(os.path.dirname(__file__), 'data', 'certs', 'certs-keys') p_config = QgsAuthMethodConfig() p_config.setName("alice") p_config.setMethod('PKI-PKCS#12') p_config.setUri("http://example.com") p_config.setConfig("certpath", os.path.join(pkipath, 'alice.p12')) assert p_config.isValid() # add authorities cacerts = QSslCertificate.fromPath(os.path.join(pkipath, 'subissuer-issuer-root-ca_issuer-2-root-2-ca_chains.pem')) assert cacerts is not None authm.storeCertAuthorities(cacerts) authm.rebuildCaCertsCache() authm.rebuildTrustedCaCertsCache() # register alice data in auth authm.storeAuthenticationConfig(p_config) authid = p_config.id() assert (authid is not None) assert (authid != '') return authid