def test_authenticator_without_forged_userid(self):
environ = {}
identity = {}
p = AuthenticationForgerPlugin()
userid = p.authenticate(environ, identity)
self.assertEqual(userid, None)
self.assertEquals(identity, environ, {})
def test_challenger(self):
p = AuthenticationForgerPlugin()
app = p.challenge(None, '', [], [])
# Testing it:
assert isinstance(app, HTTPUnauthorized)
self.assertEqual(app.code, 401)
self.assertEqual(app.title, 'HTTP Unauthorized')
self.assertEqual(app.headers, tuple())
def test_authenticator_with_forged_userid(self):
environ = {}
identity = {'fake-userid': 'gustavo'}
p = AuthenticationForgerPlugin()
userid = p.authenticate(environ, identity)
self.assertEqual(1, len(environ))
self.assertEqual(0, len(identity))
assert environ['repoze.who.testutil.userid'] == userid == 'gustavo'
def test_challenger_and_content_length(self):
"""Content-Length must be removed from the response."""
p = AuthenticationForgerPlugin()
status = '401 You cannot be here'
app_headers = [('X-App-Header', 'foo'), ("Content-Length", "10")]
forget_headers = [('X-Forget-Header', 'baz')]
app = p.challenge(None, status, app_headers, forget_headers)
# Testing it:
self.assertEqual(len(app.headers), 2)
self.assert_(('X-App-Header', 'foo') in app.headers)
self.assert_(('X-Forget-Header', 'baz') in app.headers)
def test_challenger_with_unicode_message_and_custom_code(self):
p = AuthenticationForgerPlugin()
status = u'403 Tú no puedes estar aquí'
app_headers = [('X-App-Header', 'foo')]
forget_headers = [('X-Forget-Header', 'baz')]
final_headers = app_headers + forget_headers
app = p.challenge(None, status, app_headers, forget_headers)
# Testing it:
assert isinstance(app, HTTPUnauthorized)
self.assertEqual(app.code, 403)
self.assertEqual(app.title, u'Tú no puedes estar aquí')
self.assertEqual(app.headers, final_headers)
def test_challenger_doesnt_ignore_original_headers(self):
p = AuthenticationForgerPlugin()
status = '401 You cannot be here'
app_headers = [('X-App-Header', 'foo')]
forget_headers = [('X-Forget-Header', 'baz')]
final_headers = app_headers + forget_headers
app = p.challenge(None, status, app_headers, forget_headers)
# Testing it:
assert isinstance(app, HTTPUnauthorized)
self.assertEqual(app.code, 401)
self.assertEqual(app.title, 'You cannot be here')
self.assertEqual(app.headers, final_headers)
def test_forgeter(self):
p = AuthenticationForgerPlugin()
self.assertEqual(p.forget({}, {}), None)
def test_rememberer(self):
p = AuthenticationForgerPlugin()
self.assertEqual(p.remember({}, {}), None)
def test_identifier_without_forged_userid(self):
environ = {}
p = AuthenticationForgerPlugin()
identity = p.identify(environ)
self.assertEqual(identity, None)
def test_identifier_with_forged_userid(self):
environ = {'REMOTE_USER': '******'}
p = AuthenticationForgerPlugin()
identity = p.identify(environ)
self.assertEqual(identity, {'fake-userid': 'gustavo'})
def test_constructor_without_arguments(self):
p = AuthenticationForgerPlugin('anotherkey', 'yetanotherkey')
self.assertEqual(p.fake_user_key, 'anotherkey')
self.assertEqual(p.remote_user_key, 'yetanotherkey')
def test_constructor_with_arguments(self):
p = AuthenticationForgerPlugin()
self.assertEqual(p.fake_user_key, 'REMOTE_USER')
self.assertEqual(p.remote_user_key, 'repoze.who.testutil.userid')
