def test_is_authenticated_get_params(self): auth = ApiKeyAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No username/api_key details should fail. self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong username details. request.GET['username'] = '******' self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No api_key. request.GET['username'] = '******' self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/api_key. request.GET['username'] = '******' request.GET['api_key'] = 'foo' self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/api_key. john_doe = User.objects.get(username='******') request.GET['username'] = '******' request.GET['api_key'] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True) self.assertEqual(auth.get_identifier(request), 'johndoe')
def test_is_authenticated_get_params(self): auth = ApiKeyAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = CustomUser.objects.get(pk=1) create_api_key(CustomUser, instance=john_doe, created=True) # No username/api_key details should fail. self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong username (email) details. request.GET['username'] = '******' self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No api_key. request.GET['username'] = john_doe.email self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/api_key. request.GET['username'] = john_doe.email request.GET['api_key'] = 'foo' self.assertEqual( isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/api_key. ApiKey.objects.all().delete() create_api_key(CustomUser, instance=john_doe, created=True) request.GET['username'] = john_doe.email request.GET['api_key'] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True) self.assertEqual(auth.get_identifier(request), john_doe.email)
def test_is_authenticated_header(self): auth = ApiKeyAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No username/api_key details should fail. self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong username details. request.META['HTTP_AUTHORIZATION'] = 'foo' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No api_key. request.META['HTTP_AUTHORIZATION'] = 'ApiKey daniel' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/api_key. request.META['HTTP_AUTHORIZATION'] = 'ApiKey daniel:pass' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/api_key. john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = 'ApiKey johndoe:%s' % john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True) # Capitalization shouldn't matter. john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = 'aPiKeY johndoe:%s' % john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True)
def test_is_authenticated(self): auth = ApiKeyAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username="******") create_api_key(User, instance=john_doe, created=True) # No username/api_key details should fail. self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong username details. request.GET["username"] = "******" self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No api_key. request.GET["username"] = "******" self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/api_key. request.GET["username"] = "******" request.GET["api_key"] = "foo" self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/api_key. john_doe = User.objects.get(username="******") request.GET["username"] = "******" request.GET["api_key"] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True)
def setUp(self): super(UserResourceTestCase, self).setUp() create_api_key(User, instance=self.user, created=True) self.client = TestClient( path="/api/v1/user/", data={"email": "*****@*****.**", "username": self.user.email, "api_key": self.user.api_key.key}, )
def test_whitelisting(self): auth = DigestAuthentication(whitelisted_methods=['a_method']) request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # Calling with a whitelisted method_name without credentials should work self.assertEqual(auth.is_authenticated(request, method_name='a_method'), True) # Calling any other method should require the Api Key self.assertEqual(isinstance(auth.is_authenticated(request, method_name='another_method'), HttpUnauthorized), True) # Correct digest john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( john_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth.is_authenticated(request)['WWW-Authenticate'], password=john_doe.api_key.key ) self.assertEqual(auth.is_authenticated(request, method_name="another_method"), True) self.assertEqual(auth.is_authenticated(request, method_name="a_method"), True)
def create_api_key_wrapper(sender, **kwargs): ''' will wrap the original create_api_key func in order to prevent post save signal while using fixtures in testing since causes integration error. ''' create_api_key(sender, **kwargs)
def test_is_authenticated_get_params(self): auth = ApiKeyAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No username/api_key details should fail. self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong username details. request.GET['username'] = '******' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No api_key. request.GET['username'] = '******' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/api_key. request.GET['username'] = '******' request.GET['api_key'] = 'foo' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/api_key. john_doe = User.objects.get(username='******') request.GET['username'] = '******' request.GET['api_key'] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True) self.assertEqual(auth.get_identifier(request), 'johndoe')
def test_is_authenticated_get_params(self): auth = ApiKeyAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = CustomUser.objects.get(pk=1) create_api_key(CustomUser, instance=john_doe, created=True) # No username/api_key details should fail. self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong username (email) details. request.GET['username'] = '******' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # No api_key. request.GET['username'] = john_doe.email self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Wrong user/api_key. request.GET['username'] = john_doe.email request.GET['api_key'] = 'foo' self.assertEqual(isinstance(auth.is_authenticated(request), HttpUnauthorized), True) # Correct user/api_key. ApiKey.objects.all().delete() create_api_key(CustomUser, instance=john_doe, created=True) request.GET['username'] = john_doe.email request.GET['api_key'] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request), True) self.assertEqual(auth.get_identifier(request), john_doe.email)
def obj_create(self, bundle, **kwargs): provider = bundle.data['provider'] access_token = bundle.data['access_token'] Backend = BACKENDS[provider] backend = Backend(request=bundle.request, redirect='/') user = backend.do_auth(access_token) print user if user and user.is_active: bundle.obj = user try: key = ApiKey.objects.get(user=user) except ApiKey.DoesNotExist: create_api_key(User, instance=user, created=True) key = ApiKey.objects.get(user=user) bundle.data['key'] = key.key bundle.data['is_new'] = user.is_new return bundle else: raise BadRequest("Error authenticating user with this provider")
def create_user_profile_and_apikey(sender, instance, created, **kwargs): if instance.is_superuser: return if created: UserProfile.objects.create(user=instance, mobile=gen_temp_token(11), nickname=instance.username) create_api_key(User, instance=instance, created=True)
def setUp(self): self.user = UserFactory() self.client = TestClient() create_api_key(User, instance=self.user, created=True) self.data = {'email': '*****@*****.**', 'username': self.user.email, 'api_key': self.user.api_key.key }
def setUp(self): super(UserResourceTests, self).setUp() create_api_key(User, instance=self.user, created=True) self.client = TestClient( path='/api/v1/user/', data={'email': '*****@*****.**', 'username': self.user.email, 'api_key': self.user.api_key.key})
def test_check_active_true(self): auth = ApiKeyAuthentication() request = HttpRequest() bob_doe = User.objects.get(username="******") create_api_key(User, instance=bob_doe, created=True) request.META["HTTP_AUTHORIZATION"] = "ApiKey bobdoe:%s" % bob_doe.api_key.key self.assertEqual(auth.is_authenticated(request), False)
def test_check_active_false(self): auth = BasicAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) request.META['HTTP_AUTHORIZATION'] = 'ApiKey bobdoe:%s' % bob_doe.api_key.key self.assertTrue(auth.is_authenticated(request))
def test_check_active_true(self): auth = ApiKeyAuthentication() request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) request.META['HTTP_AUTHORIZATION'] = 'ApiKey bobdoe:%s' % bob_doe.api_key.key self.assertFalse(auth.is_authenticated(request))
def setUp(self): super(SavedSearchResourceTestCase, self).setUp() self.client = TestClient( path="/api/v1/savedsearch/", data={"email": "*****@*****.**", "url": "www.my.jobs/jobs"} ) create_api_key(User, instance=self.user, created=True) self.client.data["username"] = self.user.email self.client.data["api_key"] = self.user.api_key.key
def setUp(self): super(ApiKeyAuthenticationTestCase, self).setUp() ApiKey.objects.all().delete() self.auth = ApiKeyAuthentication() self.request = HttpRequest() # Simulate sending the signal. user = User.objects.get(username='******') create_api_key(User, instance=user, created=True)
def setUp(self): """ Creates an api key for test user(from fixture) and sets permission to add logmessages """ super(RestTest, self).setUp() ApiKey.objects.all().delete() create_api_key(User, instance=User.objects.get(username=self.username), created=True) add_logmessage = Permission.objects.get(codename='add_logmessage') User.objects.get(username=self.username).user_permissions.add(add_logmessage)
def setUp(self): user = User.objects.create_user(username='******', email='*****@*****.**', password=None) client = Clients.objects.get(pk=1) Clients2Users.objects.create(user=Users.objects.get(email='*****@*****.**'), client=client) try: create_api_key(sender=User, instance=user, created=True) except: pass self.data = {'username':user.email, 'api_key':user.api_key.key}
def setUp(self): super(SavedSearchResourceTests, self).setUp() self.client = TestClient( path='/api/v1/savedsearch/', data={'email': '*****@*****.**', 'url': 'www.my.jobs/jobs'}) create_api_key(User, instance=self.user, created=True) self.client.data['username'] = self.user.email self.client.data['api_key'] = self.user.api_key.key
def setUp(self): super(UserResourceTestCase, self).setUp() create_api_key(User, instance=self.user, created=True) self.client = TestClient(path='/api/v1/user/', data={ 'email': '*****@*****.**', 'username': self.user.email, 'api_key': self.user.api_key.key })
def test_check_active_false(self): user_class = get_user_model() auth = BasicAuthentication(require_active=False) request = HttpRequest() bob_doe = user_class.objects.get(**{user_class.USERNAME_FIELD: 'bobdoe'}) create_api_key(User, instance=bob_doe, created=True) request.META['HTTP_AUTHORIZATION'] = 'ApiKey bobdoe:%s' % bob_doe.api_key.key self.assertTrue(auth.is_authenticated(request))
def _create_api_key(sender, *args, **kwargs): """Create API key for every user, for TastyPie. We don't want to run this in our tests because our fixtures provision a custom key. Tell me there is a better way to do this that does not require more scattering of signal business. """ if "pytest" in sys.modules: return create_api_key(sender, **kwargs)
def setUp(self): super(SavedSearchResourceTestCase, self).setUp() self.client = TestClient(path='/api/v1/savedsearch/', data={ 'email': '*****@*****.**', 'url': 'www.my.jobs/jobs' }) create_api_key(User, instance=self.user, created=True) self.client.data['username'] = self.user.email self.client.data['api_key'] = self.user.api_key.key
def setUp(self): super(SavedSearchResourceTests, self).setUp() self.user = UserFactory() self.client = TestClient() self.data = {'email':'*****@*****.**', 'url':'www.my.jobs/jobs'} create_api_key(User, instance=self.user, created=True) self.credentials = (self.user.email, self.user.api_key.key) self.r = Replacer() self.r.replace('urllib2.urlopen', return_file)
def test_check_active_false(self): if django.VERSION >= (1, 10): # Authenticating inactive users via ModelUserBackend not supported for Django >= 1.10" return auth = BasicAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) request.META['HTTP_AUTHORIZATION'] = 'ApiKey bobdoe:%s' % bob_doe.api_key.key self.assertTrue(auth.is_authenticated(request))
def test_check_active_false(self): user_class = get_user_model() auth = BasicAuthentication(require_active=False) request = HttpRequest() bob_doe = user_class.objects.get( **{user_class.USERNAME_FIELD: 'bobdoe'}) create_api_key(User, instance=bob_doe, created=True) request.META[ 'HTTP_AUTHORIZATION'] = 'ApiKey bobdoe:%s' % bob_doe.api_key.key self.assertTrue(auth.is_authenticated(request))
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual( auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode( 'daniel'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode( 'daniel:pass'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META[ 'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=john_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge( auth_request['WWW-Authenticate']), password=john_doe.api_key.key) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def setUp(self): super(SavedSearchResourceTests, self).setUp() self.user = UserFactory() self.client = TestClient( path='/api/v1/savedsearch/', data={'email': '*****@*****.**', 'url': 'www.my.jobs/jobs'}) create_api_key(User, instance=self.user, created=True) self.credentials = (self.user.email, self.user.api_key.key) self.patcher = patch('urllib2.urlopen', return_file()) self.patcher.start()
def banyanuser_post_save(sender, **kwargs): from tastypie.models import create_api_key from accounts.tasks import new_user, update_user_groups user = kwargs.get('instance') create_api_key(sender, **kwargs) update_user_groups.delay(user) if kwargs.get('created') is False: return user = kwargs.get('instance') new_user.delay(user)
def create_api_key_ignore_dberrors(*args, **kwargs): try: return create_api_key(*args, **kwargs) except DatabaseError: # no such table yet, first syncdb from django.db import transaction transaction.rollback_unless_managed()
def save(self, commit=True, force_insert=False, force_update=False, *args, **kwargs): reg = re.compile('^[\w.@+-]+$') reg.match(self.username) if not self.username or not reg.match(self.username): if not self.username: self.username = rewrite_username(self.email) password = self.password is_new = self.pk is None is_same_password = self.password == self.var_cache['password'] # WTF Django security if self.password and not is_same_password and not self.password.startswith('pbkdf2_sha256$'): self.set_password(self.password) elif self.id and not self.password: from account.models import User as AccountUser user = AccountUser.objects.get(id=self.id) if user.password: self.password = user.password elif is_new and not is_same_password: self.set_password(str(uuid1())[0: 10].replace('-', '')) if is_new and settings.REGISTER_CONFIRM: self.status = STATUS_PENDING super(User, self).save(*args, **kwargs) if is_new and self.id: # For api login create_api_key(self.__class__, instance=self, created=True) if not password: self.send_email_confirm( email_template_name='account/email/register_email.html', subject_template_name='account/email/register_email_subject.txt' ) cache.delete('user--%s' % self.id)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username="******") create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri="/", nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request["WWW-Authenticate"]), password=bob_doe.api_key.key, ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( bob_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
def test_check_active_false(self): auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META[ 'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( bob_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=bob_doe.api_key.key) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_check_active_false(self): auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_check_active_true(self): auth = DigestAuthentication() request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=bob_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertFalse(auth_request)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username="******") create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request["WWW-Authenticate"].find("Digest"), 0) self.assertEqual(auth_request["WWW-Authenticate"].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request["WWW-Authenticate"].find(" opaque=") > 0, True) self.assertEqual(auth_request["WWW-Authenticate"].find("nonce=") > 0, True) # Wrong basic auth details. request.META["HTTP_AUTHORIZATION"] = "abcdefg" auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel") auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel:pass") auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username="******") request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request( john_doe.username, request.method, "/", # uri 1, # nonce_count digest_challenge=auth_request["WWW-Authenticate"], password=john_doe.api_key.key, ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual(auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass'.encode('utf-8')).decode('utf-8') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( username=john_doe.username, method=request.method, uri='/', nonce_count=1, digest_challenge=python_digest.parse_digest_challenge(auth_request['WWW-Authenticate']), password=john_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_check_active_false(self): if django.VERSION >= (1, 10): # Authenticating inactive users via ModelUserBackend not supported for Django >= 1.10" return auth = DigestAuthentication(require_active=False) request = HttpRequest() bob_doe = User.objects.get(username='******') create_api_key(User, instance=bob_doe, created=True) auth_request = auth.is_authenticated(request) request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( bob_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=bob_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertTrue(auth_request, True)
def test_whitelisting(self): auth = ApiKeyAuthentication(whitelisted_methods=['a_method']) request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # Calling with a whitelisted method_name without credentials should work self.assertEqual(auth.is_authenticated(request, method_name='a_method'), True) # Calling any other method should require the Api Key self.assertEqual(isinstance(auth.is_authenticated(request, method_name='another_method'), HttpUnauthorized), True) # Correct user/api_key john_doe = User.objects.get(username='******') request.GET['username'] = '******' request.GET['api_key'] = john_doe.api_key.key self.assertEqual(auth.is_authenticated(request, method_name="another_method"), True) self.assertEqual(auth.get_identifier(request), 'johndoe') self.assertEqual(auth.is_authenticated(request, method_name="a_method"), True) self.assertEqual(auth.get_identifier(request), 'johndoe')
def authenticate(self, username=None, password=None, **kwargs): puppet_user = UserAuthentication.check_user(username) if puppet_user is False: logger.error('Connection Failed') return None if puppet_user is None: logger.error('Nothing is return from puppetdb') return None if puppet_user and \ UserAuthentication.verify_password(puppet_user, password): new_user, created = User.objects.get_or_create(username=username) user_groups = puppet_user.parameters['groups'] create_api_key(self, instance=new_user, created=created) if settings.PUPPETDB_ADMIN_GROUP in user_groups: new_user.is_staff = 1 new_user.is_superuser = 1 new_user.save() return new_user
def user_post_save(sender, **kwargs): from tastypie.models import create_api_key create_api_key(sender, **kwargs)
def create_user_profile_and_apikey(sender, instance, created, **kwargs): if instance.is_superuser: return if created: VaultUser.objects.create(user=instance, ) create_api_key(User, instance=instance, created=True)
def create_apikey(sender, instance, **kwargs): if instance.is_api is True: from tastypie.models import create_api_key create_api_key(sender, instance, **kwargs)
def create_user_api_key(sender, **kwargs): """ Auto-create ApiKey objects using Tastypie's create_api_key """ from tastypie.models import create_api_key create_api_key(User, **kwargs)
def create_user_api_key(sender, **kwargs): from tastypie.models import create_api_key create_api_key(User, **kwargs)
def forwards(self, orm): for u in get_user_model().objects.all(): create_api_key(None, instance=u, created=True)
def create_user_api_key(sender, **kwargs): from tastypie.models import create_api_key user = kwargs.get('instance') if user.is_active: create_api_key(User, **kwargs)
def create_api_key_ignore_dberrors(*args, **kwargs): try: return create_api_key(*args, **kwargs) except DatabaseError: pass # no such table yet, first syncdb