def test_get_token_and_send_request(client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
# Get valid token
response = client.post(
AUTH_PATH,
data={'username': USERNAME, 'password': PASSWORD},
base_url=base_url
)
assert response.status_code == 200
data = json.loads(response.get_data(as_text=True))
token = data.get('token')
assert token
headers = prepare_headers(version, https)
headers[HTTP_AUTHORIZATION] = 'Bearer %s' % token
# Get correct response for invalid body
response = client.post(
INBOX['address'],
data='invalid-body',
headers=headers,
base_url=base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_BAD_MESSAGE
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
headers = prepare_headers(version, https)
headers[HTTP_AUTHORIZATION] = 'Bearer %s' % token
# Get correct response for valid request
response = client.post(
DISCOVERY['address'],
data=request.to_xml(),
headers=headers,
base_url=base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version=version, https=https)
message = as_tm(version).get_message_from_xml(response.data)
assert isinstance(message, as_tm(version).DiscoveryResponse)
from opentaxii import context
assert not hasattr(context, 'account')
def test_inbox_request_all_content(server, version, https):
inbox_a = server.get_service('inbox-A')
headers = prepare_headers(version, https)
blocks = [
make_content(
version,
content_binding=CUSTOM_CONTENT_BINDING,
subtype=CONTENT_BINDING_SUBTYPE),
make_content(
version,
content_binding=INVALID_CONTENT_BINDING)
]
inbox_message = make_inbox_message(version, blocks=blocks)
# "inbox-A" accepts all content
response = inbox_a.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
assert response.in_response_to == MESSAGE_ID
blocks = server.persistence.get_content_blocks(None)
assert len(blocks) == len(blocks)
def test_inbox_request_inbox_valid_content_binding(server, version, https):
inbox = server.get_service('inbox-B')
blocks = [
make_content(
version,
content_binding=CUSTOM_CONTENT_BINDING,
subtype=CONTENT_BINDING_SUBTYPE),
make_content(
version,
content_binding=CB_STIX_XML_111)
]
inbox_message = make_inbox_message(
version, dest_collection=COLLECTION_OPEN, blocks=blocks)
headers = prepare_headers(version, https)
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
assert response.in_response_to == MESSAGE_ID
# all blocks
blocks = server.persistence.get_content_blocks(collection_id=None)
assert len(blocks) == len(blocks)
def test_collections_volume(server, https):
version = 11
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
request = prepare_request(version)
# querying empty collection
response = service.process(headers, request)
collection = next(
c for c in response.collection_informations
if c.collection_name == COLLECTION_OPEN)
assert collection.collection_volume == 0
blocks_amount = 10
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
# querying filled collection
response = service.process(headers, request)
collection = next(
c for c in response.collection_informations
if c.collection_name == COLLECTION_OPEN)
assert collection.collection_volume == blocks_amount
def test_inbox_request_inbox_valid_content_binding(server, version, https):
inbox = server.get_service('inbox-B')
blocks = [
make_content(
version,
content_binding=CUSTOM_CONTENT_BINDING,
subtype=CONTENT_BINDING_SUBTYPE),
make_content(
version,
content_binding=CB_STIX_XML_111)
]
inbox_message = make_inbox_message(
version, dest_collection=COLLECTION_OPEN, blocks=blocks)
headers = prepare_headers(version, https)
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
assert response.in_response_to == MESSAGE_ID
# all blocks
blocks = server.persistence.get_content_blocks(collection_id=None)
assert len(blocks) == len(blocks)
def test_inbox_restricted_inbox_non_stix_xml_as_stix(server, version, https):
inbox = server.get_service('inbox-B')
content = make_content(version,
content=("<?xml version='1.0' ?><!DOCTYPE root"
" SYSTEM 'http://notstix.example.com'>"
"<root><notstix></notstix></root>"),
content_binding=CB_STIX_XML_12)
inbox_message = make_inbox_message(version,
dest_collection=COLLECTION_OPEN,
blocks=[content])
headers = prepare_headers(version, https)
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_FAILURE
assert response.in_response_to == MESSAGE_ID
blocks = server.persistence.get_content_blocks(None)
# Content blocks with invalid content should be ignored
assert len(blocks) == 0
def test_inbox_request_all_content(server, version, https):
inbox_a = server.get_service('inbox-A')
headers = prepare_headers(version, https)
blocks = [
make_content(
version,
content_binding=CUSTOM_CONTENT_BINDING,
subtype=CONTENT_BINDING_SUBTYPE),
make_content(
version,
content_binding=INVALID_CONTENT_BINDING)
]
inbox_message = make_inbox_message(version, blocks=blocks)
# "inbox-A" accepts all content
response = inbox_a.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
assert response.in_response_to == MESSAGE_ID
blocks = server.persistence.get_content_blocks(None)
assert len(blocks) == len(blocks)
def test_pause_resume_wrong_id(server, https):
version = 11
service = server.get_service('collection-management-A')
poll_service = server.get_service('poll-A')
headers = prepare_headers(version, https)
# Subscribing
request = prepare_request(collection=COLLECTION_OPEN, action=ACT_SUBSCRIBE,
version=version)
response = service.process(headers, request)
assert isinstance(response, as_tm(version).ManageCollectionSubscriptionResponse)
assert response.collection_name == COLLECTION_OPEN
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id
assert subs.status == SS_ACTIVE
# Pausing with wrong subscription ID
with pytest.raises(exceptions.StatusMessageException):
request = prepare_request(collection=COLLECTION_OPEN, action=ACT_PAUSE,
subscription_id="RANDOM-WRONG-SUBSCRIPTION", version=version)
response = service.process(headers, request)
# Resuming with wrong subscription ID
with pytest.raises(exceptions.StatusMessageException):
request = prepare_request(collection=COLLECTION_OPEN, action=ACT_RESUME,
subscription_id="RANDOM-WRONG-SUBSCRIPTION", version=version)
response = service.process(headers, request)
def prepare_url_headers(version, https, username, password):
base_url = '%s://localhost' % ('https' if https else 'http')
headers = prepare_headers(version, https)
basic_auth_header = 'Basic {}'.format(
basic_auth_token(username, password).decode('utf-8'))
headers[HTTP_AUTHORIZATION] = basic_auth_header
return base_url, headers
def test_content_bindings_present(server, version, https):
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
service = server.get_service('discovery-A')
headers = prepare_headers(version, https)
response = service.process(headers, request)
assert len(response.service_instances) == INSTANCES_CONFIGURED
assert response.in_response_to == MESSAGE_ID
inboxes = [
s for s in response.service_instances
if s.service_type == SVC_INBOX]
assert len(inboxes) == 4
address_a = INBOX_A['address']
inboxes_a = [i for i in inboxes if i.service_address.endswith(address_a)]
# inbox_a accepts everything, so inbox_service_accepted_content is empty
assert all([len(i.inbox_service_accepted_content) == 0 for i in inboxes_a])
address_b = INBOX_B['address']
inboxes_b = [i for i in inboxes if i.service_address.endswith(address_b)]
bindings = inboxes_b[0].inbox_service_accepted_content
if version == 10:
binding_ids = bindings
else:
binding_ids = [b.binding_id for b in bindings]
assert set(binding_ids) == set(INBOX_B['supported_content'])
def test_poll_empty_response(server, version, https, count_blocks):
server.config['count_blocks_in_poll_responses'] = count_blocks
service = server.get_service('poll-A')
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_OPEN, version=version)
if version == 11:
response = service.process(headers, request)
assert isinstance(response, as_tm(version).PollResponse)
if count_blocks:
assert response.record_count.record_count == 0
assert not response.record_count.partial_count
else:
assert response.record_count is None
else:
# COLLECTION_OPEN type (SET) is not supported in TAXII 1.0
with pytest.raises(exceptions.StatusMessageException):
response = service.process(headers, request)
server.config['count_blocks_in_poll_responses'] = True
def test_collection_supported_content(server, version, https):
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
request = prepare_request(version)
response = service.process(headers, request)
if version == 11:
def get_coll(name):
return next(
c for c in response.collection_informations
if c.collection_name == name)
assert (
get_coll(COLLECTION_OPEN).collection_type ==
entities.CollectionEntity.TYPE_SET)
else:
def get_coll(name):
return next(
c for c in response.feed_informations
if c.feed_name == name)
assert len(get_coll(COLLECTION_OPEN).supported_contents) == 0
assert len(get_coll(COLLECTION_ONLY_STIX).supported_contents) == 1
assert len(get_coll(COLLECTION_STIX_AND_CUSTOM).supported_contents) == 2
assert not get_coll(COLLECTION_DISABLED).available
def test_inbox_req_coll_content_bindings_filtering(server, version, https):
inbox = server.get_service('inbox-B')
headers = prepare_headers(version, https)
blocks = [
make_content(version,
content="This is not XML",
content_binding=CUSTOM_CONTENT_BINDING),
make_content(version,
content="This is not XML",
content_binding=INVALID_CONTENT_BINDING),
]
import pprint
pprint.pprint(blocks)
inbox_message = make_inbox_message(
version, dest_collection=COLLECTION_STIX_AND_CUSTOM, blocks=blocks)
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_FAILURE
assert response.in_response_to == MESSAGE_ID
blocks = server.persistence.get_content_blocks(None)
# Content blocks with invalid content should be ignored
assert len(blocks) == 1
def test_poll_get_content_count(server, https, count_blocks):
version = 11
server.config['count_blocks_in_poll_responses'] = count_blocks
service = server.get_service('poll-A')
blocks_amount = 10
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
headers = prepare_headers(version, https)
# count-only request
request = prepare_request(collection_name=COLLECTION_OPEN,
count_only=True,
version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
if count_blocks:
assert response.record_count.record_count == blocks_amount
assert not response.record_count.partial_count
assert len(response.content_blocks) == 0
else:
assert response.record_count is None
server.config['count_blocks_in_poll_responses'] = True
def test_poll_get_content_count(server, https, count_blocks):
version = 11
server.config['count_blocks_in_poll_responses'] = count_blocks
service = server.get_service('poll-A')
blocks_amount = 10
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
headers = prepare_headers(version, https)
# count-only request
request = prepare_request(
collection_name=COLLECTION_OPEN, count_only=True, version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
if count_blocks:
assert response.record_count.record_count == blocks_amount
assert not response.record_count.partial_count
assert len(response.content_blocks) == 0
else:
assert response.record_count is None
server.config['count_blocks_in_poll_responses'] = True
def test_poll_empty_response(server, version, https, count_blocks):
server.config['count_blocks_in_poll_responses'] = count_blocks
service = server.get_service('poll-A')
headers = prepare_headers(version, https)
request = prepare_request(collection_name=COLLECTION_OPEN, version=version)
if version == 11:
response = service.process(headers, request)
assert isinstance(response, as_tm(version).PollResponse)
if count_blocks:
assert response.record_count.record_count == 0
assert not response.record_count.partial_count
else:
assert response.record_count is None
else:
# COLLECTION_OPEN type (SET) is not supported in TAXII 1.0
with pytest.raises(exceptions.StatusMessageException):
response = service.process(headers, request)
server.config['count_blocks_in_poll_responses'] = True
def test_poll_collection_not_available(server, version, https):
service = server.get_service('poll-A')
headers = prepare_headers(version, https)
request = prepare_request(collection_name=COLLECTION_DISABLED, version=version)
with pytest.raises(exceptions.StatusMessageException):
response = service.process(headers, request)
def test_poll_fulfilment_request(server, https):
version = 11
service = server.get_service('poll-A')
blocks_amount = 30
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
headers = prepare_headers(version, https)
# first content request
request = prepare_request(collection_name=COLLECTION_OPEN, version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == POLL_RESULT_SIZE
assert response.more is True
assert response.result_id
# poll fullfilment request
result_id = response.result_id
part_number = 2
request = prepare_fulfilment_request(
COLLECTION_OPEN, result_id, part_number)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == (blocks_amount - POLL_RESULT_SIZE)
assert not response.more
assert response.result_id == result_id
# poll fullfilment request over the top
result_id = response.result_id
part_number = 3
request = prepare_fulfilment_request(
COLLECTION_OPEN, result_id, part_number)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == 0
assert not response.more
assert response.result_id == result_id
def test_poll_fulfilment_request(server, https):
version = 11
service = server.get_service('poll-A')
blocks_amount = 30
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
headers = prepare_headers(version, https)
# first content request
request = prepare_request(collection_name=COLLECTION_OPEN, version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == POLL_RESULT_SIZE
assert response.more is True
assert response.result_id
# poll fullfilment request
result_id = response.result_id
part_number = 2
request = prepare_fulfilment_request(
COLLECTION_OPEN, result_id, part_number)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == (blocks_amount - POLL_RESULT_SIZE)
assert not response.more
assert response.result_id == result_id
# poll fullfilment request over the top
result_id = response.result_id
part_number = 3
request = prepare_fulfilment_request(
COLLECTION_OPEN, result_id, part_number)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == 0
assert not response.more
assert response.result_id == result_id
def test_request_with_basic_auth(client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
basic_auth_header = 'Basic {}'.format(
basic_auth_token(USERNAME, PASSWORD).decode('utf-8'))
headers = prepare_headers(version, https)
headers[HTTP_AUTHORIZATION] = basic_auth_header
# Get correct response for invalid body
response = client.post(
INBOX['address'],
data='invalid-body',
headers=headers,
base_url=base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_BAD_MESSAGE
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
headers = prepare_headers(version, https)
headers[HTTP_AUTHORIZATION] = basic_auth_header
# Get correct response for valid request
response = client.post(
DISCOVERY['address'],
data=request.to_xml(),
headers=headers,
base_url=base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version=version, https=https)
message = as_tm(version).get_message_from_xml(response.data)
assert isinstance(message, as_tm(version).DiscoveryResponse)
from opentaxii import context
assert not hasattr(context, 'account')
def test_poll_get_content(server, version, https):
service = server.get_service('poll-A')
original = persist_content(
server.persistence, COLLECTION_ONLY_STIX,
service.id, binding=CB_STIX_XML_111)
# wrong collection
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_STIX_AND_CUSTOM,
version=version)
response = service.process(headers, request)
assert isinstance(response, as_tm(version).PollResponse)
assert len(response.content_blocks) == 0
# right collection
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_ONLY_STIX,
version=version)
response = service.process(headers, request)
assert isinstance(response, as_tm(version).PollResponse)
assert len(response.content_blocks) == 1
block = response.content_blocks[0]
assert original.content == block.content.encode('utf-8')
assert original.timestamp_label == block.timestamp_label
# right collection and request with wrong content_type
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_ONLY_STIX,
version=version, bindings=[CUSTOM_CONTENT_BINDING])
with pytest.raises(exceptions.StatusMessageException):
service.process(headers, request)
def test_poll_get_content(server, version, https):
service = server.get_service('poll-A')
original = persist_content(
server.persistence, COLLECTION_ONLY_STIX,
service.id, binding=CB_STIX_XML_12)
# wrong collection
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_STIX_AND_CUSTOM,
version=version)
response = service.process(headers, request)
assert isinstance(response, as_tm(version).PollResponse)
assert len(response.content_blocks) == 0
# right collection
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_ONLY_STIX,
version=version)
response = service.process(headers, request)
assert isinstance(response, as_tm(version).PollResponse)
assert len(response.content_blocks) == 1
block = response.content_blocks[0]
assert original.content == block.content
assert original.timestamp_label == block.timestamp_label
# right collection and request with wrong content_type
headers = prepare_headers(version, https)
request = prepare_request(
collection_name=COLLECTION_ONLY_STIX,
version=version, bindings=[CUSTOM_CONTENT_BINDING])
with pytest.raises(exceptions.StatusMessageException):
service.process(headers, request)
def test_subscribe(server, version, https):
service = server.get_service('collection-management-A')
poll_service = server.get_service('poll-A')
headers = prepare_headers(version, https)
params = dict(
response_type=RT_FULL,
content_bindings=[CB_STIX_XML_111, CUSTOM_CONTENT_BINDING]
)
request = prepare_request(
collection=COLLECTION_OPEN, action=ACT_SUBSCRIBE,
version=version, params=params)
response = service.process(headers, request)
if version == 11:
assert isinstance(
response,
as_tm(version).ManageCollectionSubscriptionResponse)
assert response.collection_name == COLLECTION_OPEN
else:
assert isinstance(
response,
as_tm(version).ManageFeedSubscriptionResponse)
assert response.feed_name == COLLECTION_OPEN
assert response.message == SUBSCRIPTION_MESSAGE
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id
# 1 poll service * 2 protocol bindings
assert len(subs.poll_instances) == 2
assert (
subs.poll_instances[0].poll_address ==
poll_service.get_absolute_address(
subs.poll_instances[0].poll_protocol))
if version == 11:
assert subs.status == SS_ACTIVE
response_bindings = [
b.binding_id
for b in subs.subscription_parameters.content_bindings]
assert response_bindings == params['content_bindings']
assert (
subs.subscription_parameters.response_type ==
params['response_type'])
def test_discovery_request(server, version, https):
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
service = server.get_service('discovery-A')
headers = prepare_headers(version, https)
response = service.process(headers, request)
assert len(response.service_instances) == INSTANCES_CONFIGURED
assert response.in_response_to == MESSAGE_ID
assert isinstance(response, as_tm(version).DiscoveryResponse)
def test_unsubscribe(server, version, https):
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
params = dict(response_type=RT_FULL,
content_bindings=[CB_STIX_XML_111, CUSTOM_CONTENT_BINDING])
# Subscribing
request = prepare_request(collection=COLLECTION_OPEN,
action=ACT_SUBSCRIBE,
version=version,
params=params)
response = service.process(headers, request)
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id
subscription_id = subs.subscription_id
# Unsubscribing with invalid subscription ID should still
# return valid response
INVALID_ID = "RANDOM-WRONG-SUBSCRIPTION"
request = prepare_request(collection=COLLECTION_OPEN,
action=ACT_UNSUBSCRIBE,
subscription_id=INVALID_ID,
version=version)
response = service.process(headers, request)
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id == INVALID_ID
# Unsubscribing with valid subscription ID
request = prepare_request(collection=COLLECTION_OPEN,
action=ACT_UNSUBSCRIBE,
subscription_id=subscription_id,
version=version)
response = service.process(headers, request)
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id == subscription_id
if version == 11:
assert subs.status == SS_UNSUBSCRIBED
assert (server.persistence.get_subscription(subscription_id).status ==
SS_UNSUBSCRIBED)
def test_unsubscribe(server, version, https):
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
params = dict(
response_type=RT_FULL,
content_bindings=[CB_STIX_XML_111, CUSTOM_CONTENT_BINDING]
)
# Subscribing
request = prepare_request(
collection=COLLECTION_OPEN, action=ACT_SUBSCRIBE,
version=version, params=params)
response = service.process(headers, request)
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id
subscription_id = subs.subscription_id
# Unsubscribing with invalid subscription ID should still
# return valid response
INVALID_ID = "RANDOM-WRONG-SUBSCRIPTION"
request = prepare_request(
collection=COLLECTION_OPEN, action=ACT_UNSUBSCRIBE,
subscription_id=INVALID_ID, version=version)
response = service.process(headers, request)
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id == INVALID_ID
# Unsubscribing with valid subscription ID
request = prepare_request(
collection=COLLECTION_OPEN, action=ACT_UNSUBSCRIBE,
subscription_id=subscription_id, version=version)
response = service.process(headers, request)
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id == subscription_id
if version == 11:
assert subs.status == SS_UNSUBSCRIBED
assert (
server.persistence.get_subscription(subscription_id).status ==
SS_UNSUBSCRIBED)
def test_collections_inboxes(server, https):
version = 11
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
request = prepare_request(version)
response = service.process(headers, request)
for coll in response.collection_informations:
inboxes = coll.receiving_inbox_services
assert len(inboxes) == ASSIGNED_INBOX_INSTANCES
def test_collections_supported_content(server, version, https):
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
request = prepare_request(version)
response = service.process(headers, request)
if version == 10:
coll = response.feed_informations[0]
else:
coll = response.collection_informations[0]
assert len(coll.polling_service_instances) == 2 # 1 poll with 2 protocol bindings
def test_subscribe_and_poll(server, version, https):
server.config['count_blocks_in_poll_responses'] = True
subs_service = server.get_service('collection-management-A')
poll_service = server.get_service('poll-A')
collection = COLLECTION_ONLY_STIX
blocks_amount = 10
for i in range(blocks_amount):
persist_content(server.persistence, collection, poll_service.id)
headers = prepare_headers(version, https)
params = dict(
response_type=RT_COUNT_ONLY,
content_bindings=[CB_STIX_XML_111, CUSTOM_CONTENT_BINDING])
subs_request = prepare_subscription_request(
collection=collection,
action=ACT_SUBSCRIBE,
version=version,
params=params)
subs_response = subs_service.process(headers, subs_request)
assert len(subs_response.subscription_instances) == 1
subscription = subs_response.subscription_instances[0]
assert subscription.subscription_id
# response type (count_only==False) should be ignored
# for TAXII 1.1 requests
poll_request = prepare_request(
collection_name=collection,
count_only=False,
subscription_id=subscription.subscription_id,
version=version)
poll_response = poll_service.process(headers, poll_request)
if version == 11:
assert poll_response.record_count.record_count == blocks_amount
assert not poll_response.record_count.partial_count
assert len(poll_response.content_blocks) == 0
assert poll_response.subscription_id == subscription.subscription_id
else:
assert len(poll_response.content_blocks) == blocks_amount
def test_subscribe_and_poll(server, version, https):
subs_service = server.get_service('collection-management-A')
poll_service = server.get_service('poll-A')
collection = COLLECTION_ONLY_STIX
blocks_amount = 10
for i in range(blocks_amount):
persist_content(server.persistence, collection, poll_service.id)
headers = prepare_headers(version, https)
params = dict(
response_type=RT_COUNT_ONLY,
content_bindings=[CB_STIX_XML_12, CUSTOM_CONTENT_BINDING]
)
subs_request = prepare_subscription_request(
collection=collection,
action=ACT_SUBSCRIBE,
version=version,
params=params)
subs_response = subs_service.process(headers, subs_request)
assert len(subs_response.subscription_instances) == 1
subscription = subs_response.subscription_instances[0]
assert subscription.subscription_id
# response type (count_only==False) should be ignored
# for TAXII 1.1 requests
poll_request = prepare_request(
collection_name=collection,
count_only=False,
subscription_id=subscription.subscription_id,
version=version)
poll_response = poll_service.process(headers, poll_request)
if version == 11:
assert poll_response.record_count.record_count == blocks_amount
assert not poll_response.record_count.partial_count
assert len(poll_response.content_blocks) == 0
assert poll_response.subscription_id == subscription.subscription_id
else:
assert len(poll_response.content_blocks) == blocks_amount
def test_subscribe(server, version, https):
service = server.get_service('collection-management-A')
poll_service = server.get_service('poll-A')
headers = prepare_headers(version, https)
params = dict(response_type=RT_FULL,
content_bindings=[CB_STIX_XML_111, CUSTOM_CONTENT_BINDING])
request = prepare_request(collection=COLLECTION_OPEN,
action=ACT_SUBSCRIBE,
version=version,
params=params)
response = service.process(headers, request)
if version == 11:
assert isinstance(response,
as_tm(version).ManageCollectionSubscriptionResponse)
assert response.collection_name == COLLECTION_OPEN
else:
assert isinstance(response,
as_tm(version).ManageFeedSubscriptionResponse)
assert response.feed_name == COLLECTION_OPEN
assert response.message == SUBSCRIPTION_MESSAGE
assert len(response.subscription_instances) == 1
subs = response.subscription_instances[0]
assert subs.subscription_id
# 1 poll service * 2 protocol bindings
assert len(subs.poll_instances) == 2
assert (subs.poll_instances[0].poll_address ==
poll_service.get_absolute_address(
subs.poll_instances[0].poll_protocol))
if version == 11:
assert subs.status == SS_ACTIVE
response_bindings = [
b.binding_id for b in subs.subscription_parameters.content_bindings
]
assert response_bindings == params['content_bindings']
assert (subs.subscription_parameters.response_type ==
params['response_type'])
def test_collections_defined_supported_content(server, version, https):
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
request = prepare_request(version)
response = service.process(headers, request)
if version == 10:
coll = response.feed_informations[0]
else:
coll = response.collection_informations[0]
# 1 poll service with 2 defined protocol bindings
assert len(coll.polling_service_instances) == 2
def test_collections_subscribe_instances(server, version, https):
service = server.get_service('collection-management-A')
headers = prepare_headers(version, https)
request = prepare_request(version)
response = service.process(headers, request)
if version == 11:
collections = response.collection_informations
else:
collections = response.feed_informations
for c in collections:
assert len(c.subscription_methods) == ASSIGNED_SUBSCTRIPTION_INSTANCES
def test_unauthorized_request(app, client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
response = client.post(
INBOX_OPEN['address'],
data='invalid-body',
headers=prepare_headers(version, https),
base_url=base_url)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_UNAUTHORIZED
from opentaxii import context
assert not hasattr(context, 'account')
def test_status_message_response(client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
response = client.post(
INBOX['address'],
data = 'invalid-body',
headers = prepare_headers(version, https),
base_url = base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_BAD_MESSAGE
def test_inbox_request_destination_collection(server, https):
version = 11
inbox_message = make_inbox_message(version, blocks=[make_content(version)], dest_collection=None)
headers = prepare_headers(version, https)
inbox = server.get_service('inbox-A')
# destination collection is not required for inbox-A
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
inbox = server.get_service('inbox-B')
# destination collection is required for inbox-B
with pytest.raises(exceptions.StatusMessageException):
response = inbox.process(headers, inbox_message)
def test_unauthorized_request(client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
response = client.post(INBOX['address'],
data='invalid-body',
headers=prepare_headers(version, https),
base_url=base_url)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_UNAUTHORIZED
from opentaxii import context
assert not hasattr(context, 'account')
def test_inbox_request_destination_collection(server, https):
version = 11
inbox_message = make_inbox_message(
version, blocks=[make_content(version)], dest_collection=None)
headers = prepare_headers(version, https)
inbox = server.get_service('inbox-A')
# destination collection is not required for inbox-A
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
inbox = server.get_service('inbox-B')
# destination collection is required for inbox-B
with pytest.raises(exceptions.StatusMessageException):
response = inbox.process(headers, inbox_message)
def test_invalid_basic_auth_request(client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
headers = prepare_headers(version, https)
headers[HTTP_AUTHORIZATION] = 'Basic somevalue'
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
response = client.post(DISCOVERY['address'],
data=request.to_xml(),
headers=headers,
base_url=base_url)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_UNAUTHORIZED
def test_inbox_request_inbox_invalid_inbox_content_binding(server, version, https):
inbox = server.get_service('inbox-B')
content = make_content(version, content_binding=INVALID_CONTENT_BINDING)
inbox_message = make_inbox_message(version, dest_collection=COLLECTION_OPEN, blocks=[content])
headers = prepare_headers(version, https)
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
assert response.in_response_to == MESSAGE_ID
blocks = server.persistence.get_content_blocks(None)
# Content blocks with invalid content should be ignored
assert len(blocks) == 0
def test_invalid_basic_auth_request(client, version, https):
base_url = '%s://localhost' % ('https' if https else 'http')
headers = prepare_headers(version, https)
headers[HTTP_AUTHORIZATION] = 'Basic somevalue'
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
response = client.post(
DISCOVERY['address'],
data=request.to_xml(),
headers=headers,
base_url=base_url)
assert response.status_code == 200
assert is_headers_valid(response.headers, version, https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_UNAUTHORIZED
def test_poll_max_count_max_size(server, https, count_blocks):
version = 11
server.config['count_blocks_in_poll_responses'] = count_blocks
service = server.get_service('poll-A')
blocks_amount = 30
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
headers = prepare_headers(version, https)
# count-only request
request = prepare_request(collection_name=COLLECTION_OPEN,
count_only=True,
version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
if count_blocks:
assert response.record_count.record_count == POLL_MAX_COUNT
else:
assert response.record_count is None
assert len(response.content_blocks) == 0
# content request
request = prepare_request(collection_name=COLLECTION_OPEN, version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
if count_blocks:
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == POLL_RESULT_SIZE
else:
assert response.record_count is None
assert response.more is True
assert response.result_id
server.config['count_blocks_in_poll_responses'] = True
def test_successful_response(client, version, https):
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
base_url = '%s://localhost' % ('https' if https else 'http')
response = client.post(
DISCOVERY['address'],
data = request.to_xml(),
headers = prepare_headers(version=version, https=https),
base_url = base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version=version, https=https)
message = as_tm(version).get_message_from_xml(response.data)
assert isinstance(message, as_tm(version).DiscoveryResponse)
assert len(message.service_instances) == INSTANCES_CONFIGURED
def test_poll_max_count_max_size(server, https, count_blocks):
version = 11
server.config['count_blocks_in_poll_responses'] = count_blocks
service = server.get_service('poll-A')
blocks_amount = 30
for i in range(blocks_amount):
persist_content(server.persistence, COLLECTION_OPEN, service.id)
headers = prepare_headers(version, https)
# count-only request
request = prepare_request(collection_name=COLLECTION_OPEN,
count_only=True, version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
if count_blocks:
assert response.record_count.record_count == POLL_MAX_COUNT
else:
assert response.record_count is None
assert len(response.content_blocks) == 0
# content request
request = prepare_request(collection_name=COLLECTION_OPEN, version=version)
response = service.process(headers, request)
assert isinstance(response, tm11.PollResponse)
if count_blocks:
assert response.record_count.record_count == POLL_MAX_COUNT
assert response.record_count.partial_count is True
assert len(response.content_blocks) == POLL_RESULT_SIZE
else:
assert response.record_count is None
assert response.more is True
assert response.result_id
server.config['count_blocks_in_poll_responses'] = True
def test_services_available(client, version, https):
headers = prepare_headers(version, https)
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
base_url = '%s://localhost' % ('https' if https else 'http')
response = client.post(
DISCOVERY_NOT_AVAILABLE['address'],
data = request.to_xml(),
headers = headers,
base_url = base_url
)
assert response.status_code == 200
message = as_tm(version).get_message_from_xml(response.data)
assert isinstance(message, as_tm(version).StatusMessage)
assert message.status_type == ST_FAILURE
def test_inbox_req_inbox_invalid_inbox_content_binding(server, version, https):
inbox = server.get_service('inbox-B')
content = make_content(version, content_binding=INVALID_CONTENT_BINDING)
inbox_message = make_inbox_message(
version, dest_collection=COLLECTION_OPEN, blocks=[content])
headers = prepare_headers(version, https)
response = inbox.process(headers, inbox_message)
assert isinstance(response, as_tm(version).StatusMessage)
assert response.status_type == ST_SUCCESS
assert response.in_response_to == MESSAGE_ID
blocks = server.persistence.get_content_blocks(None)
# Content blocks with invalid content should be ignored
assert len(blocks) == 0
def test_post_parse_verification(client, version, https):
headers = prepare_headers(version, https)
headers[HTTP_X_TAXII_SERVICES] = 'invalid-services-spec'
request = as_tm(version).DiscoveryRequest(message_id=MESSAGE_ID)
base_url = '%s://localhost' % ('https' if https else 'http')
response = client.post(
DISCOVERY['address'],
data = request.to_xml(),
headers = headers,
base_url = base_url
)
assert response.status_code == 200
assert is_headers_valid(response.headers, version=version, https=https)
message = as_tm(version).get_message_from_xml(response.data)
assert message.status_type == ST_FAILURE
assert message.in_response_to == MESSAGE_ID
