def handle(self, *args, **options): """For each username, print out the token Useful for debugging. """ for username in options['usernames']: self.stdout.write('{username}: {token}\n'.format( username=username, token=get_secret(username)))
def test_success(path, client, username, password, email): User.objects.create_user(username, email, password) secret = get_secret(username) nonce = crypto.get_random_string() timestamp = datetime.utcnow().isoformat() digest = wsse_digest(secret, nonce, timestamp) wsse_header = '''UsernameToken Username="******", PasswordDigest="{digest}", Nonce="{nonce}", Created="{timestamp}"'''.format( username=username, digest=digest, nonce=nonce, timestamp=timestamp) resp = client.get(path, HTTP_AUTHORIZATION='WSSE profile="UsernameToken"', HTTP_X_WSSE=wsse_header) assert resp.status_code == 200 assert resp.content == username
def authenticate(self, username, digest, nonce, timestamp): """Authenticate WSSE :param str username: :param str digest: :param str nonce: :param str timestamp: :rtype: User :returns: None if authentication fails, otherwise return the user object """ secret = get_secret(username) if secret is None: return None # TODO use the timestamp to handle stale requests if not verify_wsse_digest(secret, nonce, timestamp, digest): return None return User.objects.get(username__iexact=username)
def test_regenerate_secret(username, email, password): User.objects.create_user(username, email, password) secret1 = get_secret(username) regenerate_secret(username) secret2 = get_secret(username) assert secret1 != secret2
def test_get_secret_failure(username): assert get_secret(username) is None
def api_key(user): return get_secret(user.username) # uses user fixture so user is created