/
test_whov2.py
225 lines (192 loc) · 9.18 KB
/
test_whov2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
##############################################################################
#
# Copyright (c) 2010 Agendaless Consulting and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the BSD-like license at
# http://www.repoze.org/LICENSE.txt. A copy of the license should accompany
# this distribution. THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL
# EXPRESS OR IMPLIED WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND
# FITNESS FOR A PARTICULAR PURPOSE
#
##############################################################################
import unittest
class WhoV2AuthenticationPolicyTests(unittest.TestCase):
_tempdir = None
def setUp(self):
from pyramid.config import Configurator
self.config = Configurator(autocommit=True)
self.config.begin()
def tearDown(self):
self.config.end()
if self._tempdir is not None:
import shutil
shutil.rmtree(self._tempdir)
def _getTargetClass(self):
from pyramid_who.whov2 import WhoV2AuthenticationPolicy
return WhoV2AuthenticationPolicy
def _makeFile(self, filename, tempdir=None, text=None):
import os
if tempdir is None:
import tempfile
tempdir = self._tempdir = tempfile.mkdtemp()
result = os.path.join(tempdir, filename)
if text is not None:
f = open(result, 'w')
f.write(text)
f.close()
return result
def _makeOne(self, config_file=None, identifier_id='test', callback=None):
if config_file is None:
config_file = self._makeFile('who.ini', text='')
if callback is None:
return self._getTargetClass()(config_file, identifier_id)
return self._getTargetClass()(config_file, identifier_id, callback)
def _makeRequest(self, **kw):
from pyramid.testing import DummyRequest
return DummyRequest(**kw)
def test_class_conforms_to_IAuthenticationPolicy(self):
from zope.interface.verify import verifyClass
from pyramid.interfaces import IAuthenticationPolicy
verifyClass(IAuthenticationPolicy, self._getTargetClass())
def test_instance_conforms_to_IAuthenticationPolicy(self):
from zope.interface.verify import verifyObject
from pyramid.interfaces import IAuthenticationPolicy
verifyObject(IAuthenticationPolicy, self._makeOne())
def test_ctor_invalid_config_file_name(self):
self.assertRaises(Exception, self._makeOne, '/nonesuch')
def test_ctor_invalid_config_file_content(self):
filename = self._makeFile('not-ini.txt', text='this is not an INI file')
self.assertRaises(Exception, self._makeOne, filename)
def test_unauthenticated_userid_no_identity_in_environ(self):
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.unauthenticated_userid(request), None)
def test_unauthenticated_userid_w_api_in_environ(self):
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
'repoze.who.api': DummyAPI('phred'),
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.unauthenticated_userid(request), 'phred')
def test_authenticated_userid_no_identity_in_environ(self):
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.authenticated_userid(request), None)
def test_authenticated_userid_w_api_in_environ(self):
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
'repoze.who.api': DummyAPI('phred'),
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.authenticated_userid(request), 'phred')
def test_authenticated_userid_wo_callback_w_identity_in_environ(self):
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'phred'}}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.authenticated_userid(request), 'phred')
def test_authenticated_userid_w_callback_veto_w_identity_in_environ(self):
def _callback(identity, request):
return None
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'phred'}}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne(callback=_callback)
self.assertEqual(policy.authenticated_userid(request), None)
def test_authenticated_userid_w_callback_pass_w_identity_in_environ(self):
def _callback(identity, request):
return ['phlyntstones']
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'phred'}}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne(callback=_callback)
self.assertEqual(policy.authenticated_userid(request), 'phred')
def test_effective_principals_no_identity_in_environ(self):
from pyramid.security import Everyone
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.effective_principals(request), [Everyone])
def test_effective_principals_w_api_in_environ(self):
from pyramid.security import Authenticated
from pyramid.security import Everyone
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
'repoze.who.api': DummyAPI('phred'),
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.effective_principals(request),
['phred', Authenticated, Everyone])
def test_effective_principals_wo_callback_w_identity_in_environ(self):
from pyramid.security import Authenticated
from pyramid.security import Everyone
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'phred'}}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.effective_principals(request),
['phred', Authenticated, Everyone])
def test_effective_principals_w_callback_veto_w_identity_in_environ(self):
from pyramid.security import Everyone
def _callback(identity, request):
return None
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'phred'}}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne(callback=_callback)
self.assertEqual(policy.effective_principals(request), [Everyone])
def test_effective_principals_w_callback_pass_w_identity_in_environ(self):
from pyramid.security import Authenticated
from pyramid.security import Everyone
def _callback(identity, request):
return ['phlyntstones']
ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'phred'}}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne(callback=_callback)
self.assertEqual(policy.effective_principals(request),
['phred', 'phlyntstones', Authenticated, Everyone])
def test_remember_w_api_in_environ(self):
HEADERS = [('Fruit', 'Basket')]
api = DummyAPI(headers=HEADERS)
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
'repoze.who.api': api,
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.remember(request, 'phred'), HEADERS)
self.assertEqual(api._remembered, {'repoze.who.userid': 'phred',
'identifier': 'test',
})
def test_forget_w_api_in_environ(self):
HEADERS = [('Fruit', 'Basket')]
api = DummyAPI(authenticated='phred', headers=HEADERS)
ENVIRON = {'wsgi.version': '1.0',
'HTTP_USER_AGENT': 'testing',
'repoze.who.api': api,
}
request = self._makeRequest(environ=ENVIRON)
policy = self._makeOne()
self.assertEqual(policy.forget(request), HEADERS)
self.assertEqual(api._forgtten, {'repoze.who.userid': 'phred'})
class DummyAPI:
def __init__(self, authenticated=None, headers=()):
self._authenticated = authenticated
self._headers = headers
def authenticate(self):
if self._authenticated is not None:
return {'repoze.who.userid': self._authenticated}
def remember(self, identity=None):
self._remembered = identity
return self._headers
def forget(self, identity=None):
self._forgtten = identity
return self._headers