Package cherrypy :: Package test :: Module test_auth_digest
[hide private]
[frames] | no frames]

Source Code for Module cherrypy.test.test_auth_digest

  1  # This file is part of CherryPy <http://www.cherrypy.org/> 
  2  # -*- coding: utf-8 -*- 
  3  # vim:ts=4:sw=4:expandtab:fileencoding=utf-8 
  4   
  5   
  6  import cherrypy 
  7  from cherrypy.lib import auth_digest 
  8   
  9  from cherrypy.test import helper 
 10   
11 -class DigestAuthTest(helper.CPWebCase):
12
13 - def setup_server():
14 class Root: 15 def index(self): 16 return "This is public."
17 index.exposed = True
18 19 class DigestProtected: 20 def index(self): 21 return "Hello %s, you've been authorized." % cherrypy.request.login 22 index.exposed = True 23 24 def fetch_users(): 25 return {'test': 'test'} 26 27 28 get_ha1 = cherrypy.lib.auth_digest.get_ha1_dict_plain(fetch_users()) 29 conf = {'/digest': {'tools.auth_digest.on': True, 30 'tools.auth_digest.realm': 'localhost', 31 'tools.auth_digest.get_ha1': get_ha1, 32 'tools.auth_digest.key': 'a565c27146791cfb', 33 'tools.auth_digest.debug': 'True'}} 34 35 root = Root() 36 root.digest = DigestProtected() 37 cherrypy.tree.mount(root, config=conf) 38 setup_server = staticmethod(setup_server) 39
40 - def testPublic(self):
41 self.getPage("/") 42 self.assertStatus('200 OK') 43 self.assertHeader('Content-Type', 'text/html;charset=utf-8') 44 self.assertBody('This is public.')
45
46 - def testDigest(self):
47 self.getPage("/digest/") 48 self.assertStatus(401) 49 50 value = None 51 for k, v in self.headers: 52 if k.lower() == "www-authenticate": 53 if v.startswith("Digest"): 54 value = v 55 break 56 57 if value is None: 58 self._handlewebError("Digest authentification scheme was not found") 59 60 value = value[7:] 61 items = value.split(', ') 62 tokens = {} 63 for item in items: 64 key, value = item.split('=') 65 tokens[key.lower()] = value 66 67 missing_msg = "%s is missing" 68 bad_value_msg = "'%s' was expecting '%s' but found '%s'" 69 nonce = None 70 if 'realm' not in tokens: 71 self._handlewebError(missing_msg % 'realm') 72 elif tokens['realm'] != '"localhost"': 73 self._handlewebError(bad_value_msg % ('realm', '"localhost"', tokens['realm'])) 74 if 'nonce' not in tokens: 75 self._handlewebError(missing_msg % 'nonce') 76 else: 77 nonce = tokens['nonce'].strip('"') 78 if 'algorithm' not in tokens: 79 self._handlewebError(missing_msg % 'algorithm') 80 elif tokens['algorithm'] != '"MD5"': 81 self._handlewebError(bad_value_msg % ('algorithm', '"MD5"', tokens['algorithm'])) 82 if 'qop' not in tokens: 83 self._handlewebError(missing_msg % 'qop') 84 elif tokens['qop'] != '"auth"': 85 self._handlewebError(bad_value_msg % ('qop', '"auth"', tokens['qop'])) 86 87 get_ha1 = auth_digest.get_ha1_dict_plain({'test' : 'test'}) 88 89 # Test user agent response with a wrong value for 'realm' 90 base_auth = 'Digest username="test", realm="wrong realm", nonce="%s", uri="/digest/", algorithm=MD5, response="%s", qop=auth, nc=%s, cnonce="1522e61005789929"' 91 92 auth_header = base_auth % (nonce, '11111111111111111111111111111111', '00000001') 93 auth = auth_digest.HttpDigestAuthorization(auth_header, 'GET') 94 # calculate the response digest 95 ha1 = get_ha1(auth.realm, 'test') 96 response = auth.request_digest(ha1) 97 # send response with correct response digest, but wrong realm 98 auth_header = base_auth % (nonce, response, '00000001') 99 self.getPage('/digest/', [('Authorization', auth_header)]) 100 self.assertStatus(401) 101 102 # Test that must pass 103 base_auth = 'Digest username="test", realm="localhost", nonce="%s", uri="/digest/", algorithm=MD5, response="%s", qop=auth, nc=%s, cnonce="1522e61005789929"' 104 105 auth_header = base_auth % (nonce, '11111111111111111111111111111111', '00000001') 106 auth = auth_digest.HttpDigestAuthorization(auth_header, 'GET') 107 # calculate the response digest 108 ha1 = get_ha1('localhost', 'test') 109 response = auth.request_digest(ha1) 110 # send response with correct response digest 111 auth_header = base_auth % (nonce, response, '00000001') 112 self.getPage('/digest/', [('Authorization', auth_header)]) 113 self.assertStatus('200 OK') 114 self.assertBody("Hello test, you've been authorized.")
115