Back to index

plone3  3.1.7
testAuthenticator.py
Go to the documentation of this file.
00001 import hmac
00002 import sha
00003 import sys
00004 from unittest import TestSuite
00005 from unittest import makeSuite
00006 from AccessControl import getSecurityManager
00007 from zExceptions import Forbidden
00008 from ZPublisher.HTTPRequest import HTTPRequest
00009 from plone.protect.tests.case import KeyringTestCase
00010 from plone.protect.authenticator import AuthenticatorView
00011 from plone.protect.authenticator import AuthenticateForm
00012 
00013 
00014 
00015 class AuthenticatorTests(KeyringTestCase):
00016     def setUp(self):
00017         KeyringTestCase.setUp(self)
00018         self.view=AuthenticatorView(None, None)
00019 
00020 
00021     def setUsername(self, name):
00022         user=getSecurityManager().getUser()
00023         user.name=name
00024 
00025 
00026     def setSecret(self, secret):
00027         self.manager.keys[0]=secret
00028 
00029 
00030     def testIsHtmlInput(self):
00031         auth=self.view.authenticator()
00032         self.failUnless(auth.startswith("<input"))
00033         self.failUnless(auth.endswith("/>"))
00034 
00035 
00036     def testConsistent(self):
00037         one=self.view.authenticator()
00038         two=self.view.authenticator()
00039         self.assertEqual(one, two)
00040 
00041 
00042     def testDiffersPerUser(self):
00043         one=self.view.authenticator()
00044         self.setUsername("other")
00045         two=self.view.authenticator()
00046         self.assertNotEqual(one, two)
00047 
00048 
00049     def testDiffersPerSecret(self):
00050         one=self.view.authenticator()
00051         self.setSecret("other")
00052         two=self.view.authenticator()
00053         self.assertNotEqual(one, two)
00054 
00055 
00056 
00057 class VerifyTests(KeyringTestCase):
00058     def setUp(self):
00059         self.request={}
00060         KeyringTestCase.setUp(self)
00061         self.view=AuthenticatorView(None, self.request)
00062 
00063 
00064     def setAuthenticator(self, key):
00065         user=getSecurityManager().getUser().getUserName()
00066         auth=hmac.new(key, user, sha).hexdigest()
00067         self.request["_authenticator"]=auth
00068 
00069 
00070     def testCorrectAuthenticator(self):
00071         self.manager.keys[0]=("secret")
00072         self.setAuthenticator("secret")
00073         self.assertEqual(self.view.verify(), True)
00074 
00075 
00076     def testOlderSecretVerifies(self):
00077         self.manager.keys[3]="backup"
00078         self.setAuthenticator("backup")
00079         self.assertEqual(self.view.verify(), True)
00080 
00081 
00082     def testMissingAuthenticator(self):
00083         self.assertEqual(self.view.verify(), False)
00084 
00085 
00086     def testIncorrectAuthenticator(self):
00087         self.request["_authenticator"]="incorrect"
00088         self.assertEqual(self.view.verify(), False)
00089 
00090 
00091     def testAuthenticatorWrongType(self):
00092         self.request["_authenticator"]=123
00093         self.assertEqual(self.view.verify(), False)
00094 
00095 
00096 
00097 class DecoratorTests(KeyringTestCase):
00098     def setUp(self):
00099         self.request=HTTPRequest(sys.stdin, dict(SERVER_URL="dummy"), None)
00100         KeyringTestCase.setUp(self)
00101         def func(REQUEST=None):
00102             return 1
00103         self.func=AuthenticateForm(func)
00104 
00105 
00106     def testNoRequestParameter(self):
00107         def func():
00108             pass
00109         self.assertRaises(ValueError, AuthenticateForm, func)
00110 
00111 
00112     def testIgnoreBadRequestType(self):
00113         self.assertEqual(self.func(), 1)
00114 
00115 
00116     def testBadAuthenticator(self):
00117         self.request["_authenticator"]="incorrect"
00118         self.assertRaises(Forbidden, self.func, self.request)
00119 
00120 
00121 def test_suite():
00122     suite=TestSuite()
00123     suite.addTest(makeSuite(AuthenticatorTests))
00124     suite.addTest(makeSuite(VerifyTests))
00125     suite.addTest(makeSuite(DecoratorTests))
00126     return suite