diff options
author | Colin Watson <cjwatson@debian.org> | 2017-12-12 15:20:49 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2017-12-12 15:20:49 +0000 |
commit | 9e4403035a9953c99117083e6373ae3c441a76b5 (patch) | |
tree | d91b137df6767bfb8cb72de6b9fd21efb0c3dee4 /macaroonbakery/tests/test_agent.py | |
parent | 949b7072cabce0daed6c94993ad44c8ea8648dbd (diff) |
Import py-macaroon-bakery_1.1.0.orig.tar.gz
Diffstat (limited to 'macaroonbakery/tests/test_agent.py')
-rw-r--r-- | macaroonbakery/tests/test_agent.py | 171 |
1 files changed, 60 insertions, 111 deletions
diff --git a/macaroonbakery/tests/test_agent.py b/macaroonbakery/tests/test_agent.py index 67f5b84..3b38337 100644 --- a/macaroonbakery/tests/test_agent.py +++ b/macaroonbakery/tests/test_agent.py @@ -1,27 +1,22 @@ # Copyright 2017 Canonical Ltd. # Licensed under the LGPLv3, see LICENCE file for details. -import base64 -from datetime import datetime, timedelta import json +import logging import os import tempfile +from datetime import datetime, timedelta from unittest import TestCase -import nacl.encoding -import requests.cookies -import six -from six.moves.urllib.parse import parse_qs -from six.moves.http_cookies import SimpleCookie -from httmock import ( - HTTMock, - urlmatch, - response -) - -import macaroonbakery as bakery -import macaroonbakery.httpbakery as httpbakery +import macaroonbakery.bakery as bakery import macaroonbakery.checkers as checkers +import macaroonbakery.httpbakery as httpbakery import macaroonbakery.httpbakery.agent as agent +import requests.cookies + +from httmock import HTTMock, response, urlmatch +from six.moves.urllib.parse import parse_qs + +log = logging.getLogger(__name__) class TestAgents(TestCase): @@ -44,73 +39,31 @@ class TestAgents(TestCase): os.remove(self.bad_key_agent_filename) os.remove(self.no_username_agent_filename) - def test_load_agents(self): - cookies, key = agent.load_agent_file(self.agent_filename) - self.assertEqual(key.encode(nacl.encoding.Base64Encoder), - b'CqoSgj06Zcgb4/S6RT4DpTjLAfKoznEY3JsShSjKJEU=') - self.assertEqual( - key.public_key.encode(nacl.encoding.Base64Encoder), - b'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=') - - value = cookies.get('agent-login', domain='1.example.com') - jv = base64.b64decode(value) - if six.PY3: - jv = jv.decode('utf-8') - data = json.loads(jv) - self.assertEqual(data['username'], 'user-1') - self.assertEqual(data['public_key'], - 'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=') - - value = cookies.get('agent-login', domain='2.example.com', - path='/discharger') - jv = base64.b64decode(value) - if six.PY3: - jv = jv.decode('utf-8') - data = json.loads(jv) - self.assertEqual(data['username'], 'user-2') - self.assertEqual(data['public_key'], - 'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=') - - def test_load_agents_into_cookies(self): - cookies = requests.cookies.RequestsCookieJar() - c1, key = agent.load_agent_file( - self.agent_filename, - cookies=cookies, - ) - self.assertEqual(c1, cookies) - self.assertEqual( - key.encode(nacl.encoding.Base64Encoder), - b'CqoSgj06Zcgb4/S6RT4DpTjLAfKoznEY3JsShSjKJEU=', - ) - self.assertEqual( - key.public_key.encode(nacl.encoding.Base64Encoder), - b'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=', - ) - - value = cookies.get('agent-login', domain='1.example.com') - jv = base64.b64decode(value) - if six.PY3: - jv = jv.decode('utf-8') - data = json.loads(jv) - self.assertEqual(data['username'], 'user-1') - self.assertEqual(data['public_key'], 'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=') - - value = cookies.get('agent-login', domain='2.example.com', - path='/discharger') - jv = base64.b64decode(value) - if six.PY3: - jv = jv.decode('utf-8') - data = json.loads(jv) - self.assertEqual(data['username'], 'user-2') - self.assertEqual(data['public_key'], 'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=') - - def test_load_agents_with_bad_key(self): + def test_load_auth_info(self): + auth_info = agent.load_auth_info(self.agent_filename) + self.assertEqual(str(auth_info.key), 'CqoSgj06Zcgb4/S6RT4DpTjLAfKoznEY3JsShSjKJEU=') + self.assertEqual(str(auth_info.key.public_key), 'YAhRSsth3a36mRYqQGQaLiS4QJax0p356nd+B8x7UQE=') + self.assertEqual(auth_info.agents, [ + agent.Agent(url='https://1.example.com/', username='user-1'), + agent.Agent(url='https://2.example.com/discharger', username='user-2'), + agent.Agent(url='http://0.3.2.1', username='test-user'), + ]) + + def test_invalid_agent_json(self): + with self.assertRaises(agent.AgentFileFormatError): + agent.read_auth_info('}') + + def test_invalid_read_auth_info_arg(self): with self.assertRaises(agent.AgentFileFormatError): - agent.load_agent_file(self.bad_key_agent_filename) + agent.read_auth_info(0) - def test_load_agents_with_no_username(self): + def test_load_auth_info_with_bad_key(self): with self.assertRaises(agent.AgentFileFormatError): - agent.load_agent_file(self.no_username_agent_filename) + agent.load_auth_info(self.bad_key_agent_filename) + + def test_load_auth_info_with_no_username(self): + with self.assertRaises(agent.AgentFileFormatError): + agent.load_auth_info(self.no_username_agent_filename) def test_agent_login(self): discharge_key = bakery.generate_key() @@ -138,7 +91,8 @@ class TestAgents(TestCase): content='done') except bakery.PermissionDenied: caveats = [ - checkers.Caveat(location='http://0.3.2.1', condition='is-ok') + checkers.Caveat(location='http://0.3.2.1', + condition='is-ok') ] m = server_bakery.oven.macaroon( version=bakery.LATEST_VERSION, @@ -177,11 +131,11 @@ class TestAgents(TestCase): return { 'status_code': 200, 'content': { - 'Macaroon': m.serialize_json() + 'Macaroon': m.to_dict() } } - key = bakery.generate_key() + auth_info = agent.load_auth_info(self.agent_filename) @urlmatch(path='.*/login') def login(url, request): @@ -190,7 +144,7 @@ class TestAgents(TestCase): version=bakery.LATEST_VERSION, expiry=datetime.utcnow() + timedelta(days=1), caveats=[bakery.local_third_party_caveat( - key.public_key, + auth_info.key.public_key, version=httpbakery.request_version(request.headers))], ops=[bakery.Op(entity='agent', action='login')]) return { @@ -204,17 +158,7 @@ class TestAgents(TestCase): HTTMock(discharge), \ HTTMock(login): client = httpbakery.Client(interaction_methods=[ - agent.AgentInteractor( - agent.AuthInfo( - key=key, - agents=[ - agent.Agent( - username='test-user', - url=u'http://0.3.2.1' - ) - ], - ), - ), + agent.AgentInteractor(auth_info), ]) resp = requests.get( 'http://0.1.2.3/here', @@ -315,25 +259,26 @@ class TestAgents(TestCase): key = bakery.generate_key() - @urlmatch(path='.*/visit?$') + @urlmatch(path='.*/visit') def visit(url, request): if request.headers.get('Accept') == 'application/json': return { 'status_code': 200, 'content': { - 'agent': request.url + 'agent': '/agent-visit', } } - cs = SimpleCookie() - cookies = request.headers.get('Cookie') - if cookies is not None: - cs.load(str(cookies)) - public_key = None - for c in cs: - if c == 'agent-login': - json_cookie = json.loads( - base64.b64decode(cs[c].value).decode('utf-8')) - public_key = bakery.PublicKey.deserialize(json_cookie.get('public_key')) + raise Exception('unexpected call to visit without Accept header') + + @urlmatch(path='.*/agent-visit') + def agent_visit(url, request): + if request.method != "POST": + raise Exception('unexpected method') + log.info('agent_visit url {}'.format(url)) + body = json.loads(request.body.decode('utf-8')) + if body['username'] != 'test-user': + raise Exception('unexpected username in body {!r}'.format(request.body)) + public_key = bakery.PublicKey.deserialize(body['public_key']) ms = httpbakery.extract_macaroons(request.headers) if len(ms) == 0: b = bakery.Bakery(key=discharge_key) @@ -356,11 +301,11 @@ class TestAgents(TestCase): return { 'status_code': 200, 'content': { - 'agent-login': True + 'agent_login': True } } - @urlmatch(path='.*/wait?$') + @urlmatch(path='.*/wait$') def wait(url, request): class EmptyChecker(bakery.ThirdPartyCaveatChecker): def check_third_party_caveat(self, ctx, info): @@ -385,12 +330,14 @@ class TestAgents(TestCase): with HTTMock(server_get), \ HTTMock(discharge), \ HTTMock(visit), \ - HTTMock(wait): + HTTMock(wait), \ + HTTMock(agent_visit): client = httpbakery.Client(interaction_methods=[ agent.AgentInteractor( agent.AuthInfo( key=key, - agents=[agent.Agent(username='test-user', url=u'http://0.3.2.1')], + agents=[agent.Agent(username='test-user', + url=u'http://0.3.2.1')], ), ), ]) @@ -414,11 +361,13 @@ agent_file = ''' }, { "url": "https://2.example.com/discharger", "username": "user-2" + }, { + "url": "http://0.3.2.1", + "username": "test-user" }] } ''' - bad_key_agent_file = ''' { "key": { |