Revision bf9bd8dd test/ganeti.http_unittest.py
| b/test/ganeti.http_unittest.py | ||
|---|---|---|
| 30 | 30 |
|
| 31 | 31 |
import ganeti.http.server |
| 32 | 32 |
import ganeti.http.client |
| 33 |
import ganeti.http.auth |
|
| 33 | 34 |
|
| 34 | 35 |
|
| 35 | 36 |
class TestStartLines(unittest.TestCase): |
| ... | ... | |
| 93 | 94 |
self.assert_(message_reader_class.HEADER_LENGTH_MAX > 0) |
| 94 | 95 |
|
| 95 | 96 |
|
| 97 |
class _FakeRequestAuth(http.auth.HttpServerRequestAuthentication): |
|
| 98 |
def __init__(self, realm): |
|
| 99 |
http.auth.HttpServerRequestAuthentication.__init__(self) |
|
| 100 |
|
|
| 101 |
self.realm = realm |
|
| 102 |
|
|
| 103 |
def GetAuthRealm(self, req): |
|
| 104 |
return self.realm |
|
| 105 |
|
|
| 106 |
|
|
| 107 |
class TestAuth(unittest.TestCase): |
|
| 108 |
"""Authentication tests""" |
|
| 109 |
|
|
| 110 |
hsra = http.auth.HttpServerRequestAuthentication |
|
| 111 |
|
|
| 112 |
def testConstants(self): |
|
| 113 |
self.assertEqual(self.hsra._CLEARTEXT_SCHEME, |
|
| 114 |
self.hsra._CLEARTEXT_SCHEME.upper()) |
|
| 115 |
self.assertEqual(self.hsra._HA1_SCHEME, |
|
| 116 |
self.hsra._HA1_SCHEME.upper()) |
|
| 117 |
|
|
| 118 |
def _testVerifyBasicAuthPassword(self, realm, user, password, expected): |
|
| 119 |
ra = _FakeRequestAuth(realm) |
|
| 120 |
|
|
| 121 |
return ra.VerifyBasicAuthPassword(None, user, password, expected) |
|
| 122 |
|
|
| 123 |
|
|
| 124 |
def testVerifyBasicAuthPassword(self): |
|
| 125 |
tvbap = self._testVerifyBasicAuthPassword |
|
| 126 |
|
|
| 127 |
good_pws = ["pw", "pw{", "pw}", "pw{}", "pw{x}y", "}pw",
|
|
| 128 |
"0", "123", "foo...:xyz", "TeST"] |
|
| 129 |
|
|
| 130 |
for pw in good_pws: |
|
| 131 |
# Try cleartext passwords |
|
| 132 |
self.assert_(tvbap("abc", "user", pw, pw))
|
|
| 133 |
self.assert_(tvbap("abc", "user", pw, "{cleartext}" + pw))
|
|
| 134 |
self.assert_(tvbap("abc", "user", pw, "{ClearText}" + pw))
|
|
| 135 |
self.assert_(tvbap("abc", "user", pw, "{CLEARTEXT}" + pw))
|
|
| 136 |
|
|
| 137 |
# Try with invalid password |
|
| 138 |
self.failIf(tvbap("abc", "user", pw, "something"))
|
|
| 139 |
|
|
| 140 |
# Try with invalid scheme |
|
| 141 |
self.failIf(tvbap("abc", "user", pw, "{000}" + pw))
|
|
| 142 |
self.failIf(tvbap("abc", "user", pw, "{unk}" + pw))
|
|
| 143 |
self.failIf(tvbap("abc", "user", pw, "{Unk}" + pw))
|
|
| 144 |
self.failIf(tvbap("abc", "user", pw, "{UNK}" + pw))
|
|
| 145 |
|
|
| 146 |
# Try with invalid scheme format |
|
| 147 |
self.failIf(tvbap("abc", "user", "pw", "{something"))
|
|
| 148 |
|
|
| 149 |
# Hash is MD5("user:This is only a test:pw")
|
|
| 150 |
self.assert_(tvbap("This is only a test", "user", "pw",
|
|
| 151 |
"{ha1}92ea58ae804481498c257b2f65561a17"))
|
|
| 152 |
self.assert_(tvbap("This is only a test", "user", "pw",
|
|
| 153 |
"{HA1}92ea58ae804481498c257b2f65561a17"))
|
|
| 154 |
|
|
| 155 |
self.failIf(tvbap(None, "user", "pw", |
|
| 156 |
"{HA1}92ea58ae804481498c257b2f65561a17"))
|
|
| 157 |
self.failIf(tvbap("Admin area", "user", "pw",
|
|
| 158 |
"{HA1}92ea58ae804481498c257b2f65561a17"))
|
|
| 159 |
self.failIf(tvbap("This is only a test", "someone", "pw",
|
|
| 160 |
"{HA1}92ea58ae804481498c257b2f65561a17"))
|
|
| 161 |
self.failIf(tvbap("This is only a test", "user", "something",
|
|
| 162 |
"{HA1}92ea58ae804481498c257b2f65561a17"))
|
|
| 163 |
|
|
| 164 |
|
|
| 96 | 165 |
if __name__ == '__main__': |
| 97 | 166 |
unittest.main() |
Also available in: Unified diff