Revision 1428a464 aai/tests.py
| b/aai/tests.py | ||
|---|---|---|
| 11 | 11 |
from django.test.client import Client |
| 12 | 12 |
from django.conf import settings |
| 13 | 13 |
|
| 14 |
from synnefo.aai.shibboleth import Tokens, NoUniqueToken |
|
| 15 | 14 |
from synnefo.db.models import SynnefoUser |
| 16 | 15 |
|
| 17 | 16 |
from datetime import datetime, timedelta |
| 18 | 17 |
|
| 19 |
class AuthTestCase(TestCase): |
|
| 18 |
from synnefo.aai.shibboleth import Tokens, NoUniqueToken |
|
| 19 |
|
|
| 20 |
class AaiTestCase(TestCase): |
|
| 20 | 21 |
fixtures = ['api_test_data', 'auth_test_data'] |
| 21 | 22 |
apibase = '/api/v1.1' |
| 22 | 23 |
|
| ... | ... | |
| 26 | 27 |
def test_shibboleth_correct_request(self): |
| 27 | 28 |
"""test request that should succeed and register a user |
| 28 | 29 |
""" |
| 29 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 30 |
response = self.client.get('/index.html', {},
|
|
| 30 | 31 |
**{Tokens.SIB_NAME: 'Jimmy',
|
| 31 | 32 |
Tokens.SIB_EPPN: 'jh@gmail.com', |
| 32 | 33 |
Tokens.SIB_CN: 'Jimmy Hendrix', |
| ... | ... | |
| 44 | 45 |
self.assertEquals(response['X-Auth-Token'], user.auth_token) |
| 45 | 46 |
#self.assertNotEquals(response.cookies['X-Auth-Token'].find(user.auth_token), -1) |
| 46 | 47 |
|
| 47 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 48 |
**{Tokens.SIB_NAME: 'Jimmy',
|
|
| 49 |
Tokens.SIB_EPPN: 'jh@gmail.com', |
|
| 50 |
Tokens.SIB_CN: 'Jimmy Hendrix', |
|
| 51 |
Tokens.SIB_SESSION_ID: '123321', |
|
| 52 |
'TEST-AAI' : 'true'}) |
|
| 53 |
|
|
| 54 |
user1 = None |
|
| 55 |
try: |
|
| 56 |
user1 = SynnefoUser.objects.get(uniq = "jh@gmail.com") |
|
| 57 |
except SynnefoUser.DoesNotExist: |
|
| 58 |
self.assertNotEqual(user1, None) |
|
| 59 |
|
|
| 60 |
self.assertEquals(user1.auth_token , user.auth_token) |
|
| 61 |
self.assertTrue(response['Location'].endswith, '/servers') |
|
| 62 |
|
|
| 63 |
def test_auth_cookie(self): |
|
| 64 |
user = SynnefoUser.objects.get(uniq = "test@synnefo.gr") |
|
| 65 |
self.client.cookies['X-Auth-Token'] = user.auth_token |
|
| 66 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 67 |
**{'X-Auth-Token': user.auth_token,
|
|
| 68 |
'TEST-AAI' : 'true'}) |
|
| 69 |
self.assertTrue(response.status_code, 200) |
|
| 70 |
self.assertTrue('Vary' in response)
|
|
| 71 |
self.assertTrue('X-Auth-Token' in response['Vary'])
|
|
| 72 | 48 |
|
| 73 | 49 |
def test_shibboleth_no_uniq_request(self): |
| 74 | 50 |
"""test a request with no unique field |
| 75 | 51 |
""" |
| 76 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 77 |
**{Tokens.SIB_NAME: 'Jimmy',
|
|
| 78 |
Tokens.SIB_CN: 'Jimmy Hendrix',
|
|
| 79 |
'TEST-AAI' : 'true'})
|
|
| 52 |
response = self.client.get('/index.html', {},
|
|
| 53 |
**{Tokens.SIB_NAME: 'Jimmy',
|
|
| 54 |
Tokens.SIB_CN: 'Jimmy Hendrix', |
|
| 55 |
'TEST-AAI': 'true'})
|
|
| 80 | 56 |
self._test_redirect(response) |
| 81 | 57 |
|
| 58 |
|
|
| 82 | 59 |
def test_shibboleth_expired_token(self): |
| 83 | 60 |
""" test request from expired token |
| 84 | 61 |
""" |
| 85 |
user = SynnefoUser.objects.get(uniq = "test@synnefo.gr")
|
|
| 62 |
user = SynnefoUser.objects.get(uniq="test@synnefo.gr")
|
|
| 86 | 63 |
self.assertNotEqual(user.auth_token_created, None) |
| 87 | 64 |
self._update_user_ts(user) |
| 88 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 89 |
**{'X-Auth-Token': user.auth_token,
|
|
| 90 |
'TEST-AAI' : 'true'})
|
|
| 65 |
response = self.client.get('/index.html', {},
|
|
| 66 |
**{'X-Auth-Token': user.auth_token,
|
|
| 67 |
'TEST-AAI': 'true'})
|
|
| 91 | 68 |
self._test_redirect(response) |
| 92 | 69 |
|
| 93 | 70 |
def test_shibboleth_redirect(self): |
| 94 | 71 |
""" test redirect to Sibboleth page |
| 95 | 72 |
""" |
| 96 |
response = self.client.get(self.apibase + '/servers', {}, **{'TEST-AAI' : 'true'})
|
|
| 73 |
response = self.client.get('/index.html', {}, **{'TEST-AAI': 'true'})
|
|
| 97 | 74 |
self._test_redirect(response) |
| 98 | 75 |
|
| 99 | 76 |
def test_shibboleth_auth(self): |
| 100 | 77 |
""" test authentication with X-Auth-Token |
| 101 | 78 |
""" |
| 102 |
user = SynnefoUser.objects.get(uniq = "test@synnefo.gr")
|
|
| 103 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 104 |
**{'X-Auth-Token': user.auth_token,
|
|
| 105 |
'TEST-AAI' : 'true'})
|
|
| 79 |
user = SynnefoUser.objects.get(uniq="test@synnefo.gr")
|
|
| 80 |
response = self.client.get('/index.html', {},
|
|
| 81 |
**{'X-Auth-Token': user.auth_token,
|
|
| 82 |
'TEST-AAI': 'true'})
|
|
| 106 | 83 |
self.assertTrue(response.status_code, 200) |
| 107 | 84 |
self.assertTrue('Vary' in response)
|
| 108 | 85 |
self.assertTrue('X-Auth-Token' in response['Vary'])
|
| 109 | 86 |
|
| 110 |
def test_fail_oapi_auth(self): |
|
| 111 |
""" test authentication from not registered user using OpenAPI |
|
| 112 |
""" |
|
| 113 |
response = self.client.get(self.apibase + '/servers', {},
|
|
| 114 |
**{'X-Auth-User': 'notme',
|
|
| 115 |
'X-Auth-Key': '0xdeadbabe', |
|
| 116 |
'TEST-AAI' : 'true'}) |
|
| 117 |
self.assertEquals(response.status_code, 401) |
|
| 118 |
|
|
| 119 |
def test_oapi_auth(self): |
|
| 120 |
"""authentication with user registration |
|
| 121 |
""" |
|
| 122 |
response = self.client.get(self.apibase + '/', {},
|
|
| 123 |
**{'X-Auth-User': 'testdbuser',
|
|
| 124 |
'X-Auth-Key': 'test@synnefo.gr', |
|
| 125 |
'TEST-AAI' : 'true'}) |
|
| 126 |
self.assertEquals(response.status_code, 204) |
|
| 127 |
self.assertNotEqual(response['X-Auth-Token'], None) |
|
| 128 |
self.assertEquals(response['X-Server-Management-Url'], '') |
|
| 129 |
self.assertEquals(response['X-Storage-Url'], '') |
|
| 130 |
self.assertEquals(response['X-CDN-Management-Url'], '') |
|
| 131 |
|
|
| 132 | 87 |
def _test_redirect(self, response): |
| 133 | 88 |
self.assertEquals(response.status_code, 302) |
| 134 | 89 |
self.assertTrue('Location' in response)
|
| ... | ... | |
| 137 | 92 |
def _update_user_ts(self, user): |
| 138 | 93 |
user.auth_token_created = (datetime.now() - |
| 139 | 94 |
timedelta(hours = settings.AUTH_TOKEN_DURATION)) |
| 140 |
user.save() |
|
| 141 |
|
|
| 142 |
|
|
| 95 |
user.save() |
|
Also available in: Unified diff