Improve SRPRegister tests

3 files changed, 101 insertions, 72 deletions

diff --git a/MANIFEST.in b/MANIFEST.in
index 81418628..a4d18e0b 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -5,3 +5,4 @@ prune docs/_build
 prune docs/covhtml
 include versioneer.py
 include src/leap/util/reqs.txt
+include src/leap/crypto/tests/wrongcert.pem
diff --git a/src/leap/crypto/tests/test_srpregister.py b/src/leap/crypto/tests/test_srpregister.py
index 5ba7306f..f70382ce 100644
--- a/src/leap/crypto/tests/test_srpregister.py
+++ b/src/leap/crypto/tests/test_srpregister.py
@@ -27,8 +27,9 @@ import os
 import sys
 
 from mock import MagicMock
-from nose.twistedtools import reactor, threaded_reactor, stop_reactor
+from nose.twistedtools import reactor, deferred
 from twisted.python import log
+from twisted.internet import threads
 
 from leap.common.testing.https_server import where
 from leap.config.providerconfig import ProviderConfig
@@ -89,19 +90,6 @@ class SRPTestCase(unittest.TestCase):
         cls.register = srpregister.SRPRegister(provider_config=provider)
 
         cls.auth = srpauth.SRPAuth(provider)
-        cls._auth_instance = cls.auth.__dict__['_SRPAuth__instance']
-        cls.authenticate = cls._auth_instance.authenticate
-        cls.logout = cls._auth_instance.logout
-
-        # run!
-        threaded_reactor()
-
-    @classmethod
-    def tearDownClass(cls):
-        """
-        Stops reactor when tearing down the class
-        """
-        stop_reactor()
 
     # helper methods
 
@@ -114,6 +102,41 @@ class SRPTestCase(unittest.TestCase):
 
     # Register tests
 
+    def test_none_port(self):
+        provider = ProviderConfig()
+        provider.get_api_uri = MagicMock()
+        provider.get_api_uri.return_value = "http://localhost/"
+        loaded = provider.load(path=os.path.join(
+            _here, "test_provider.json"))
+        if not loaded:
+            raise ImproperlyConfiguredError(
+                "Could not load test provider config")
+
+        register = srpregister.SRPRegister(provider_config=provider)
+        self.assertEquals(register._port, "443")
+
+    @deferred()
+    def test_wrong_cert(self):
+        provider = ProviderConfig()
+        loaded = provider.load(path=os.path.join(
+            _here, "test_provider.json"))
+        provider.get_ca_cert_path = MagicMock()
+        provider.get_ca_cert_path.return_value = os.path.join(
+            _here,
+            "wrongcacert.pem")
+        provider.get_api_uri = MagicMock()
+        provider.get_api_uri.return_value = self._get_https_uri()
+        if not loaded:
+            raise ImproperlyConfiguredError(
+                "Could not load test provider config")
+
+        register = srpregister.SRPRegister(provider_config=provider)
+        d = threads.deferToThread(register.register_user, "foouser_firsttime",
+                                  "barpass")
+        d.addCallback(self.assertFalse)
+        return d
+
+    @deferred()
     def test_register_user(self):
         """
         Checks if the registration of an unused name works as expected when
@@ -121,17 +144,31 @@ class SRPTestCase(unittest.TestCase):
         when we request a user that is taken.
         """
         # pristine registration
-        ok = self.register.register_user("foouser_firsttime", "barpass")
-        self.assertTrue(ok)
-
+        d = threads.deferToThread(self.register.register_user,
+                                  "foouser_firsttime",
+                                  "barpass")
+        d.addCallback(self.assertTrue)
+        return d
+
+    @deferred()
+    def test_second_register_user(self):
         # second registration attempt with the same user should return errors
-        ok = self.register.register_user("foouser_second", "barpass")
-        self.assertTrue(ok)
+        d = threads.deferToThread(self.register.register_user,
+                                  "foouser_second",
+                                  "barpass")
+        d.addCallback(self.assertTrue)
 
         # FIXME currently we are catching this in an upper layer,
         # we could bring the error validation to the SRPRegister class
-        ok = self.register.register_user("foouser_second", "barpass")
-
+        def register_wrapper(_):
+            return threads.deferToThread(self.register.register_user,
+                                         "foouser_second",
+                                         "barpass")
+        d.addCallback(register_wrapper)
+        d.addCallback(self.assertFalse)
+        return d
+
+    @deferred()
     def test_correct_http_uri(self):
         """
         Checks that registration autocorrect http uris to https ones.
@@ -151,57 +188,15 @@ class SRPTestCase(unittest.TestCase):
             raise ImproperlyConfiguredError(
                 "Could not load test provider config")
 
-        self.register = srpregister.SRPRegister(provider_config=provider)
+        register = srpregister.SRPRegister(provider_config=provider)
 
         # ... and we check that we're correctly taking the HTTPS protocol
         # instead
-        self.assertEquals(self.register._get_registration_uri(),
-                          HTTPS_URI)
-        ok = self.register.register_user("test_failhttp", "barpass")
-        self.assertTrue(ok)
-
-        # XXX need to assert that _get_registration_uri was called too
-
-    # Auth tests
-
-    def test_auth(self):
-        """
-        Checks whether a pair of valid credentials is able to be authenticated.
-        """
-        TEST_USER = "register_test_auth"
-        TEST_PASS = "pass"
-
-        # pristine registration, should go well
-        ok = self.register.register_user(TEST_USER, TEST_PASS)
-        self.assertTrue(ok)
-
-        self.authenticate(TEST_USER, TEST_PASS)
-        with self.assertRaises(AssertionError):
-            # AssertionError: already logged in
-            # We probably could take this as its own exception
-            self.authenticate(TEST_USER, TEST_PASS)
-
-        self.logout()
-
-        # cannot log out two times in a row (there's no session)
-        with self.assertRaises(AssertionError):
-            self.logout()
-
-    def test_auth_with_bad_credentials(self):
-        """
-        Checks that auth does not succeed with bad credentials.
-        """
-        TEST_USER = "register_test_auth"
-        TEST_PASS = "pass"
-
-        # non-existent credentials, should fail
-        with self.assertRaises(srpauth.SRPAuthenticationError):
-            self.authenticate("baduser_1", "passwrong")
-
-        # good user, bad password, should fail
-        with self.assertRaises(srpauth.SRPAuthenticationError):
-            self.authenticate(TEST_USER, "passwrong")
-
-        # bad user, good password, should fail too :)
-        with self.assertRaises(srpauth.SRPAuthenticationError):
-            self.authenticate("myunclejoe", TEST_PASS)
+        reg_uri = register._get_registration_uri()
+        self.assertEquals(reg_uri, HTTPS_URI)
+        register._get_registration_uri = MagicMock(return_value=HTTPS_URI)
+        d = threads.deferToThread(register.register_user, "test_failhttp",
+                                  "barpass")
+        d.addCallback(self.assertTrue)
+
+        return d
diff --git a/src/leap/crypto/tests/wrongcert.pem b/src/leap/crypto/tests/wrongcert.pem
new file mode 100644
index 00000000..e6cff38a
--- /dev/null
+++ b/src/leap/crypto/tests/wrongcert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFtTCCA52gAwIBAgIJAIWZus5EIXNtMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTMwNjI1MTc0NjExWhcNMTgwNjI1MTc0NjExWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEA2ObM7ESjyuxFZYD/Y68qOPQgjgggW+cdXfBpU2p4n7clsrUeMhWdW40Y
+77Phzor9VOeqs3ZpHuyLzsYVp/kFDm8tKyo2ah5fJwzL0VCSLYaZkUQQ7GNUmTCk
+furaxl8cQx/fg395V7/EngsS9B3/y5iHbctbA4MnH3jaotO5EGeo6hw7/eyCotQ9
+KbBV9GJMcY94FsXBCmUB+XypKklWTLhSaS6Cu4Fo8YLW6WmcnsyEOGS2F7WVf5at
+7CBWFQZHaSgIBLmc818/mDYCnYmCVMFn/6Ndx7V2NTlz+HctWrQn0dmIOnCUeCwS
+wXq9PnBR1rSx/WxwyF/WpyjOFkcIo7vm72kS70pfrYsXcZD4BQqkXYj3FyKnPt3O
+ibLKtCxL8/83wOtErPcYpG6LgFkgAAlHQ9MkUi5dbmjCJtpqQmlZeK1RALdDPiB3
+K1KZimrGsmcE624dJxUIOJJpuwJDy21F8kh5ZAsAtE1prWETrQYNElNFjQxM83rS
+ZR1Ql2MPSB4usEZT57+KvpEzlOnAT3elgCg21XrjSFGi14hCEao4g2OEZH5GAwm5
+frf6UlSRZ/g3tLTfI8Hv1prw15W2qO+7q7SBAplTODCRk+Yb0YoA2mMM/QXBUcXs
+vKEDLSSxzNIBi3T62l39RB/ml+gPKo87ZMDivex1ZhrcJc3Yu3sCAwEAAaOBpzCB
+pDAdBgNVHQ4EFgQUPjE+4pun+8FreIdpoR8v6N7xKtUwdQYDVR0jBG4wbIAUPjE+
+4pun+8FreIdpoR8v6N7xKtWhSaRHMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpT
+b21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGSCCQCF
+mbrORCFzbTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQCpvCPdtvXJ
+muTj379TZuCJs7/l0FhA7AHa1WAlHjsXHaA7N0+3ZWAbdtXDsowal6S+ldgU/kfV
+Lq7NrRq+amJWC7SYj6cvVwhrSwSvu01fe/TWuOzHrRv1uTfJ/VXLonVufMDd9opo
+bhqYxMaxLdIx6t/MYmZH4Wpiq0yfZuv//M8i7BBl/qvaWbLhg0yVAKRwjFvf59h6
+6tRFCLddELOIhLDQtk8zMbioPEbfAlKdwwP8kYGtDGj6/9/YTd/oTKRdgHuwyup3
+m0L20Y6LddC+tb0WpK5EyrNbCbEqj1L4/U7r6f/FKNA3bx6nfdXbscaMfYonKAKg
+1cRrRg45sErmCz0QyTnWzXyvbjR4oQRzyW3kJ1JZudZ+AwOi00J5FYa3NiLuxl1u
+gIGKWSrASQWhEdpa1nlCgX7PhdaQgYjEMpQvA0GCA0OF5JDu8en1yZqsOt1hCLIN
+lkz/5jKPqrclY5hV99bE3hgCHRmIPNHCZG3wbZv2yJKxJX1YLMmQwAmSh2N7YwGG
+yXRvCxQs5ChPHyRairuf/5MZCZnSVb45ppTVuNUijsbflKRUgfj/XvfqQ22f+C9N
+Om2dmNvAiS2TOIfuP47CF2OUa5q4plUwmr+nyXQGM0SIoHNCj+MBdFfb3oxxAtI+
+SLhbnzQv5e84Doqz3YF0XW8jyR7q8GFLNA==
+-----END CERTIFICATE-----