summaryrefslogtreecommitdiff
path: root/src/leap/base
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/base')
-rw-r--r--src/leap/base/tests/test_auth.py45
1 files changed, 23 insertions, 22 deletions
diff --git a/src/leap/base/tests/test_auth.py b/src/leap/base/tests/test_auth.py
index 5652743d..541dea61 100644
--- a/src/leap/base/tests/test_auth.py
+++ b/src/leap/base/tests/test_auth.py
@@ -24,14 +24,15 @@ PASSWORD = "WG3HD06E7ZF3"
INIT_DATA = {u'B': u'd74a9f592193bba8a818dcf500f412f60ce1b999aa9b5166f59fbe02aee97be9ec71a5d62fd16dedd973041efd4c7de0568c0d0c38a3806c78fc96f9ffa59dde89e5a04969905a83b8e700ee9c03b5636ad99624ed1514319b3bdac10cde498c8e064adf2fe04bfc5ee5df0dd06693961190a16caa182c090e59ac52feec693e',
u'salt': u'd09ed33e'}
AUTH_RESULT = {u'M2': u'b040d0cd7ab1f93c4e87ffccdec07491782f2af303ad14f33dc4f0b4b2e40824'}
+session_id = "'BAh7ByIPc2Vzc2lvbl9pZCIlNGU2ZGNhZDc4ZjNmMzE5YzRlMGUyNzJkMzBhYTA5ZTgiDHVzZXJfaWQiJWRhYzJmZGI4YTM5YmFjZGY4M2YyOWI4NDk2NTYzMDFl--6a322f6acb2f52b995bade4eaf54bd21820ab742"
class SRP_SERVER_HTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
class request_handler(NoLogRequestHandler, BaseHTTPRequestHandler):
responses = {
- '/': [ 'OK', '' ],
- '/1/sessions': [ json.dumps(INIT_DATA) ],
- '/1/sessions/' + USERNAME: [ json.dumps(AUTH_RESULT) ]
+ '/': ['OK', ''],
+ '/1/sessions': [json.dumps(INIT_DATA)],
+ '/1/sessions/' + USERNAME: [json.dumps(AUTH_RESULT)]
}
def do_GET(self):
@@ -93,19 +94,21 @@ class SRP_SERVER_HTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
with patch.object(SRPAuth, "get_data") as mocked_post:
with self.assertRaises(SRPAuthenticationError):
mocked_post.return_value = json.loads(
- '{"salt":"%s", "B":"%s", "M2":"%s"}' %
- (binascii.hexlify("fake"), binascii.hexlify("sofake"),
- binascii.hexlify("realfake")))
+ '{"salt":"%s", "B":"%s", "M2":"%s"}' %
+ (binascii.hexlify("fake"),
+ binascii.hexlify("sofake"),
+ binascii.hexlify("realfake")))
srp_auth.authenticate()
srp_auth.authenticate()
+
class SRP_Protected_URI_Sequence(BaseHTTPSServerTestCase, BaseLeapTest):
class request_handler(NoLogRequestHandler, BaseHTTPRequestHandler):
# XXX get the real URIs and find the server side auth sequence
responses = {
- '/1/get_cookie' : '',
- '/1/get_protected' : '',
+ '/1/cert': '',
+ '/1/get_protected': '',
}
def do_GET(self):
@@ -113,24 +116,22 @@ class SRP_Protected_URI_Sequence(BaseHTTPSServerTestCase, BaseLeapTest):
message = '\n'.join(self.responses.get(
path.path, None))
self.send_response(200)
- if path.path == "/1/get_cookie":
- self.send_header("set-cookie", "authorized=True")
+ if path.path == "/1/cert":
+ self.send_header("set-cookie", "_session_id=" + session_id)
if path.path == "/1/get_protected":
# XXX use a cookie library to do some abstraction
# and make this prettier
- if self.headers.has_key("cookie") and \
- self.headers["cookie"].find("authorized=True") > -1:
- self.send_header("set-cookie", "damn=right")
+ if "cookie" in self.headers and \
+ self.headers["cookie"].find("_session_id") > -1:
+ self.send_header("set-cookie", "damn=right")
self.end_headers()
self.wfile.write(message)
-
def test_srp_protected_uri(self):
- print self.get_server()
- s = requests.session()
- r1 = s.get("https://%s/1/get_cookie" % self.get_server(), verify=False)
- self.assertEquals(r1.cookies["authorized"], 'True')
- r2 = s.get("https://%s/1/get_protected" % self.get_server(), verify=False)
- self.assertEquals(r2.cookies["damn"], 'right')
-
-
+ s = requests.session()
+ r1 = s.get("https://%s/1/cert" %
+ self.get_server(), verify=False)
+ self.assertEquals(r1.cookies["_session_id"], session_id)
+ r2 = s.get("https://%s/1/get_protected" %
+ self.get_server(), verify=False)
+ self.assertEquals(r2.cookies["damn"], 'right')