1 files changed, 30 insertions, 29 deletions

diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py
index 72c513f..9fc168b 100755
--- a/users/test/integration/api/python/flow_with_srp.py
+++ b/users/test/integration/api/python/flow_with_srp.py
@@ -11,16 +11,31 @@ import binascii
 
 safe_unhexlify = lambda x: binascii.unhexlify(x) if (len(x) % 2 == 0) else binascii.unhexlify('0'+x)
 
+# using globals for now
+# server = 'https://dev.bitmask.net/1'
+server = 'http://api.lvh.me:3000/1'
+
+def run_tests():
+  login = 'test_' + id_generator()
+  password = id_generator() + id_generator()
+  usr = srp.User( login, password, srp.SHA256, srp.NG_1024 )
+  print_and_parse(signup(login, password))
+
+  auth = print_and_parse(authenticate(usr))
+  verify_or_debug(auth, usr)
+  assert usr.authenticated()
+
+  usr = change_password(auth['id'], login, auth['token'])
+
+  auth = print_and_parse(authenticate(usr))
+  verify_or_debug(auth, usr)
+  # At this point the authentication process is complete.
+  assert usr.authenticated()
+
 # let's have some random name
 def id_generator(size=6, chars=string.ascii_lowercase + string.digits):
   return ''.join(random.choice(chars) for x in range(size))
 
-# using globals for a start
-# server = 'https://dev.bitmask.net/1'
-server = 'http://api.lvh.me:3000/1'
-login = 'test_' + id_generator()
-password = id_generator() + id_generator()
-
 # log the server communication
 def print_and_parse(response):
   request = response.request
@@ -33,16 +48,16 @@ def print_and_parse(response):
   except ValueError:
     return None
 
-def signup(session):
+def signup(login, password):
   salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 )
   user_params = {
       'user[login]': login,
       'user[password_verifier]': binascii.hexlify(vkey),
       'user[password_salt]': binascii.hexlify(salt)
       }
-  return session.post(server + '/users.json', data = user_params, verify = False)
+  return requests.post(server + '/users.json', data = user_params, verify = False)
 
-def change_password(token):
+def change_password(user_id, login, token):
   password = id_generator() + id_generator()
   salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 )
   user_params = {
@@ -51,11 +66,12 @@ def change_password(token):
       }
   auth_headers = { 'Authorization': 'Token token="' + token + '"'}
   print user_params
-  print_and_parse(requests.put(server + '/users/' + auth['id'] + '.json', data = user_params, verify = False, headers = auth_headers))
+  print_and_parse(requests.put(server + '/users/' + user_id + '.json', data = user_params, verify = False, headers = auth_headers))
   return srp.User( login, password, srp.SHA256, srp.NG_1024 )
 
 
-def authenticate(session, login):
+def authenticate(usr):
+  session = requests.session()
   uname, A = usr.start_authentication()
   params = {
       'login': uname,
@@ -63,10 +79,10 @@ def authenticate(session, login):
       }
   init = print_and_parse(session.post(server + '/sessions', data = params, verify=False))
   M = usr.process_challenge( safe_unhexlify(init['salt']), safe_unhexlify(init['B']) )
-  return session.put(server + '/sessions/' + login, verify = False,
+  return session.put(server + '/sessions/' + uname, verify = False,
       data = {'client_auth': binascii.hexlify(M)})
 
-def verify_or_debug(auth):
+def verify_or_debug(auth, usr):
   if ( 'errors' in auth ):
     print '    u = "%x"' % usr.u
     print '    x = "%x"' % usr.x
@@ -77,19 +93,4 @@ def verify_or_debug(auth):
   else:
     usr.verify_session( safe_unhexlify(auth["M2"]) )
 
-usr = srp.User( login, password, srp.SHA256, srp.NG_1024 )
-session = requests.session()
-user = print_and_parse(signup(session))
-
-# SRP signup would happen here and calculate M hex
-auth = print_and_parse(authenticate(session, user['login']))
-verify_or_debug(auth)
-assert usr.authenticated()
-
-usr = change_password(auth['token'])
-
-auth = print_and_parse(authenticate(session, user['login']))
-verify_or_debug(auth)
-# At this point the authentication process is complete.
-assert usr.authenticated()
-
+run_tests()