From c76718932382e6851e1ad9f004246bde3fc74de8 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 2 Oct 2012 15:45:07 +0200
Subject: starting to write a srp test with python srp lib

---
 users/test/integration/api/python/flow_with_srp.py | 58 ++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100755 users/test/integration/api/python/flow_with_srp.py

(limited to 'users/test')

diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py
new file mode 100755
index 0000000..cb89f6e
--- /dev/null
+++ b/users/test/integration/api/python/flow_with_srp.py
@@ -0,0 +1,58 @@
+#!/usr/bin/env python
+
+# under development
+
+import requests
+import json
+import string
+import random
+import srp
+import binascii
+
+# let's have some random name
+def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
+  return ''.join(random.choice(chars) for x in range(size))
+
+# using globals for a start
+server = 'http://localhost:3000'
+login = id_generator()
+password = id_generator() + id_generator()
+
+# log the server communication
+def print_and_parse(response):
+  print response.request.method + ': ' + response.url
+  print "    " + json.dumps(response.request.data)
+  print " -> " + response.text
+  return json.loads(response.text)
+
+def signup(session):
+  salt, vkey = srp.create_salted_verification_key( login, password )
+  user_params = {
+      'user[login]': login,
+      'user[password_verifier]': binascii.hexlify(vkey),
+      'user[password_salt]': binascii.hexlify(salt)
+      }
+  return session.post(server + '/users.json', data = user_params)
+
+usr = srp.User( login, password )
+
+def authenticate(session, login):
+  uname, A = usr.start_authentication()
+  params = {
+      'login': uname,
+      'A': A
+      }
+  init = print_and_parse(session.post(server + '/sessions', data = params))
+  M = usr.process_challenge( init['salt'], init['B'] )
+  return session.put(server + '/sessions/' + login, data = {'client_auth': M})
+
+session = requests.session()
+user = print_and_parse(signup(session))
+
+# SRP signup would happen here and calculate M hex
+auth = print_and_parse(authenticate(session, user['login']))
+usr.verify_session( auth )
+
+# At this point the authentication process is complete.
+assert usr.authenticated()
+
-- 
cgit v1.2.3