From 76bc9d708b119d8c5047b487ccedaa9c70fec78b Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Wed, 21 Aug 2013 07:58:52 +0200
Subject: also test updating the user password in python against dev.bm

---
 users/test/integration/api/python/flow_with_srp.py | 63 +++++++++++++---------
 1 file changed, 39 insertions(+), 24 deletions(-)

(limited to 'users')

diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py
index 7b741d6..d37c6af 100755
--- a/users/test/integration/api/python/flow_with_srp.py
+++ b/users/test/integration/api/python/flow_with_srp.py
@@ -16,24 +16,24 @@ def id_generator(size=6, chars=string.ascii_lowercase + string.digits):
   return ''.join(random.choice(chars) for x in range(size))
 
 # using globals for a start
-server = 'https://api.bitmask.net:4430/1'
-login = id_generator()
+server = 'https://dev.bitmask.net/1'
+login = 'test_' + id_generator()
 password = id_generator() + id_generator()
 
-# print '    username = "' + login + '"'
-# print '    password = "' + password + '"'
-
 # log the server communication
 def print_and_parse(response):
-  print response.request.method + ': ' + response.url
-  print "    " + json.dumps(response.request.data)
+  request = response.request
+  print request.method + ': ' + response.url
+  if hasattr(request, 'data'):
+    print "    " + json.dumps(response.request.data)
   print " -> " + response.text
-  return json.loads(response.text)
+  try: 
+    return json.loads(response.text)
+  except ValueError:
+    return None
 
 def signup(session):
   salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 )
-  # print '    salt = "' + binascii.hexlify(salt) + '"'
-  # print '    v = "' + binascii.hexlify(vkey) + '"'
   user_params = {
       'user[login]': login,
       'user[password_verifier]': binascii.hexlify(vkey),
@@ -41,38 +41,53 @@ def signup(session):
       }
   return session.post(server + '/users.json', data = user_params, verify = False)
 
-usr = srp.User( login, password, srp.SHA256, srp.NG_1024 )
+def change_password(session):
+  password = id_generator() + id_generator()
+  salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 )
+  user_params = {
+      'user[password_verifier]': binascii.hexlify(vkey),
+      'user[password_salt]': binascii.hexlify(salt)
+      }
+  print user_params
+  print_and_parse(session.put(server + '/users/' + auth['id'] + '.json', data = user_params, verify = False))
+  return srp.User( login, password, srp.SHA256, srp.NG_1024 )
+
 
 def authenticate(session, login):
   uname, A = usr.start_authentication()
-  # print '    aa = "' + binascii.hexlify(A) + '"'
   params = {
       'login': uname,
       'A': binascii.hexlify(A)
       }
   init = print_and_parse(session.post(server + '/sessions', data = params, verify=False))
-  # print '    b = "' + init['b'] + '"'
-  # print '    bb = "' + init['B'] + '"'
   M = usr.process_challenge( safe_unhexlify(init['salt']), safe_unhexlify(init['B']) )
-  # print '    m = "' + binascii.hexlify(M) + '"'
   return session.put(server + '/sessions/' + login, verify = False,
       data = {'client_auth': binascii.hexlify(M)})
 
+def verify_or_debug(auth):
+  if ( 'errors' in auth ):
+    print '    u = "%x"' % usr.u
+    print '    x = "%x"' % usr.x
+    print '    v = "%x"' % usr.v
+    print '    S = "%x"' % usr.S
+    print '    K = "' + binascii.hexlify(usr.K) + '"'
+    print '    M = "' + binascii.hexlify(usr.M) + '"'
+  else:
+    usr.verify_session( safe_unhexlify(auth["M2"]) )
+
+usr = srp.User( login, password, srp.SHA256, srp.NG_1024 )
 session = requests.session()
 user = print_and_parse(signup(session))
 
 # SRP signup would happen here and calculate M hex
 auth = print_and_parse(authenticate(session, user['login']))
-if ( 'errors' in auth ):
-  print '    u = "%x"' % usr.u
-  print '    x = "%x"' % usr.x
-  print '    v = "%x"' % usr.v
-  print '    S = "%x"' % usr.S
-  print '    K = "' + binascii.hexlify(usr.K) + '"'
-  print '    M = "%x"' % usr.M
-else:
-  usr.verify_session( safe_unhexlify(auth["M2"]) )
+verify_or_debug(auth)
+assert usr.authenticated()
+
+usr = change_password(session)
 
+auth = print_and_parse(authenticate(session, user['login']))
+verify_or_debug(auth)
 # At this point the authentication process is complete.
 assert usr.authenticated()
 
-- 
cgit v1.2.3