summaryrefslogtreecommitdiff
path: root/testing
diff options
context:
space:
mode:
Diffstat (limited to 'testing')
-rw-r--r--testing/tests/server/test_auth.py42
1 files changed, 38 insertions, 4 deletions
diff --git a/testing/tests/server/test_auth.py b/testing/tests/server/test_auth.py
index 6eb647ee..85dd5ecf 100644
--- a/testing/tests/server/test_auth.py
+++ b/testing/tests/server/test_auth.py
@@ -17,7 +17,9 @@
"""
Tests for auth pieces.
"""
+import os
import collections
+import pytest
from contextlib import contextmanager
@@ -31,7 +33,8 @@ from twisted.web.test import test_httpauth
import leap.soledad.server.auth as auth_module
from leap.soledad.server.auth import SoledadRealm
-from leap.soledad.server.auth import TokenChecker
+from leap.soledad.server.auth import CouchDBTokenChecker
+from leap.soledad.server.auth import FileTokenChecker
from leap.soledad.server.auth import TokenCredentialFactory
from leap.soledad.server._resource import SoledadResource
@@ -66,7 +69,7 @@ def dummy_server(token):
yield collections.defaultdict(lambda: DummyServer(token))
-class TokenCheckerTestCase(unittest.TestCase):
+class DatabaseTokenCheckerTestCase(unittest.TestCase):
@inlineCallbacks
def test_good_creds(self):
@@ -74,7 +77,7 @@ class TokenCheckerTestCase(unittest.TestCase):
token = {'user_id': 'user', 'type': 'Token'}
server = dummy_server(token)
# setup the checker with the custom server
- checker = TokenChecker()
+ checker = CouchDBTokenChecker()
auth_module.couch_server = lambda url: server
# assert the checker *can* verify the creds
creds = UsernamePassword('user', 'pass')
@@ -87,7 +90,7 @@ class TokenCheckerTestCase(unittest.TestCase):
token = None
server = dummy_server(token)
# setup the checker with the custom server
- checker = TokenChecker()
+ checker = CouchDBTokenChecker()
auth_module.couch_server = lambda url: server
# assert the checker *cannot* verify the creds
creds = UsernamePassword('user', '')
@@ -95,6 +98,37 @@ class TokenCheckerTestCase(unittest.TestCase):
yield checker.requestAvatarId(creds)
+class FileTokenCheckerTestCase(unittest.TestCase):
+
+ @inlineCallbacks
+ @pytest.mark.usefixtures("method_tmpdir")
+ def test_good_creds(self):
+ auth_file_path = os.path.join(self.tempdir, 'auth.file')
+ with open(auth_file_path, 'w') as tempfile:
+ tempfile.write('goodservice:goodtoken')
+ # setup the checker with the auth tokens file
+ conf = {'services_tokens_file': auth_file_path}
+ checker = FileTokenChecker(conf)
+ # assert the checker *can* verify the creds
+ creds = UsernamePassword('goodservice', 'goodtoken')
+ avatarId = yield checker.requestAvatarId(creds)
+ self.assertEqual('goodservice', avatarId)
+
+ @inlineCallbacks
+ @pytest.mark.usefixtures("method_tmpdir")
+ def test_bad_creds(self):
+ auth_file_path = os.path.join(self.tempdir, 'auth.file')
+ with open(auth_file_path, 'w') as tempfile:
+ tempfile.write('service:token')
+ # setup the checker with the auth tokens file
+ conf = {'services_tokens_file': auth_file_path}
+ checker = FileTokenChecker(conf)
+ # assert the checker *cannot* verify the creds
+ creds = UsernamePassword('service', 'wrongtoken')
+ with self.assertRaises(UnauthorizedLogin):
+ yield checker.requestAvatarId(creds)
+
+
class TokenCredentialFactoryTestcase(
test_httpauth.RequestMixin, test_httpauth.BasicAuthTestsMixin,
unittest.TestCase):