-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathtest_basicauth.py
122 lines (95 loc) · 3.94 KB
/
test_basicauth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
import base64
import unittest
from flask import Flask
from flask.ext.basicauth import BasicAuth
class BasicAuthTestCase(unittest.TestCase):
def assertIn(self, value, container):
self.assertTrue(value in container)
def setUp(self):
app = Flask(__name__)
app.config['BASIC_AUTH_USERNAME'] = 'john'
app.config['BASIC_AUTH_PASSWORD'] = 'matrix'
basic_auth = BasicAuth(app)
@app.route('/')
def normal_view():
return 'This view does not normally require authentication.'
@app.route('/protected')
@basic_auth.required
def protected_view():
return 'This view always requires authentication.'
self.app = app
self.basic_auth = basic_auth
self.client = app.test_client()
def make_headers(self, username, password):
auth = base64.b64encode(username + b':' + password)
return {'Authorization': b'Basic ' + auth}
def test_sets_default_values_for_configuration(self):
self.assertEqual(self.app.config['BASIC_AUTH_REALM'], '')
self.assertEqual(self.app.config['BASIC_AUTH_FORCE'], False)
def test_views_without_basic_auth_decorator_respond_with_200(self):
response = self.client.get('/')
self.assertEqual(response.status_code, 200)
def test_requires_authentication_for_all_views_when_forced(self):
self.app.config['BASIC_AUTH_FORCE'] = True
response = self.client.get('/')
self.assertEqual(response.status_code, 401)
def test_responds_with_401_without_authorization(self):
response = self.client.get('/protected')
self.assertEqual(response.status_code, 401)
def test_asks_for_authentication(self):
response = self.client.get('/protected')
self.assertIn('WWW-Authenticate', response.headers)
self.assertEqual(
response.headers['WWW-Authenticate'],
'Basic realm=""'
)
def test_asks_for_authentication_with_custom_realm(self):
self.app.config['BASIC_AUTH_REALM'] = 'Secure Area'
response = self.client.get('/protected')
self.assertIn('WWW-Authenticate', response.headers)
self.assertEqual(
response.headers['WWW-Authenticate'],
'Basic realm="Secure Area"'
)
def test_check_credentials_with_correct_credentials(self):
with self.app.test_request_context():
self.assertTrue(
self.basic_auth.check_credentials('john', 'matrix')
)
def test_check_credentials_with_incorrect_credentials(self):
with self.app.test_request_context():
self.assertFalse(
self.basic_auth.check_credentials('john', 'rambo')
)
def test_responds_with_401_with_incorrect_credentials(self):
response = self.client.get(
'/protected',
headers=self.make_headers(b'john', b'rambo')
)
self.assertEqual(response.status_code, 401)
def test_responds_with_200_with_correct_credentials(self):
response = self.client.get(
'/protected',
headers=self.make_headers(b'john', b'matrix')
)
self.assertEqual(response.status_code, 200)
def test_responds_with_200_with_correct_credentials_containing_colon(self):
self.app.config['BASIC_AUTH_PASSWORD'] = 'matrix:'
response = self.client.get(
'/protected',
headers=self.make_headers(b'john', b'matrix:')
)
self.assertEqual(response.status_code, 200)
def test_runs_decorated_view_after_authentication(self):
response = self.client.get(
'/protected',
headers=self.make_headers(b'john', b'matrix')
)
self.assertEqual(
response.data,
b'This view always requires authentication.'
)
def suite():
return unittest.makeSuite(BasicAuthTestCase)
if __name__ == '__main__':
unittest.main(defaultTest='suite')