source: TI12-security/trunk/MyProxyLogonWebService/myproxy/server/test/test_myproxywsgi.py @ 6938

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/MyProxyLogonWebService/myproxy/server/test/test_myproxywsgi.py@6938
Revision 6938, 6.1 KB checked in by pjkersha, 9 years ago (diff)

Incomplete - task 5: MyProxy? Logon HTTPS Interface

  • Added middleware for get trust roots interface
Line 
1#!/usr/bin/env python
2"""Unit tests for MyProxy WSGI Middleware classes and Application.  These are
3run using paste.fixture i.e. tests stubs to a web application server
4"""
5__author__ = "P J Kershaw"
6__date__ = "21/05/10"
7__copyright__ = "(C) 2010 Science and Technology Facilities Council"
8__license__ = "BSD - see LICENSE file in top-level directory"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__revision__ = '$Id$'
11import logging
12logging.basicConfig(level=logging.DEBUG)
13
14import unittest
15import os
16import base64
17from getpass import getpass
18from ConfigParser import SafeConfigParser, NoOptionError
19
20from OpenSSL import crypto
21import paste.fixture
22from paste.deploy import loadapp
23
24from myproxy.server.wsgi.middleware import MyProxyClientMiddleware
25
26
27class TestMyProxyClientMiddlewareApp(object):
28    '''Test Application for MyClientProxyMiddleware'''
29    RESPONSE = "Test MyProxyClientMiddleware"
30   
31    def __call__(self, environ, start_response):
32       
33        assert(environ[MyProxyClientMiddleware.CLIENT_ENV_KEYNAME])
34        assert(environ[MyProxyClientMiddleware.LOGON_FUNC_ENV_KEYNAME])
35        status = "200 OK"
36               
37        start_response(status,
38                       [('Content-length', 
39                         str(len(self.__class__.RESPONSE))),
40                        ('Content-type', 'text/plain')])
41        return [self.__class__.RESPONSE]
42
43
44class MyProxyClientMiddlewareTestCase(unittest.TestCase):
45    def __init__(self, *args, **kwargs):
46        app = TestMyProxyClientMiddlewareApp()
47        app = MyProxyClientMiddleware.filter_app_factory(app, {}, prefix='')
48        self.app = paste.fixture.TestApp(app)
49         
50        unittest.TestCase.__init__(self, *args, **kwargs)
51
52    def test01AssertMyProxyClientInEnviron(self):
53        # Check the middleware has set the MyProxy client object in environ
54        response = self.app.get('/', status=200)
55        self.assert_(response)
56       
57
58class MyProxyPasteDeployTestCaseBase(unittest.TestCase): 
59    """Base class for common Paste Deploy related set-up"""
60    INI_FILENAME = 'myproxywsgi.ini'
61    THIS_DIR = os.path.dirname(__file__)
62    CONFIG_FILENAME = 'test_myproxywsgi.cfg'
63    CONFIG_FILEPATH = os.path.join(THIS_DIR, CONFIG_FILENAME)
64   
65    def __init__(self, *args, **kwargs):
66        here_dir = os.path.dirname(os.path.abspath(__file__))
67        wsgiapp = loadapp('config:' + self.__class__.INI_FILENAME, 
68                          relative_to=here_dir)
69        self.app = paste.fixture.TestApp(wsgiapp)
70       
71        self.cfg = SafeConfigParser({'here': self.__class__.THIS_DIR})
72        self.cfg.optionxform = str
73        self.cfg.read(self.__class__.CONFIG_FILEPATH)
74       
75        unittest.TestCase.__init__(self, *args, **kwargs) 
76               
77               
78class MyProxyLogonAppTestCase(MyProxyPasteDeployTestCaseBase):
79    """Test HTTP MyProxy logon interface"""
80       
81    def _createRequestCreds(self):
82        keyPair = crypto.PKey()
83        keyPair.generate_key(crypto.TYPE_RSA, 1024)
84       
85        certReq = crypto.X509Req()
86       
87        # Create public key object
88        certReq.set_pubkey(keyPair)
89       
90        # Add the public key to the request
91        certReq.sign(keyPair, "md5")
92       
93        pemCertReq = crypto.dump_certificate_request(crypto.FILETYPE_PEM, 
94                                                     certReq)
95        return keyPair, pemCertReq
96       
97    def test01Logon(self):
98        # Test successful logon
99        username = self.cfg.get('test01Logon', 'username')
100        try: 
101            password = self.cfg.get('test01Logon', 'password')
102        except NoOptionError:
103            password = getpass('test01Logon password: ')
104           
105        base64String = base64.encodestring('%s:%s' % (username, password))[:-1]
106        authHeader =  "Basic %s" % base64String
107        headers = {'Authorization': authHeader}
108       
109        # Create key pair and certificate request
110        keyPair, certReq = self._createRequestCreds()
111        response = self.app.post('/logon', certReq, headers=headers, status=200)
112        print response
113        self.assert_(response)
114       
115    def test02NoAuthorisationHeaderSet(self):   
116        # Test failure with omission of HTTP Basic Auth header - a 401 result is
117        # expected.
118             
119        # Create key pair and certificate request
120        keyPair, certReq = self._createRequestCreds()
121        response = self.app.post('/logon', certReq, status=401)
122        print response
123        self.assert_(response) 
124       
125    def test03NoCertificateRequestSent(self):
126        # Test with missing certificate request
127       
128        username = self.cfg.get('test01Logon', 'username')
129        try: 
130            password = self.cfg.get('test01Logon', 'password')
131        except NoOptionError:
132            password = getpass('test01Logon password: ')
133           
134        base64String = base64.encodestring('%s:%s' % (username, password))[:-1]
135        authHeader =  "Basic %s" % base64String
136        headers = {'Authorization': authHeader}
137       
138        # Bad POST'ed content
139        response = self.app.post('/logon', 'x', headers=headers, status=400)
140        print response
141        self.assert_(response)
142       
143    def test04GET(self):
144        # Test HTTP GET request - should be rejected - POST is expected
145       
146        username = self.cfg.get('test01Logon', 'username')
147        try: 
148            password = self.cfg.get('test01Logon', 'password')
149        except NoOptionError:
150            password = getpass('test01Logon password: ')
151           
152        base64String = base64.encodestring('%s:%s' % (username, password))[:-1]
153        authHeader =  "Basic %s" % base64String
154        headers = {'Authorization': authHeader}
155       
156        response = self.app.get('/logon', headers=headers, status=405)
157        print response
158        self.assert_(response)               
159
160
161class MyProxyGetTrustRootsMiddlewareTestCase(MyProxyPasteDeployTestCaseBase):
162    """Test HTTP MyProxy get trust roots interface"""
163   
164    def test01(self):
165        response = self.app.get('/get-trustroots', status=200)
166        self.assert_(response)         
167        print response
168
169if __name__ == "__main__":
170    unittest.main()       
Note: See TracBrowser for help on using the repository browser.