source: TI12-security/trunk/python/Tests/AttAuthorityIOtest.py @ 1176

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/Tests/AttAuthorityIOtest.py@1176
Revision 1176, 11.2 KB checked in by pjkersha, 14 years ago (diff)

Changes to incoporate new getHostInfo Attribute Authority WS method.

Tests/AttAuthorityIOtest.py: new unit test test method

Tests/SecurityClientTest?.py: minor changes to test settings

dist/NDG-Security-0.68.tar.gz: new distribution

www/html/attAuthority.wsdl: updated WSDL contains getHostInfo method.

conf/mapConfig.xml: contains new tags for information about the service provider of the AA e.g. loginURI,
service provider name. This is used by the new getHostInfo WS method.

conf/attAuthorityProperties.xml: remove old commented out tags.

NDG/AttAuthorityIO.py: added HostInfo?* classes for handling getHostInfo WS method I/O.

NDG/attAuthority_services_server.py and NDG/attAuthority_services.py: updated inline with WSDL changes.

NDG/AttAuthority.py:

  • readMapConfig updated to include new 'thisHost' tags.
  • self.mapConfig dictionary re-ordered to include top level keys 'thisHost' and 'trustedHosts'
  • New hostInfo property

NDG/AttCert.py: trivial fixes to commenting

NDG/XMLMsg.py: simplify error message for "Invalid keywords set for update..." error

NDG/CredWallet.py:

  • Client public key is now read in at the point where the corresponding pub key file path is set - i.e. in

setClntPubKeyFilePath method. This means the equivalent code in reqAuthorisation is not needed.

  • reqAuthorisation method has a new flag refreshAttCert. If set, the wallet is checked first for an existing

AC issued by the target AA. If found this is returned, and the call to the AA is skipped.

NDG/SecurityClient.py: added AttAuthorityClient?.getHostInfo WS wrapper method.

  • Property svn:executable set to *
Line 
1#!/bin/env python
2
3import unittest
4from NDG.AttAuthorityIO import *
5
6
7class AttAuthorityIOtestCase(unittest.TestCase):
8   
9    def setUp(self):
10        pass
11   
12    def tearDown(self):
13        pass
14
15    def testAuthorisationReq1(self):
16       
17        try:
18            proxyCert = open("./proxy.pem").read().strip()
19
20            userAttCert = \
21"""<?xml version="1.0"?>
22<attributeCertificate>
23    <acInfo>
24        <version>1.0</version>
25        <holder>/CN=pjkersha/O=NDG/OU=BADC</holder>
26        <issuer>/CN=AttributeAuthority/O=NDG/OU=BADC</issuer>
27        <issuerName>BADC</issuerName>
28        <issuerSerialNumber>4</issuerSerialNumber>
29        <validity>
30            <notBefore>2006 03 14 13 02 50</notBefore>
31            <notAfter>2006 03 14 21 02 50</notAfter>
32        </validity>
33        <attributes>
34            <roleSet>
35                <role>
36                    <name>government</name>
37                </role>
38            </roleSet>
39        </attributes>
40        <provenance>original</provenance>
41    </acInfo>
42<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
43<SignedInfo>
44<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
45<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
46<Reference>
47<Transforms>
48<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
49</Transforms>
50<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
51<DigestValue>1c8njnV4ZcDjQKTnfc4Uoj7OUmg=</DigestValue>
52</Reference>
53</SignedInfo>
54<SignatureValue>cmuFVlzeJGV6hRIlJunDwcNdRApXP1aDtuXg1x0FWXjz9t2tEzCm2gqrb0p3hYEh
55pcIwcHTh+yEjpqYSrRqabOqeRivLbfamDwmOWbxPfGzLsX8IrtwL6nDt72YoPhd0
56PlpyXkz9l97Wykh8L2fPF9InTTnpUyZ0j34+lGFroPM=</SignatureValue>
57<KeyInfo>
58<X509Data>
59
60
61
62<X509Certificate>MIIB9TCCAV6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADAwMQwwCgYDVQQKEwNOREcx
63DTALBgNVBAsTBEJBREMxETAPBgNVBAMTCFNpbXBsZUNBMB4XDTA1MTEwMTE0Mjc1
64OVoXDTA2MTEwMTE0Mjc1OVowOjEMMAoGA1UEChMDTkRHMQ0wCwYDVQQLEwRCQURD
65MRswGQYDVQQDExJBdHRyaWJ1dGVBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQAD
66gY0AMIGJAoGBAJylt3cBDPDpFXfho8UM3WDEMm+yWDKeotwEj4oyWdP1ZeU0CQHz
67fovJO/hFcqp6LeQKPir+WcDJoZhlX3rp4QQhRGL4ldATDJg/EXacu5wPnCkVnt3W
68tlL930W97tY7JmyPO4uKNc5DAxt2XFOmU0hnHOGZon1rHpmo+HCf+aanAgMBAAGj
69FTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQAELYlxWcSb
70Ifad6cVtXF2VCw+qoK7qSvqAHISPKTu5IxJoHVMlkQH7IJs73iIvXoKWuaP9zLY0
71w5PaGn7077gPLIcSZhlI7wRb0JigmnJk/WTDjQUYQgDyPdJTGQQ1UqqjE4hYRFs4
72brRl7KmdlZ4XFZqBgO2o2UTea3ZCcHSpsA==</X509Certificate>
73<X509SubjectName>CN=AttributeAuthority,OU=BADC,O=NDG</X509SubjectName>
74<X509IssuerSerial>
75<X509IssuerName>CN=SimpleCA,OU=BADC,O=NDG</X509IssuerName>
76<X509SerialNumber>4</X509SerialNumber>
77</X509IssuerSerial>
78</X509Data>
79</KeyInfo>
80</Signature></attributeCertificate>"""
81     
82            import pdb
83            pdb.set_trace()
84            self.authorisationReq = AuthorisationReq(proxyCert=proxyCert,
85                                                     userAttCert=userAttCert)
86           
87        except Exception, e:
88            self.fail(str(e))
89           
90        print self.authorisationReq()
91        print self.authorisationReq['userAttCert']
92 
93 
94    def testAuthorisationReq2(self):
95       
96        try:
97            proxyCert = open("./proxy.pem").read().strip()
98
99            userAttCert = ""
100           
101            self.authorisationReq = AuthorisationReq(proxyCert=proxyCert,
102                                                     userAttCert=userAttCert)
103           
104        except Exception, e:
105            self.fail(str(e))
106           
107        print self.authorisationReq()
108        print self.authorisationReq['userAttCert']
109                   
110
111    def testAuthorisationReq3(self):
112        """Test parsing of XML text input"""
113       
114        xmlTxt = \
115"""<?xml version="1.0" encoding="UTF-8"?>
116<AuthorisationReq>
117    <userAttCert><attributeCertificate>
118    <acInfo>
119        <version>1.0</version>
120        <holder>/CN=pjkersha/O=NDG/OU=BADC</holder>
121        <issuer>/CN=AttributeAuthority/O=NDG/OU=BADC</issuer>
122        <issuerName>BADC</issuerName>
123        <issuerSerialNumber>4</issuerSerialNumber>
124        <validity>
125            <notBefore>2006 03 14 13 02 50</notBefore>
126            <notAfter>2006 03 14 21 02 50</notAfter>
127        </validity>
128        <attributes>
129            <roleSet>
130                <role>
131                    <name>government</name>
132                </role>
133            </roleSet>
134        </attributes>
135        <provenance>original</provenance>
136    </acInfo>
137<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
138<SignedInfo>
139<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
140<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
141<Reference>
142<Transforms>
143<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
144</Transforms>
145<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
146<DigestValue>1c8njnV4ZcDjQKTnfc4Uoj7OUmg=</DigestValue>
147</Reference>
148</SignedInfo>
149<SignatureValue>cmuFVlzeJGV6hRIlJunDwcNdRApXP1aDtuXg1x0FWXjz9t2tEzCm2gqrb0p3hYEh
150pcIwcHTh+yEjpqYSrRqabOqeRivLbfamDwmOWbxPfGzLsX8IrtwL6nDt72YoPhd0
151PlpyXkz9l97Wykh8L2fPF9InTTnpUyZ0j34+lGFroPM=</SignatureValue>
152<KeyInfo>
153<X509Data>
154
155
156
157<X509Certificate>MIIB9TCCAV6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADAwMQwwCgYDVQQKEwNOREcx
158DTALBgNVBAsTBEJBREMxETAPBgNVBAMTCFNpbXBsZUNBMB4XDTA1MTEwMTE0Mjc1
159OVoXDTA2MTEwMTE0Mjc1OVowOjEMMAoGA1UEChMDTkRHMQ0wCwYDVQQLEwRCQURD
160MRswGQYDVQQDExJBdHRyaWJ1dGVBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQAD
161gY0AMIGJAoGBAJylt3cBDPDpFXfho8UM3WDEMm+yWDKeotwEj4oyWdP1ZeU0CQHz
162fovJO/hFcqp6LeQKPir+WcDJoZhlX3rp4QQhRGL4ldATDJg/EXacu5wPnCkVnt3W
163tlL930W97tY7JmyPO4uKNc5DAxt2XFOmU0hnHOGZon1rHpmo+HCf+aanAgMBAAGj
164FTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQAELYlxWcSb
165Ifad6cVtXF2VCw+qoK7qSvqAHISPKTu5IxJoHVMlkQH7IJs73iIvXoKWuaP9zLY0
166w5PaGn7077gPLIcSZhlI7wRb0JigmnJk/WTDjQUYQgDyPdJTGQQ1UqqjE4hYRFs4
167brRl7KmdlZ4XFZqBgO2o2UTea3ZCcHSpsA==</X509Certificate>
168<X509SubjectName>CN=AttributeAuthority,OU=BADC,O=NDG</X509SubjectName>
169<X509IssuerSerial>
170<X509IssuerName>CN=SimpleCA,OU=BADC,O=NDG</X509IssuerName>
171<X509SerialNumber>4</X509SerialNumber>
172</X509IssuerSerial>
173</X509Data>
174</KeyInfo>
175</Signature></attributeCertificate>
176</userAttCert>
177    <proxyCert>-----BEGIN CERTIFICATE-----
178MIIBzTCCATagAwIBAgIES2vj2zANBgkqhkiG9w0BAQQFADAwMQwwCgYDVQQKEwNO
179REcxDTALBgNVBAsTBEJBREMxETAPBgNVBAMTCHBqa2Vyc2hhMB4XDTA2MDMxNDE1
180MTkwMFoXDTA2MDMxNDIzMjQwMFowRTEMMAoGA1UEChMDTkRHMQ0wCwYDVQQLEwRC
181QURDMREwDwYDVQQDEwhwamtlcnNoYTETMBEGA1UEAxMKMTI2NTM2MTg4MzBcMA0G
182CSqGSIb3DQEBAQUAA0sAMEgCQQDc0W/KBEjfzFH0ALnR68AM+u1ILbCVDBJ1p0BL
183A/ibj0Qxu4xolPk3QApAgESNCH+HbIGx7yzcAm5duKyPa8zVAgMBAAGjIzAhMB8G
184CisGAQQBm1ABgV4BAf8EDjAMMAoGCCsGAQUFBxUBMA0GCSqGSIb3DQEBBAUAA4GB
185ABkpixdwOo+Uk9D5nRPAJnB3hmgt7rCP/C08167rgOl0X2rDZouLLbsBVEl+l9F9
1869+CJ8kT0WpCXCXoezU+enowFkRUwBhtYh/0N680reB/P27CBTEyFwoI7VOVsFfEl
187NeTl1weNqAR6kmQCZOGGjYXpZXhMx02aNglGw9ESsNih
188-----END CERTIFICATE-----
189-----BEGIN RSA PRIVATE KEY-----
190MIIBOgIBAAJBANzRb8oESN/MUfQAudHrwAz67UgtsJUMEnWnQEsD+JuPRDG7jGiU
191+TdACkCARI0If4dsgbHvLNwCbl24rI9rzNUCAwEAAQJAGy/6KJBQfKWGbZltR4hU
192NATtFBb0B9Xdq/i0tMe/Yz+Mwc8Lt8ZEEL/dML/EqFQBKOPJmwHeZSo1ntcWlIaB
193YQIhAP6Q/IAWNaD5a1byJQurLxKuxne1XGgs/aXv1TiC7eBNAiEA3g/Ld9kdZALy
1948ALJE+LgEn4yywxLZyc+DkoD5WM6oqkCIHs24BB7L3/32Z2e3JF2TPWFBOkiLlT6
195Gdd8az7MGKktAiEArW+EqPxoGh67g32JcwC1pXvvS+s0UUKzExH37QcNWtECIAkS
1961oASKxQY2JppPCTa7JZDS2/oFDxILlTlRNhruB4m
197-----END RSA PRIVATE KEY-----
198-----BEGIN CERTIFICATE-----
199MIIB6zCCAVSgAwIBAgIBDDANBgkqhkiG9w0BAQQFADAwMQwwCgYDVQQKEwNOREcx
200DTALBgNVBAsTBEJBREMxETAPBgNVBAMTCFNpbXBsZUNBMB4XDTA2MDEwNjE0MjYw
201NloXDTA4MDEwNjE0MTE0NlowMDEMMAoGA1UEChMDTkRHMQ0wCwYDVQQLEwRCQURD
202MREwDwYDVQQDEwhwamtlcnNoYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
203yEj8Qz+yEHYKTLrQIOlayqWK9AVJu4k8ohfTrmORcNj8eoWJgJGe81Rr5zsimiqc
20449neTwn0GDG3HWeNqQqFUsyrDttQOAc5aNtrFigvotj7yKAcnrpwDU1YISTNzJyi
2053P3sLOYpDnkaurfEhKHjtEVavMHVp6jdzXZAE+sX510CAwEAAaMVMBMwEQYJYIZI
206AYb4QgEBBAQDAgTwMA0GCSqGSIb3DQEBBAUAA4GBALNiZpIZQUOz25nBJeiOxCNi
207dGGHZdDkHN7Bqq4XTjsaTRLFrkX0EqJHR/LtskUlRqeuJByYlt75XV3lesi/Xjcb
208USAWTEl+NLY1JXp3Olrhk+Ialp8aIaM1hhG51wmRZFgmGN93RxiFhHIX3hlsRSdV
209tbb57rWa5U6tlsforWg5
210-----END CERTIFICATE-----
211</proxyCert>
212</AuthorisationReq>"""
213
214        import pdb
215        pdb.set_trace()
216        try:
217            self.authorisationReq = AuthorisationReq(xmlTxt=xmlTxt)
218           
219        except Exception, e:
220            self.fail(str(e))
221           
222        print self.authorisationReq()
223        print self.authorisationReq['userAttCert']
224
225
226    def testSetHostInfoResponse(self):
227       
228        hi = {\
229              'Gabriel': \
230              {
231              'wsdl': 'http://gabriel.bnsc.rl.ac.uk/attAuthority.wsdl', 
232              'loginURI': 'https://gabriel.bnsc.rl.ac.uk/cgi-bin/security.py'
233              }
234          }
235       
236        import pdb
237        pdb.set_trace()
238        try:       
239            self.hostInfoResp = HostInfoResp(thisHost=hi)
240        except Exception, e:
241            self.fail(str(e))
242           
243        print self.hostInfoResp()
244        print self.hostInfoResp['thisHost']
245
246       
247    def testTrustedHosts1(self):
248       
249        th = {'BADC': {'wsdl': 'http://glue.badc.rl.ac.uk/attAuthority.wsdl',
250              'role': ['government']}}       
251        try:       
252            self.trustedHostResp = TrustedHostInfoResp(trustedHosts=th)
253        except Exception, e:
254            self.fail(str(e))
255           
256        print self.trustedHostResp()
257        print self.trustedHostResp['trustedHosts']
258
259
260    def testTrustedHosts2(self):
261       
262        th = {'BADC': {'wsdl': 'http://glue.badc.rl.ac.uk/attAuthority.wsdl',
263              'role': ['government']},
264              'BODC': {'wsdl': 'http://livglue.bodc.ac.uk/attAuthority.wsdl',
265              'role': ['staff', 'bodcUser']}}       
266        try:       
267            self.trustedHostResp = TrustedHostInfoResp(errMsg='', 
268                                                       trustedHosts=th)
269        except Exception, e:
270            self.fail(str(e))
271 
272        print self.trustedHostResp()
273        print self.trustedHostResp['trustedHosts']
274
275
276    def testTrustedHosts3(self):
277       
278        xmlTxt = \
279"""<?xml version="1.0" encoding="UTF-8"?>
280<TrustedHostInfoResp>
281    <trustedHosts>
282        <trusted name="BADC">
283            <wsdl>http://glue.badc.rl.ac.uk/attAuthority.wsdl</wsdl>
284            <roleSet>
285                <role>government</role>
286            </roleSet>
287        </trusted>
288        <trusted name="BODC">
289            <wsdl>http://livglue.bodc.ac.uk/attAuthority.wsdl</wsdl>
290            <roleSet>
291                <role>staff</role>
292                <role>bodcUser</role>
293            </roleSet>
294        </trusted>
295    </trustedHosts>
296</TrustedHostInfoResp>"""
297
298        try:       
299            self.trustedHostResp = TrustedHostInfoResp(xmlTxt=xmlTxt)
300        except Exception, e:
301            self.fail(str(e))
302 
303        print self.trustedHostResp()
304        print self.trustedHostResp['trustedHosts']
305       
306
307class AttAuthorityIOtestSuite(unittest.TestSuite):
308    def __init__(self):
309        map = map(AttAuthorityIOtestCase,
310                  (
311#                    "testAuthorisationReq1",
312#                    "testAuthorisationReq2",
313                    "testAuthorisationReq3",
314#                    "testTrustedHosts1",
315#                    "testTrustedHosts2",
316#                    "testTrustedHosts3"
317                  ))
318        unittest.TestSuite.__init__(self, map)
319                                       
320if __name__ == "__main__":
321    unittest.main()
Note: See TracBrowser for help on using the repository browser.