source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py @ 2085

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py@2085
Revision 2085, 5.4 KB checked in by pjkersha, 13 years ago (diff)

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

python/www/html/attAuthority.wsdl,
python/ndg.security.server/ndg/security/server/AttAuthority/AttAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/AttAuthority/AttAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/AttAuthority/AttAuthority_services.py:
Include request denied message in getAttCertResponse.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
fix to AttAuthorityAccessDenied? doc message.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
Exlpicitly convert AttCert? in response to string type.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • make explicit imports from ndg.security.common.CredWallet?
  • make X509CertParse import
  • updated exception handling for getAttCert call to CredWallet?.

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:
Remove statusCode from getAttCertResponse - not needed.

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py:
minor updates to getAttCert tests.

python/ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg:
fix to test1Store settings

python/ndg.security.test/ndg/security/test/MyProxy/Makefile:
makefile copies proxy obtained from MyProxy? ready for use in AttAuthority? client tests.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • add AttributeRequestDenied? import from SessionMgr?.
  • fix test4CookieDisconnect signing PKI settings
  • revised output tuple for getAttCert calls.
  • Added test6aCookieGetAttCertRefused to demonstrate attribute request denied exception
  • test3ProxyCertConnect signature verification failing at server!

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
added more getAttCert test params.

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:

python/ndg.security.common/ndg/security/common/wsSecurity.py:
comment out all print statements - only 'print decryptedData' affected in decrypt method
of EncryptionHandler?. This is not in use.

python/ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • Added AttributeRequestDenied? exception for handling getAttCert calls.
  • msg now included in output tuple for getAttCert call.

python/ndg.security.common/ndg/security/common/AttCert.py:
Override XMLSecDoc parent class toString and str calls so that output is returned even
if the signature DOM object has not been initialised.

python/ndg.security.common/ndg/security/common/CredWallet.py:

  • Property svn:executable set to *
Line 
1#!/usr/bin/env python
2"""NDG Attribute Authority client unit tests
3
4NERC Data Grid Project
5
6@author P J Kershaw 05/05/05, major update 16/01/07
7
8@copyright (C) 2007 CCLRC & NERC
9
10@license This software may be distributed under the terms of the Q Public
11License, version 1.0 or later.
12"""
13
14reposID = '$Id$'
15
16import unittest
17import os, sys, getpass
18from ConfigParser import SafeConfigParser
19
20from ndg.security.common.AttAuthority import AttAuthorityClient
21from ndg.security.common.AttCert import AttCertRead
22
23
24class AttAuthorityClientTestCase(unittest.TestCase):
25   
26    def setUp(self):
27
28        configParser = SafeConfigParser()
29        configParser.read("./attAuthorityClientTest.cfg")
30       
31        self.cfg = {}
32        for section in configParser.sections():
33            self.cfg[section] = dict(configParser.items(section))
34
35        tracefile = sys.stderr
36
37        # Instantiate WS proxy
38        self.clnt = AttAuthorityClient(uri=self.cfg['setUp']['uri'],
39               signingCertFilePath=self.cfg['setUp']['usercertfilepath'],
40               signingPriKeyFilePath=self.cfg['setUp']['userprikeyfilepath'],
41               tracefile=sys.stderr)
42                   
43   
44   
45    def test1GetX509Cert(self):
46        '''test1GetX509Cert: retrieve Attribute Authority's X.509 cert.'''
47        #import pdb;pdb.set_trace()
48        resp = self.clnt.getX509Cert()
49        print "Attribute Authority X.509 cert.:\n" + resp
50
51    def test2GetHostInfo(self):
52        """test2GetHostInfo: retrieve info for AA host"""
53        hostInfo = self.clnt.getHostInfo()
54        print "Host Info:\n %s" % hostInfo
55       
56
57    def test3GetTrustedHostInfo(self):
58        """test3GetTrustedHostInfo: retrieve trusted host info matching a
59        given role"""
60        trustedHostInfo = self.clnt.getTrustedHostInfo(\
61                                 self.cfg['test3GetTrustedHostInfo']['role'])
62        print "Trusted Host Info:\n %s" % trustedHostInfo
63
64
65    def test4GetTrustedHostInfoWithNoRole(self):
66        """test4GetTrustedHostInfoWithNoRole: retrieve trusted host info
67        irrespective of role"""
68        trustedHostInfo = self.clnt.getTrustedHostInfo()
69        print "Trusted Host Info:\n %s" % trustedHostInfo
70
71
72    def test5GetAttCert(self):       
73        """test5GetAttCert: Request attribute certificate from NDG Attribute
74        Authority Web Service."""
75   
76        # Read user Certificate into a string ready for passing via WS
77        try:
78            userCertFilePath = \
79                self.cfg['test5GetAttCert'].get('issuingusercertfilepath')
80            userCertTxt = open(userCertFilePath, 'r').read()
81       
82        except TypeError:
83            # No issuing cert set
84            userCertTxt = None
85               
86        except IOError, ioErr:
87            raise "Error reading certificate file \"%s\": %s" % \
88                                    (ioErr.filename, ioErr.strerror)
89
90        # Make attribute certificate request
91        attCert = self.clnt.getAttCert(userCert=userCertTxt)
92       
93        print "Attribute Certificate: \n\n:" + str(attCert)
94       
95        attCert.filePath = self.cfg['test5GetAttCert']['attcertfilepath']
96        attCert.write()
97
98
99    def test6GetMappedAttCert(self):       
100        """test6GetMappedAttCert: Request mapped attribute certificate from
101        NDG Attribute Authority Web Service."""
102   
103        # Read user Certificate into a string ready for passing via WS
104        try:
105            userCertFilePath = \
106            self.cfg['test6GetMappedAttCert'].get('issuingusercertfilepath')
107            userCertTxt = open(userCertFilePath, 'r').read()
108       
109        except TypeError:
110            # No issuing cert set
111            userCertTxt = None
112               
113        except IOError, ioErr:
114            raise "Error reading certificate file \"%s\": %s" % \
115                                    (ioErr.filename, ioErr.strerror)
116   
117   
118        # Simlarly for Attribute Certificate
119        try:
120            userAttCert = AttCertRead(\
121                self.cfg['test6GetMappedAttCert']['userattcertfilepath'])
122           
123        except IOError, ioErr:
124            raise "Error reading attribute certificate file \"%s\": %s" %\
125                                    (ioErr.filename, ioErr.strerror)
126       
127        # Make client to site B Attribute Authority   
128        clnt = AttAuthorityClient(
129uri=self.cfg['test6GetMappedAttCert']['uri'], 
130signingCertFilePath=self.cfg['test6GetMappedAttCert']['usercertfilepath'],
131signingPriKeyFilePath=self.cfg['test6GetMappedAttCert']['userprikeyfilepath'],
132tracefile=sys.stderr)
133   
134        # Make attribute certificate request
135        attCert = clnt.getAttCert(userCert=userCertTxt,
136                                  userAttCert=userAttCert)
137        print "Attribute Certificate: \n\n:" + str(attCert)
138 
139 
140#_____________________________________________________________________________       
141class AttAuthorityClientTestSuite(unittest.TestSuite):
142    def __init__(self):
143        map = map(AttAuthorityClientTestCase,
144                  (
145                    "test1GetX509Cert",
146                    "test2GetHostInfo",
147                    "test3GetTrustedHostInfo",
148                    "test4GetTrustedHostInfoWithNoRole",
149                    "test5GetAttCert",
150                    "test6GetMappedAttCert",
151                  ))
152        unittest.TestSuite.__init__(self, map)
153                                       
154if __name__ == "__main__":
155    unittest.main()
Note: See TracBrowser for help on using the repository browser.