source: TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/ssl/test_ssl.py @ 5757

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/ssl/test_ssl.py@5757
Revision 5757, 2.9 KB checked in by pjkersha, 10 years ago (diff)

Testing SSL Client Authentication middleware with session and redirect middleware to enable wget support for NDG Security.

Line 
1#!/usr/bin/env python
2"""Unit tests for WSGI SSL Client Authentication Middleware
3
4NERC DataGrid Project
5"""
6__author__ = "P J Kershaw"
7__date__ = "22/05/09"
8__copyright__ = "(C) 2009 Science and Technology Facilities Council"
9__license__ = "BSD - see LICENSE file in top-level directory"
10__contact__ = "Philip.Kershaw@stfc.ac.uk"
11__revision__ = '$Id$'
12import logging
13
14import unittest
15import os
16import re
17
18import paste.fixture
19from paste.deploy import loadapp
20from ndg.security.test.unit import BaseTestCase
21from ndg.security.common.X509 import X509Cert
22
23class TestSSLClientAuthnApp(BaseTestCase):
24    '''Test Application for the Authentication handler to protect'''
25    response = "Test Authentication redirect application"
26       
27    def __init__(self, app_conf, **local_conf):
28        pass
29   
30    def __call__(self, environ, start_response):
31       
32        if environ['PATH_INFO'] == '/secured/uri':
33            status = "200 OK"
34           
35        elif environ['PATH_INFO'] == '/unsecured':
36            status = "200 OK"
37           
38        elif environ['PATH_INFO'] == '/test_200WithNotLoggedIn':
39            status = "200 OK"
40           
41        elif environ['PATH_INFO'] == '/test_200WithLoggedIn':
42            environ['REMOTE_USER'] = 'testuser'
43            status = "200 OK"
44        else:
45            status = "404 Not found"
46               
47        start_response(status,
48                       [('Content-length', 
49                         str(len(TestSSLClientAuthnApp.response))),
50                        ('Content-type', 'text/plain')])
51        return [TestSSLClientAuthnApp.response]
52
53
54class SSLClientAuthNTestCase(BaseTestCase):
55
56    def __init__(self, *args, **kwargs):
57        here_dir = os.path.dirname(os.path.abspath(__file__))
58        wsgiapp = loadapp('config:test.ini', relative_to=here_dir)
59        self.app = paste.fixture.TestApp(wsgiapp)
60         
61        BaseTestCase.__init__(self, *args, **kwargs)
62       
63
64    def test01NotAnSSLRequest(self):
65        # This request should be ignored because the SSL environment settings
66        # are not present
67        response = self.app.get('/unsecured')
68   
69    def test02NoClientCertSet(self):
70        extra_environ = {'HTTPS':'1'}
71        response = self.app.get('/secured/uri',
72                                extra_environ=extra_environ,
73                                status=401)
74   
75    def test03ClientCertSet(self):
76        thisDir = os.path.dirname(__file__)
77        sslClientCertFilePath = os.path.join(
78                                os.environ[BaseTestCase.configDirEnvVarName],
79                                'pki',
80                                'test.crt')
81        sslClientCert = X509Cert.Read(sslClientCertFilePath).toString()
82        extra_environ = {'HTTPS':'1', 'SSL_CLIENT_CERT': sslClientCert}
83        response = self.app.get('/secured/uri',
84                                extra_environ=extra_environ,
85                                status=200)
86
87
88if __name__ == "__main__":
89    unittest.main()       
Note: See TracBrowser for help on using the repository browser.