Ignore:
Timestamp:
07/10/08 13:24:45 (12 years ago)
Author:
pjkersha
Message:

Refactoring of CredWallet?

  • added tests for getting mapped AC
  • unit tests now complete
Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWallet.cfg

    r4285 r4293  
    2222 
    2323# See attAuthority unit tests to get this service running 
    24 #attributeAuthorityURI=http://localhost:5000/AttributeAuthority 
    25 attributeAuthorityURI=http://localhost:4900/AttributeAuthority 
     24attributeAuthorityURI=http://localhost:5000/AttributeAuthority 
     25# Switch to alt port for testing with tcpmon 
     26#attributeAuthorityURI=http://localhost:4900/AttributeAuthority 
    2627 
    2728# Omit Credential Repository and use default NullCredentialRepository 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWalletTest.cfg

    r4285 r4293  
    1111[setUp] 
    1212cfgFilePath = $NDGSEC_CREDWALLET_UNITTEST_DIR/credWallet.cfg 
     13 
     14# Site B Attribute Authority from the attAuthority unit tests.  This is a site 
     15# where the user is not registered 
     16#attributeAuthorityURI=http://localhost:5100/AttributeAuthority 
     17# Test with tcpmon 
     18attributeAuthorityURI=http://localhost:5099/AttributeAuthority 
     19userX509CertFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/test.crt 
     20userPriKeyFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/test.key 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/test_credwallet.py

    r4290 r4293  
    2020                                                    CaseSensitiveConfigParser 
    2121from ndg.security.common.X509 import X509CertParse 
    22 from ndg.security.common.CredWallet import * 
     22from ndg.security.common.CredWallet import CredWallet, \ 
     23                                            CredWalletAttributeRequestDenied 
    2324 
    2425from os.path import expandvars as xpdVars 
     
    180181        print "Attribute Certificate:\n%s" % attCert 
    181182          
    182 # 
    183 # 
    184 #    def test6aGetAttCertRefusedWithSessID(self): 
    185 #        """test6aGetAttCertRefusedWithSessID: make an attribute request using 
    186 #        a sessID as authentication credential requesting an AC from an 
    187 #        Attribute Authority where the user is NOT registered""" 
    188 # 
    189 #        self.sessionMgrConnect() 
    190 #         
    191 #        aaURI = self.cfg.get('test6aGetAttCertRefusedWithSessID', 'aauri') 
    192 #         
    193 #        attCert, errMsg, extAttCertList = self.credWallet.getAttCert(sessID=self.sessID,  
    194 #                                         aaURI=aaURI, 
    195 #                                         mapFromTrustedHosts=False) 
    196 #        if errMsg: 
    197 #            print "SUCCESS - obtained expected result: %s" % errMsg 
    198 #            return 
    199 #         
    200 #        self.fail("Request allowed from AA where user is NOT registered!") 
    201 # 
    202 #    def test6bGetMappedAttCertWithSessID(self): 
    203 #        """test6bGetMappedAttCertWithSessID: make an attribute request using 
    204 #        a session ID as authentication credential""" 
    205 # 
    206 #        self.sessionMgrConnect() 
    207 #         
    208 #        # Attribute Certificate cached in test 6 can be used to get a mapped 
    209 #        # AC for this test ... 
    210 #        self.credWallet = self.test6GetAttCertWithSessID() 
    211 # 
    212 #        aaURI = self.cfg.get('test6bGetMappedAttCertWithSessID', 'aauri') 
    213 #         
    214 #        attCert, errMsg, extAttCertList=self.credWallet.getAttCert(sessID=self.sessID, 
    215 #                                                   aaURI=aaURI, 
    216 #                                                   mapFromTrustedHosts=True) 
    217 #        if errMsg: 
    218 #            self.fail(errMsg) 
    219 #             
    220 #        print "Attribute Certificate:\n%s" % attCert   
    221 # 
    222 #    def test6cGetAttCertWithExtAttCertListWithSessID(self): 
    223 #        """test6cGetAttCertWithSessID: make an attribute request using 
    224 #        a session ID as authentication credential""" 
    225 #         
    226 #        self.sessionMgrConnect() 
    227 #         
    228 #        aaURI = \ 
    229 #            self.cfg.get('test6cGetAttCertWithExtAttCertListWithSessID', 'aauri') 
    230 #         
    231 #        # Use output from test6GetAttCertWithSessID! 
    232 #        extACFilePath = \ 
    233 #        xpdVars(self.cfg.get('test6cGetAttCertWithExtAttCertListWithSessID',  
    234 #                             'extacfilepath'))    
    235 #        extAttCert = open(extACFilePath).read() 
    236 #         
    237 #        attCert, errMsg, extAttCertList = self.credWallet.getAttCert( 
    238 #                                                   sessID=self.sessID,  
    239 #                                                   aaURI=aaURI, 
    240 #                                                   extAttCertList=[extAttCert]) 
    241 #        if errMsg: 
    242 #            self.fail(errMsg) 
    243 #           
    244 #        print "Attribute Certificate:\n%s" % attCert   
    245 # 
    246 # 
    247 #    def test7GetAttCertWithUserCert(self): 
    248 #        """test7GetAttCertWithUserCert: make an attribute request using 
    249 #        a user cert as authentication credential""" 
    250 #        self.sessionMgrConnect() 
    251 # 
    252 #        # Request an attribute certificate from an Attribute Authority  
    253 #        # using the userCert returned from connect() 
    254 #         
    255 #        aaURI = self.cfg.get('test7GetAttCertWithUserCert', 'aauri') 
    256 #        attCert, errMsg, extAttCertList = self.credWallet.getAttCert(\ 
    257 #                                     userCert=self.userCert, aaURI=aaURI) 
    258 #        if errMsg: 
    259 #            self.fail(errMsg) 
    260 #           
    261 #        print "Attribute Certificate:\n%s" % attCert   
    262 # 
    263 # 
    264 #class CredWalletTestSuite(unittest.TestSuite): 
    265 #     
    266 #    def __init__(self): 
    267 #        print "CredWalletTestSuite ..." 
    268 #        smTestCaseMap = map(CredWalletTestCase, 
    269 #                          ( 
    270 #                            "test1Connect", 
    271 #                            "test6GetAttCertWithSessID", 
    272 #                            "test6bGetMappedAttCertWithSessID", 
    273 #                            "test6cGetAttCertWithExtAttCertListWithSessID", 
    274 #                            "test7GetAttCertWithUserCert", 
    275 #                          )) 
    276 #        unittest.TestSuite.__init__(self, smTestCaseMap) 
     183 
     184 
     185    def test5GetAttCertRefusedWithUserCert(self): 
     186         
     187        credWallet = CredWallet(cfg=self.cfg.get('setUp', 'cfgFilePath'))     
     188        credWallet.userX509CertFilePath = self.cfg.get('setUp', 
     189                                                       'userX509CertFilePath') 
     190        credWallet.userPriKeyFilePath = self.cfg.get('setUp', 
     191                                                     'userPriKeyFilePath') 
     192         
     193        # Set AA URI AFTER user PKI settings so that these are picked in the 
     194        # implicit call to create a new AA Client when the URI is set 
     195        credWallet.attributeAuthorityURI = self.cfg.get('setUp',  
     196                                                    'attributeAuthorityURI') 
     197        try: 
     198            attCert = credWallet.getAttCert() 
     199        except CredWalletAttributeRequestDenied, e: 
     200            print "SUCCESS - obtained expected result: %s" % e 
     201            return 
     202         
     203        self.fail("Request allowed from Attribute Authority where user is NOT " 
     204                  "registered!") 
     205 
     206    def test6GetMappedAttCertWithUserId(self): 
     207         
     208        # Call Site A Attribute Authority where user is registered 
     209        credWallet = CredWallet(cfg=self.cfg.get('setUp', 'cfgFilePath')) 
     210        attCert = credWallet.getAttCert() 
     211 
     212        # Use Attribute Certificate cached in wallet to get a mapped  
     213        # Attribute Certificate from Site B's Attribute Authority 
     214        siteBURI = self.cfg.get('setUp', 'attributeAuthorityURI')         
     215        attCert = credWallet.getAttCert(attributeAuthorityURI=siteBURI) 
     216             
     217        print("Mapped Attribute Certificate from Site B Attribute " 
     218              "Authority:\n%s" % attCert) 
    277219             
    278220                                                     
    279221if __name__ == "__main__": 
    280 #    suite = CredWalletTestSuite() 
    281 #    unittest.TextTestRunner(verbosity=2).run(suite) 
    282222    unittest.main()         
Note: See TracChangeset for help on using the changeset viewer.