Ignore:
Timestamp:
24/09/09 15:07:54 (11 years ago)
Author:
pjkersha
Message:

Working unit tests for Authentication redirect handler with SSL Client based authentication.

Location:
TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/authn
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/authn/ssl-test.ini

    r5757 r5766  
    1616pipeline = SSLClientAuthNFilter  
    1717                   BeakerSessionFilter 
     18                   AuthnRedirectInitiatorFilter  
    1819                   AuthnRedirectResponseFilter  
    19                    AuthnRedirectInitiatorFilter  
    2020                   TestApp 
    2121 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/authn/test.ini

    r5757 r5766  
    55# 
    66[DEFAULT] 
     7beakerSessionKeyName = beaker.session.ndg.security 
    78 
    89[server:main] 
     
    1213 
    1314[pipeline:main] 
    14 pipeline = AuthNRedirectFilter TestApp 
     15pipeline = BeakerSessionFilter AuthnRedirectInitiatorFilter TestApp 
    1516 
    1617[app:TestApp] 
    1718paste.app_factory = ndg.security.test.unit.wsgi.authn.test_authn:TestAuthnApp 
    1819 
    19 [filter:AuthNRedirectFilter] 
    20 paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthnRedirectInitiatorMiddleware 
     20[filter:BeakerSessionFilter] 
     21paste.filter_app_factory = beaker.middleware:SessionMiddleware 
     22 
     23# Cookie name 
     24beaker.session.key = ndg.security.session 
     25 
     26# WSGI environ key name 
     27environ_key = %(beakerSessionKeyName)s 
     28beaker.session.secret = rBIvKXLa+REYB8pM/8pdPoorVpKQuaOW 
     29beaker.cache.data_dir = %(here)s/authn/beaker/cache 
     30beaker.session.data_dir = %(here)s/authn/beaker/sessions 
     31 
     32 
     33# Redirect HTTPS based endpoint for SSL client Based authentication 
     34[filter:AuthnRedirectInitiatorFilter] 
     35paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthenticationMiddleware 
    2136prefix = authN. 
    22 authN.redirectURI = /redirect2here 
     37authN.redirectURI = /redirect2Here 
    2338#authN.redirectURI = http://localhost:5800/verify 
     39 
     40# AuthKit Set-up 
     41authkit.setup.method=cookie 
     42 
     43# This cookie name and secret MUST agree with the name used by the security web 
     44# services app 
     45authkit.cookie.name=ndg.security.auth 
     46authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr 
     47authkit.cookie.signoutpath = /logout 
     48 
     49# Disable inclusion of client IP address from cookie signature due to  
     50# suspected problem with AuthKit setting it when a HTTP Proxy is in place 
     51authkit.cookie.includeip = False 
     52 
     53# environ key name for beaker session 
     54authkit.session.middleware = %(beakerSessionKeyName)s 
     55 
     56#[filter:AuthNRedirectFilter] 
     57#paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthnRedirectInitiatorMiddleware 
     58#prefix = authN. 
     59#authN.redirectURI = /redirect2Here 
     60##authN.redirectURI = http://localhost:5800/verify 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/authn/test_authn.py

    r5757 r5766  
    3636    '''Test Application for the Authentication handler to protect''' 
    3737    response = "Test Authentication redirect application" 
    38         
     38     
     39    loggedIn = lambda self, environ: 'username' in environ.get( 
     40                                                self.beakerSessionKeyName, {}) 
     41     
    3942    def __init__(self, app_conf, **local_conf): 
    40         pass 
     43        self.beakerSessionKeyName = app_conf.get('beakerSessionKeyName') 
    4144     
    4245    def __call__(self, environ, start_response): 
     
    5457            environ['REMOTE_USER'] = 'testuser' 
    5558            status = "200 OK" 
     59         
     60        elif environ['PATH_INFO'] == '/test_sslClientAuthn': 
     61            if self.loggedIn(environ): 
     62                status = "200 OK" 
     63            else: 
     64                status = "401 Unauthorized" 
    5665        else: 
    5766            status = "404 Not found" 
     
    7483         
    7584    def test01Catch401WithNotLoggedIn(self): 
    76         response = self.app.get('/test_401WithNotLoggedIn') 
    77         self.assert_(response.status == 302) 
     85        response = self.app.get('/test_401WithNotLoggedIn', status=302) 
     86        redirectResponse = response.follow(status=404) 
    7887         
    79         try: 
    80             redirectResponse = response.follow() 
    81         except paste.fixture.AppError, e: 
    82             self.failIf('404 Not found' not in str(e),  
    83                         "Expecting 404 Not found") 
    84  
    8588    def test02Skip200WithLoggedIn(self): 
    8689        response = self.app.get('/test_200WithLoggedIn', 
    87                                 extra_environ={'REMOTE_USER': 'testuser'}) 
     90                                extra_environ={'REMOTE_USER': 'testuser'}, 
     91                                status=200) 
     92        print(response.body) 
    8893 
    8994    def test03Catch401WithLoggedIn(self): 
     
    9196                                extra_environ={'REMOTE_USER': 'testuser'}, 
    9297                                status=401) 
     98        print(response.body) 
    9399         
    94100    def test04Catch200WithNotLoggedIn(self): 
    95         response = self.app.get('/test_200WithNotLoggedIn') 
    96         self.assert_(response.status == 302) 
    97          
    98         try: 
    99             redirectResponse = response.follow() 
    100         except paste.fixture.AppError, e: 
    101             self.failIf('404 Not found' not in str(e),  
    102                         "Expecting 404 Not found") 
     101        response = self.app.get('/test_200WithNotLoggedIn', status=200) 
    103102 
    104103 
     
    114113        BaseTestCase.__init__(self, *arg, **kw) 
    115114         
    116     def test01Catch401WithNotLoggedIn(self): 
     115    def test01(self): 
    117116        thisDir = os.path.dirname(__file__) 
    118117        sslClientCertFilePath = os.path.join( 
     
    123122        extra_environ = {'HTTPS':'1', 'SSL_CLIENT_CERT': sslClientCert} 
    124123 
    125         response = self.app.get('/test_401WithNotLoggedIn', 
     124        print("request secured URI '/test_sslClientAuthn' ...") 
     125        response = self.app.get('/test_sslClientAuthn', 
    126126                                extra_environ=extra_environ, 
    127127                                status=302) 
    128128         
     129        print("Redirect to SSL Client Authentication endpoint %r ..." % 
     130              response.header_dict['location']) 
     131         
     132        # Redirect to SSL Client Authentication endpoint 
    129133        redirectResponse = response.follow(extra_environ=extra_environ, 
    130134                                           status=302) 
     135 
     136        print("Redirect back to secured URI with authenticated session %r ..."% 
     137              redirectResponse.header_dict['location']) 
    131138         
    132         finalResponse = redirectResponse.follow(extra_environ=extra_environ) 
    133          
     139        finalResponse = redirectResponse.follow(extra_environ=extra_environ, 
     140                                                status=200) 
    134141        print finalResponse 
    135142         
Note: See TracChangeset for help on using the changeset viewer.