/usr/lib/python2.7/dist-packages/repoze/who/plugins/tests/test_htpasswd.py is in python-repoze.who 2.2-3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 | import unittest
class TestHTPasswdPlugin(unittest.TestCase):
def _getTargetClass(self):
from repoze.who.plugins.htpasswd import HTPasswdPlugin
return HTPasswdPlugin
def _makeOne(self, *arg, **kw):
plugin = self._getTargetClass()(*arg, **kw)
return plugin
def _makeEnviron(self, kw=None):
environ = {}
environ['wsgi.version'] = (1,0)
if kw is not None:
environ.update(kw)
return environ
def failUnless(self, predicate, message=''):
self.assertTrue(predicate, message) # Nannies go home!
def failIf(self, predicate, message=''):
self.assertFalse(predicate, message) # Nannies go home!
def test_implements(self):
from zope.interface.verify import verifyClass
from repoze.who.interfaces import IAuthenticator
klass = self._getTargetClass()
verifyClass(IAuthenticator, klass)
def test_authenticate_nocreds(self):
from repoze.who._compat import StringIO
io = StringIO()
plugin = self._makeOne(io, None)
environ = self._makeEnviron()
creds = {}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, None)
def test_authenticate_nolines(self):
from repoze.who._compat import StringIO
io = StringIO()
def check(password, hashed):
return True
plugin = self._makeOne(io, check)
environ = self._makeEnviron()
creds = {'login':'chrism', 'password':'pass'}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, None)
def test_authenticate_nousermatch(self):
from repoze.who._compat import StringIO
io = StringIO('nobody:foo')
def check(password, hashed):
return True
plugin = self._makeOne(io, check)
environ = self._makeEnviron()
creds = {'login':'chrism', 'password':'pass'}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, None)
def test_authenticate_match(self):
from repoze.who._compat import StringIO
io = StringIO('chrism:pass')
def check(password, hashed):
return True
plugin = self._makeOne(io, check)
environ = self._makeEnviron()
creds = {'login':'chrism', 'password':'pass'}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, 'chrism')
def test_authenticate_badline(self):
from repoze.who._compat import StringIO
io = StringIO('badline\nchrism:pass')
def check(password, hashed):
return True
plugin = self._makeOne(io, check)
environ = self._makeEnviron()
creds = {'login':'chrism', 'password':'pass'}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, 'chrism')
def test_authenticate_filename(self):
import os
here = os.path.abspath(os.path.dirname(__file__))
htpasswd = os.path.join(here, 'fixtures', 'test.htpasswd')
def check(password, hashed):
return True
plugin = self._makeOne(htpasswd, check)
environ = self._makeEnviron()
creds = {'login':'chrism', 'password':'pass'}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, 'chrism')
def test_authenticate_bad_filename_logs_to_repoze_who_logger(self):
import os
here = os.path.abspath(os.path.dirname(__file__))
htpasswd = os.path.join(here, 'fixtures', 'test.htpasswd.nonesuch')
def check(password, hashed):
return True
plugin = self._makeOne(htpasswd, check)
environ = self._makeEnviron()
class DummyLogger:
warnings = []
def warn(self, msg):
self.warnings.append(msg)
logger = environ['repoze.who.logger'] = DummyLogger()
creds = {'login':'chrism', 'password':'pass'}
result = plugin.authenticate(environ, creds)
self.assertEqual(result, None)
self.assertEqual(len(logger.warnings), 1)
self.failUnless('could not open htpasswd' in logger.warnings[0])
def test_crypt_check(self):
import sys
# win32 does not have a crypt library, don't
# fail here
if "win32" == sys.platform:
return
from crypt import crypt
salt = '123'
hashed = crypt('password', salt)
from repoze.who.plugins.htpasswd import crypt_check
self.assertEqual(crypt_check('password', hashed), True)
self.assertEqual(crypt_check('notpassword', hashed), False)
def test_sha1_check(self):
from base64 import standard_b64encode
from hashlib import sha1
from repoze.who._compat import must_encode
from repoze.who.plugins.htpasswd import sha1_check
encrypted_string = standard_b64encode(sha1(
must_encode("password")).digest())
self.assertEqual(sha1_check('password',
"%s%s" % ("{SHA}", encrypted_string)), True)
self.assertEqual(sha1_check('notpassword',
"%s%s" % ("{SHA}", encrypted_string)), False)
def test_plain_check(self):
from repoze.who.plugins.htpasswd import plain_check
self.failUnless(plain_check('password', 'password'))
self.failIf(plain_check('notpassword', 'password'))
def test_factory_no_filename_raises(self):
from repoze.who.plugins.htpasswd import make_plugin
self.assertRaises(ValueError, make_plugin)
def test_factory_no_check_fn_raises(self):
from repoze.who.plugins.htpasswd import make_plugin
self.assertRaises(ValueError, make_plugin, 'foo')
def test_factory(self):
from repoze.who.plugins.htpasswd import make_plugin
from repoze.who.plugins.htpasswd import crypt_check
plugin = make_plugin('foo',
'repoze.who.plugins.htpasswd:crypt_check')
self.assertEqual(plugin.filename, 'foo')
self.assertEqual(plugin.check, crypt_check)
|