openid.test.test_association

1 from openid.test import datadriven 2 3 import unittest 4 5 from openid.message import Message, BARE_NS, OPENID_NS, OPENID2_NS 6 from openid import association 7 import time 8 from openid import cryptutil 9 import warnings 10

11 -class AssociationSerializationTest(unittest.TestCase):

12 - def test_roundTrip(self):

13 issued = int(time.time()) 14 lifetime = 600 15 assoc = association.Association( 16 'handle', 'secret', issued, lifetime, 'HMAC-SHA1') 17 s = assoc.serialize() 18 assoc2 = association.Association.deserialize(s) 19 self.failUnlessEqual(assoc.handle, assoc2.handle) 20 self.failUnlessEqual(assoc.issued, assoc2.issued) 21 self.failUnlessEqual(assoc.secret, assoc2.secret) 22 self.failUnlessEqual(assoc.lifetime, assoc2.lifetime) 23 self.failUnlessEqual(assoc.assoc_type, assoc2.assoc_type)

24 25 from openid.server.server import \ 26 DiffieHellmanSHA1ServerSession, \ 27 DiffieHellmanSHA256ServerSession, \ 28 PlainTextServerSession 29 30 from openid.consumer.consumer import \ 31 DiffieHellmanSHA1ConsumerSession, \ 32 DiffieHellmanSHA256ConsumerSession, \ 33 PlainTextConsumerSession 34 35 from openid.dh import DiffieHellman 36

37 -def createNonstandardConsumerDH():

38 nonstandard_dh = DiffieHellman(1315291, 2) 39 return DiffieHellmanSHA1ConsumerSession(nonstandard_dh)

40

41 -class DiffieHellmanSessionTest(datadriven.DataDrivenTestCase):

42 secrets = [ 43 '\x00' * 20, 44 '\xff' * 20, 45 ' ' * 20, 46 'This is a secret....', 47 ] 48 49 session_factories = [ 50 (DiffieHellmanSHA1ConsumerSession, DiffieHellmanSHA1ServerSession), 51 (createNonstandardConsumerDH, DiffieHellmanSHA1ServerSession), 52 (PlainTextConsumerSession, PlainTextServerSession), 53 ] 54

55 - def generateCases(cls):

56 return [(c, s, sec) 57 for c, s in cls.session_factories 58 for sec in cls.secrets]

59 60 generateCases = classmethod(generateCases) 61

62 - def __init__(self, csess_fact, ssess_fact, secret):

63 datadriven.DataDrivenTestCase.__init__(self, csess_fact.__name__) 64 self.secret = secret 65 self.csess_fact = csess_fact 66 self.ssess_fact = ssess_fact

67

68 - def runOneTest(self):

69 csess = self.csess_fact() 70 msg = Message.fromOpenIDArgs(csess.getRequest()) 71 ssess = self.ssess_fact.fromMessage(msg) 72 check_secret = csess.extractSecret( 73 Message.fromOpenIDArgs(ssess.answer(self.secret))) 74 self.failUnlessEqual(self.secret, check_secret)

75 76 77

78 -class TestMakePairs(unittest.TestCase):

79 """Check the key-value formatting methods of associations. 80 """ 81

82 - def setUp(self):

83 self.message = m = Message(OPENID2_NS) 84 m.updateArgs(OPENID2_NS, { 85 'mode': 'id_res', 86 'identifier': '=example', 87 'signed': 'identifier,mode', 88 'sig': 'cephalopod', 89 }) 90 m.updateArgs(BARE_NS, {'xey': 'value'}) 91 self.assoc = association.Association.fromExpiresIn( 92 3600, '{sha1}', 'very_secret', "HMAC-SHA1")

93 94

95 - def testMakePairs(self):

96 """Make pairs using the OpenID 1.x type signed list.""" 97 pairs = self.assoc._makePairs(self.message) 98 expected = [ 99 ('identifier', '=example'), 100 ('mode', 'id_res'), 101 ] 102 self.failUnlessEqual(pairs, expected)

103 104 105

106 -class TestMac(unittest.TestCase):

107 - def setUp(self):

108 self.pairs = [('key1', 'value1'), 109 ('key2', 'value2')]

110 111

112 - def test_sha1(self):

113 assoc = association.Association.fromExpiresIn( 114 3600, '{sha1}', 'very_secret', "HMAC-SHA1") 115 expected = ('\xe0\x1bv\x04\xf1G\xc0\xbb\x7f\x9a\x8b' 116 '\xe9\xbc\xee}\\\xe5\xbb7*') 117 sig = assoc.sign(self.pairs) 118 self.failUnlessEqual(sig, expected)

119 120 if cryptutil.SHA256_AVAILABLE:

121 - def test_sha256(self):

122 assoc = association.Association.fromExpiresIn( 123 3600, '{sha256SA}', 'very_secret', "HMAC-SHA256") 124 expected = ('\xfd\xaa\xfe;\xac\xfc*\x988\xad\x05d6-\xeaVy' 125 '\xd5\xa5Z.<\xa9\xed\x18\x82\\$\x95x\x1c&') 126 sig = assoc.sign(self.pairs) 127 self.failUnlessEqual(sig, expected)

128 129 130

131 -class TestMessageSigning(unittest.TestCase):

132 - def setUp(self):

133 self.message = m = Message(OPENID2_NS) 134 m.updateArgs(OPENID2_NS, {'mode': 'id_res', 135 'identifier': '=example'}) 136 m.updateArgs(BARE_NS, {'xey': 'value'}) 137 self.args = {'openid.mode': 'id_res', 138 'openid.identifier': '=example', 139 'xey': 'value'}

140 141

142 - def test_signSHA1(self):

143 assoc = association.Association.fromExpiresIn( 144 3600, '{sha1}', 'very_secret', "HMAC-SHA1") 145 signed = assoc.signMessage(self.message) 146 self.failUnless(signed.getArg(OPENID_NS, "sig")) 147 self.failUnlessEqual(signed.getArg(OPENID_NS, "signed"), 148 "assoc_handle,identifier,mode,ns,signed") 149 self.failUnlessEqual(signed.getArg(BARE_NS, "xey"), "value", 150 signed)

151 152 if cryptutil.SHA256_AVAILABLE:

153 - def test_signSHA256(self):

154 assoc = association.Association.fromExpiresIn( 155 3600, '{sha1}', 'very_secret', "HMAC-SHA256") 156 signed = assoc.signMessage(self.message) 157 self.failUnless(signed.getArg(OPENID_NS, "sig")) 158 self.failUnlessEqual(signed.getArg(OPENID_NS, "signed"), 159 "assoc_handle,identifier,mode,ns,signed") 160 self.failUnlessEqual(signed.getArg(BARE_NS, "xey"), "value", 161 signed)

162 163

164 -class TestCheckMessageSignature(unittest.TestCase):

165 - def test_aintGotSignedList(self):

166 m = Message(OPENID2_NS) 167 m.updateArgs(OPENID2_NS, {'mode': 'id_res', 168 'identifier': '=example', 169 'sig': 'coyote', 170 }) 171 m.updateArgs(BARE_NS, {'xey': 'value'}) 172 assoc = association.Association.fromExpiresIn( 173 3600, '{sha1}', 'very_secret', "HMAC-SHA1") 174 self.failUnlessRaises(ValueError, assoc.checkMessageSignature, m)

175 176

177 -def pyUnitTests():

178 return datadriven.loadTests(__name__)

179 180 if __name__ == '__main__': 181 suite = pyUnitTests() 182 runner = unittest.TextTestRunner() 183 runner.run(suite) 184

Source Code for Module openid.test.test_association