openid.test.test_auth

1 import cgi 2 import unittest 3 4 from openid.consumer import consumer 5 from openid import message 6 from openid.test import support 7

8 -class DummyEndpoint(object):

9 preferred_namespace = None 10 local_id = None 11 server_url = None 12 is_op_identifier = False 13

14 - def preferredNamespace(self):

15 return self.preferred_namespace

16

17 - def getLocalID(self):

18 return self.local_id

19

20 - def isOPIdentifier(self):

21 return self.is_op_identifier

22

23 -class DummyAssoc(object):

24 handle = "assoc-handle"

25

26 -class TestAuthRequestMixin(support.OpenIDTestMixin):

27 """Mixin for AuthRequest tests for OpenID 1 and 2; DON'T add 28 unittest.TestCase as a base class here.""" 29 30 preferred_namespace = None 31 immediate = False 32 expected_mode = 'checkid_setup' 33

34 - def setUp(self):

35 self.endpoint = DummyEndpoint() 36 self.endpoint.local_id = 'http://server.unittest/joe' 37 self.endpoint.claimed_id = 'http://joe.vanity.example/' 38 self.endpoint.server_url = 'http://server.unittest/' 39 self.endpoint.preferred_namespace = self.preferred_namespace 40 self.realm = 'http://example/' 41 self.return_to = 'http://example/return/' 42 self.assoc = DummyAssoc() 43 self.authreq = consumer.AuthRequest(self.endpoint, self.assoc)

44

45 - def failUnlessAnonymous(self, msg):

46 for key in ['claimed_id', 'identity']: 47 self.failIfOpenIDKeyExists(msg, key)

48

49 - def failUnlessHasRequiredFields(self, msg):

50 self.failUnlessEqual(self.preferred_namespace, 51 self.authreq.message.getOpenIDNamespace()) 52 53 self.failUnlessEqual(self.preferred_namespace, 54 msg.getOpenIDNamespace()) 55 56 self.failUnlessOpenIDValueEquals(msg, 'mode', 57 self.expected_mode) 58 59 # Implement these in subclasses because they depend on 60 # protocol differences! 61 self.failUnlessHasRealm(msg) 62 self.failUnlessIdentifiersPresent(msg)

63 64 # TESTS 65

66 - def test_checkNoAssocHandle(self):

67 self.authreq.assoc = None 68 msg = self.authreq.getMessage(self.realm, self.return_to, 69 self.immediate) 70 71 self.failIfOpenIDKeyExists(msg, 'assoc_handle')

72

73 - def test_checkWithAssocHandle(self):

74 msg = self.authreq.getMessage(self.realm, self.return_to, 75 self.immediate) 76 77 self.failUnlessOpenIDValueEquals(msg, 'assoc_handle', 78 self.assoc.handle)

79

80 - def test_addExtensionArg(self):

81 self.authreq.addExtensionArg('bag:', 'color', 'brown') 82 self.authreq.addExtensionArg('bag:', 'material', 'paper') 83 self.failUnless('bag:' in self.authreq.message.namespaces) 84 self.failUnlessEqual(self.authreq.message.getArgs('bag:'), 85 {'color': 'brown', 86 'material': 'paper'}) 87 msg = self.authreq.getMessage(self.realm, self.return_to, 88 self.immediate) 89 90 # XXX: this depends on the way that Message assigns 91 # namespaces. Really it doesn't care that it has alias "0", 92 # but that is tested anyway 93 post_args = msg.toPostArgs() 94 self.failUnlessEqual('brown', post_args['openid.ext0.color']) 95 self.failUnlessEqual('paper', post_args['openid.ext0.material'])

96

97 - def test_standard(self):

98 msg = self.authreq.getMessage(self.realm, self.return_to, 99 self.immediate) 100 101 self.failUnlessHasIdentifiers( 102 msg, self.endpoint.local_id, self.endpoint.claimed_id)

103

104 -class TestAuthRequestOpenID2(TestAuthRequestMixin, unittest.TestCase):

105 preferred_namespace = message.OPENID2_NS 106

107 - def failUnlessHasRealm(self, msg):

108 # check presence of proper realm key and absence of the wrong 109 # one. 110 self.failUnlessOpenIDValueEquals(msg, 'realm', self.realm) 111 self.failIfOpenIDKeyExists(msg, 'trust_root')

112

113 - def failUnlessIdentifiersPresent(self, msg):

114 identity_present = msg.hasKey(message.OPENID_NS, 'identity') 115 claimed_present = msg.hasKey(message.OPENID_NS, 'claimed_id') 116 117 self.failUnlessEqual(claimed_present, identity_present)

118

119 - def failUnlessHasIdentifiers(self, msg, op_specific_id, claimed_id):

120 self.failUnlessOpenIDValueEquals(msg, 'identity', op_specific_id) 121 self.failUnlessOpenIDValueEquals(msg, 'claimed_id', claimed_id)

122 123 # TESTS 124

125 - def test_setAnonymousWorksForOpenID2(self):

126 """OpenID AuthRequests should be able to set 'anonymous' to true.""" 127 self.failUnless(self.authreq.message.isOpenID2()) 128 self.authreq.setAnonymous(True) 129 self.authreq.setAnonymous(False)

130

131 - def test_userAnonymousIgnoresIdentfier(self):

132 self.authreq.setAnonymous(True) 133 msg = self.authreq.getMessage(self.realm, self.return_to, 134 self.immediate) 135 self.failUnlessHasRequiredFields(msg) 136 self.failUnlessAnonymous(msg)

137

138 - def test_opAnonymousIgnoresIdentifier(self):

139 self.endpoint.is_op_identifier = True 140 self.authreq.setAnonymous(True) 141 msg = self.authreq.getMessage(self.realm, self.return_to, 142 self.immediate) 143 self.failUnlessHasRequiredFields(msg) 144 self.failUnlessAnonymous(msg)

145

146 - def test_opIdentifierSendsIdentifierSelect(self):

147 self.endpoint.is_op_identifier = True 148 msg = self.authreq.getMessage(self.realm, self.return_to, 149 self.immediate) 150 self.failUnlessHasRequiredFields(msg) 151 self.failUnlessHasIdentifiers( 152 msg, message.IDENTIFIER_SELECT, message.IDENTIFIER_SELECT)

153

154 -class TestAuthRequestOpenID1(TestAuthRequestMixin, unittest.TestCase):

155 preferred_namespace = message.OPENID1_NS 156

157 - def setUpEndpoint(self):

158 TestAuthRequestBase.setUpEndpoint(self) 159 self.endpoint.preferred_namespace = message.OPENID1_NS

160

161 - def failUnlessHasIdentifiers(self, msg, op_specific_id, claimed_id):

162 """Make sure claimed_is is *absent* in request.""" 163 self.failUnlessOpenIDValueEquals(msg, 'identity', op_specific_id) 164 self.failIfOpenIDKeyExists(msg, 'claimed_id')

165

166 - def failUnlessIdentifiersPresent(self, msg):

167 self.failIfOpenIDKeyExists(msg, 'claimed_id') 168 self.failUnless(msg.hasKey(message.OPENID_NS, 'identity'))

169

170 - def failUnlessHasRealm(self, msg):

171 # check presence of proper realm key and absence of the wrong 172 # one. 173 self.failUnlessOpenIDValueEquals(msg, 'trust_root', self.realm) 174 self.failIfOpenIDKeyExists(msg, 'realm')

175 176 # TESTS 177

178 - def test_setAnonymousFailsForOpenID1(self):

179 """OpenID 1 requests MUST NOT be able to set anonymous to True""" 180 self.failUnless(self.authreq.message.isOpenID1()) 181 self.failUnlessRaises(ValueError, self.authreq.setAnonymous, True) 182 self.authreq.setAnonymous(False)

183

184 - def test_identifierSelect(self):

185 """Identfier select SHOULD NOT be sent, but this pathway is in 186 here in case some special discovery stuff is done to trigger 187 it with OpenID 1. If it is triggered, it will send 188 identifier_select just like OpenID 2. 189 """ 190 self.endpoint.is_op_identifier = True 191 msg = self.authreq.getMessage(self.realm, self.return_to, 192 self.immediate) 193 self.failUnlessHasRequiredFields(msg) 194 self.failUnlessEqual(message.IDENTIFIER_SELECT, 195 msg.getArg(message.OPENID1_NS, 'identity'))

196

197 -class TestAuthRequestOpenID1Immediate(TestAuthRequestOpenID1):

198 immediate = True 199 expected_mode = 'checkid_immediate'

200

201 -class TestAuthRequestOpenID2Immediate(TestAuthRequestOpenID2):

202 immediate = True 203 expected_mode = 'checkid_immediate'

204 205 if __name__ == '__main__': 206 unittest.main() 207

Source Code for Module openid.test.test_auth_request