[CalendarServer-changes] [12613] CalendarServer/trunk/txdav/dps
source_changes at macosforge.org
source_changes at macosforge.org
Wed Mar 12 11:23:35 PDT 2014
Revision: 12613
http://trac.calendarserver.org//changeset/12613
Author: sagen at apple.com
Date: 2014-02-07 15:48:49 -0800 (Fri, 07 Feb 2014)
Log Message:
-----------
Test for DPS digest auth
Modified Paths:
--------------
CalendarServer/trunk/txdav/dps/client.py
CalendarServer/trunk/txdav/dps/commands.py
CalendarServer/trunk/txdav/dps/server.py
CalendarServer/trunk/txdav/dps/test/test_client.py
Modified: CalendarServer/trunk/txdav/dps/client.py
===================================================================
--- CalendarServer/trunk/txdav/dps/client.py 2014-02-07 20:43:59 UTC (rev 12612)
+++ CalendarServer/trunk/txdav/dps/client.py 2014-02-07 23:48:49 UTC (rev 12613)
@@ -186,6 +186,7 @@
return self.service._call(
VerifyHTTPDigestCommand,
lambda x: x['authenticated'],
+ uid=self.uid.encode("utf-8"),
username=username.encode("utf-8"),
realm=realm.encode("utf-8"),
uri=uri.encode("utf-8"),
@@ -212,7 +213,7 @@
print("uid: {r}".format(r=record))
if record:
authenticated = (yield record.verifyPlaintextPassword("erd"))
- print("authenticated: {a}".format(a=authenticated))
+ print("plain auth: {a}".format(a=authenticated))
"""
record = (yield ds.recordWithGUID("A3B1158F-0564-4F5B-81E4-A89EA5FF81B0"))
print("guid: {r}".format(r=record))
Modified: CalendarServer/trunk/txdav/dps/commands.py
===================================================================
--- CalendarServer/trunk/txdav/dps/commands.py 2014-02-07 20:43:59 UTC (rev 12612)
+++ CalendarServer/trunk/txdav/dps/commands.py 2014-02-07 23:48:49 UTC (rev 12613)
@@ -94,6 +94,7 @@
class VerifyHTTPDigestCommand(amp.Command):
arguments = [
+ ('uid', amp.String()),
('username', amp.String()),
('realm', amp.String()),
('uri', amp.String()),
Modified: CalendarServer/trunk/txdav/dps/server.py
===================================================================
--- CalendarServer/trunk/txdav/dps/server.py 2014-02-07 20:43:59 UTC (rev 12612)
+++ CalendarServer/trunk/txdav/dps/server.py 2014-02-07 23:48:49 UTC (rev 12613)
@@ -175,9 +175,10 @@
@VerifyHTTPDigestCommand.responder
@inlineCallbacks
def verifyHTTPDigest(
- self, username, realm, uri, nonce, cnonce,
+ self, uid, username, realm, uri, nonce, cnonce,
algorithm, nc, qop, response, method,
):
+ uid = uid.decode("utf-8")
username = username.decode("utf-8")
realm = realm.decode("utf-8")
uri = uri.decode("utf-8")
@@ -189,8 +190,7 @@
response = response.decode("utf-8")
method = method.decode("utf-8")
log.debug("VerifyHTTPDigest: {u}", u=username)
- record = (yield self._directory.recordWithShortName(
- self._directory.recordType.user, username))
+ record = (yield self._directory.recordWithUID(uid))
authenticated = False
if record is not None:
authenticated = (
Modified: CalendarServer/trunk/txdav/dps/test/test_client.py
===================================================================
--- CalendarServer/trunk/txdav/dps/test/test_client.py 2014-02-07 20:43:59 UTC (rev 12612)
+++ CalendarServer/trunk/txdav/dps/test/test_client.py 2014-02-07 23:48:49 UTC (rev 12613)
@@ -25,9 +25,17 @@
from twisted.trial import unittest
from txdav.dps.client import DirectoryService
from txdav.dps.server import DirectoryProxyAMPProtocol
-from txdav.who.xml import DirectoryService as XMLDirectoryService
+testMode = "xml" # "xml" or "od"
+if testMode == "xml":
+ from txdav.who.xml import DirectoryService as XMLDirectoryService
+elif testMode == "od":
+ odpw = "__secret__"
+ from twext.who.opendirectory import DirectoryService as OpenDirectoryService
+
+
+
class DPSClientTest(unittest.TestCase):
def setUp(self):
@@ -36,8 +44,11 @@
self.directory = DirectoryService(None)
# The "remote" directory service
- path = os.path.join(os.path.dirname(__file__), "test.xml")
- remoteDirectory = XMLDirectoryService(FilePath(path))
+ if testMode == "xml":
+ path = os.path.join(os.path.dirname(__file__), "test.xml")
+ remoteDirectory = XMLDirectoryService(FilePath(path))
+ elif testMode == "od":
+ remoteDirectory = OpenDirectoryService()
# Connect the two services directly via an IOPump
client = AMP()
@@ -102,57 +113,61 @@
@inlineCallbacks
def test_verifyPlaintextPassword(self):
- record = (yield self.directory.recordWithUID("__dre__"))
+ if testMode == "xml":
+ expectations = (
+ ("erd", True), # Correct
+ ("wrong", False) # Incorrect
+ )
+ record = (yield self.directory.recordWithShortName(RecordType.user, "dre"))
+ elif testMode == "od":
+ expectations = (
+ (odpw, True), # Correct
+ ("wrong", False) # Incorrect
+ )
+ record = (yield self.directory.recordWithGUID("D0B38B00-4166-11DD-B22C-A07C87F02F6A"))
- # Correct password
- authenticated = (yield record.verifyPlaintextPassword("erd"))
- self.assertTrue(authenticated)
+ for password, answer in expectations:
+ authenticated = (yield record.verifyPlaintextPassword(password))
+ self.assertEquals(authenticated, answer)
- # Incorrect password
- authenticated = (yield record.verifyPlaintextPassword("wrong"))
- self.assertFalse(authenticated)
-
@inlineCallbacks
def test_verifyHTTPDigest(self):
- username = "dre"
- record = (yield self.directory.recordWithShortName(
- RecordType.user, username))
- realm = u"xyzzy"
+ if testMode == "xml":
+ username = "dre"
+ expectations = (
+ ("erd", True), # Correct
+ ("wrong", False) # Incorrect
+ )
+ record = (yield self.directory.recordWithShortName(RecordType.user, "dre"))
+ elif testMode == "od":
+ username = "sagen"
+ expectations = (
+ (odpw, True), # Correct
+ ("wrong", False) # Incorrect
+ )
+ record = (yield self.directory.recordWithGUID("D0B38B00-4166-11DD-B22C-A07C87F02F6A"))
+
+ realm = "host.example.com"
nonce = "128446648710842461101646794502"
- nc = "00000001"
- cnonce = "/rrD6TqPA3lHRmg+fw/vyU6oWoQgzK7h9yWrsCmv/lE="
- algo = "md5"
+ algorithm = "md5"
uri = "http://host.example.com"
method = "GET"
- qop = ""
- # Correct password
- password = "erd"
- expected = calcResponse(
- calcHA1(algo, username, realm, password, nonce, cnonce),
- calcHA2(algo, method, uri, qop, None),
- algo, nonce, nc, cnonce, qop)
+ for password, answer in expectations:
+ for qop, nc, cnonce in (
+ ("", "", ""),
+ ("auth", "00000001", "/rrD6TqPA3lHRmg+fw/vyU6oWoQgzK7h9yWrsCmv/lE="),
+ ):
+ response = calcResponse(
+ calcHA1(algorithm, username, realm, password, nonce, cnonce),
+ calcHA2(algorithm, method, uri, qop, None),
+ algorithm, nonce, nc, cnonce, qop)
- authenticated = (
- yield record.verifyHTTPDigest(
- username, realm, uri, nonce, cnonce, algo, nc, qop,
- expected, method
- )
- )
- self.assertTrue(authenticated)
-
- # Incorrect password
- password = "wrong"
- expected = calcResponse(
- calcHA1(algo, username, realm, password, nonce, cnonce),
- calcHA2(algo, method, uri, qop, None),
- algo, nonce, nc, cnonce, qop)
-
- authenticated = (
- yield record.verifyHTTPDigest(
- username, realm, uri, nonce, cnonce, algo, nc, qop,
- expected, method
- )
- )
- self.assertFalse(authenticated)
+ authenticated = (
+ yield record.verifyHTTPDigest(
+ username, realm, uri, nonce, cnonce, algorithm, nc, qop,
+ response, method
+ )
+ )
+ self.assertEquals(authenticated, answer)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20140312/a7bac05d/attachment.html>
More information about the calendarserver-changes
mailing list