imacat/flask-digestauth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 16 Wiki Activity

Added to test the stale value of the WWW-Authenticate response header in the AuthenticationTestCase and FlaskLoginTestCase test cases.

Browse Source
This commit is contained in:
依瑪貓 2022-11-24 21:53:21 +11:00
parent 3dcc409bef
commit 78514a8f17
2 changed files with 73 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
tests/test_auth.py
View File

@ -24,6 +24,7 @@ from types import SimpleNamespace
from flask import Response, Flask, g from flask import Response, Flask, g
from flask_testing import TestCase from flask_testing import TestCase
from werkzeug.datastructures import WWWAuthenticate, Authorization
from flask_digest_auth import DigestAuth, make_password_hash, Client from flask_digest_auth import DigestAuth, make_password_hash, Client
@ -106,3 +107,35 @@ class AuthenticationTestCase(TestCase):
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
self.assertEqual(response.data.decode("UTF-8"), self.assertEqual(response.data.decode("UTF-8"),
f"Hello, {_USERNAME}! #2") f"Hello, {_USERNAME}! #2")
def test_stale(self) -> None:
"""Tests the stale value.
:return: None.
"""
uri: str = self.app.url_for("auth-1")
response: Response = self.client.get(uri)
self.assertEqual(response.status_code, 401)
www_authenticate: WWWAuthenticate = response.www_authenticate
self.assertEqual(www_authenticate.type, "digest")
self.assertEqual(www_authenticate.stale, None)
www_authenticate.nonce = "bad"
auth_data: Authorization = Client.make_authorization(
www_authenticate, uri, _USERNAME, _PASSWORD)
response = self.client.get(uri, auth=auth_data)
self.assertEqual(response.status_code, 401)
www_authenticate = response.www_authenticate
self.assertEqual(www_authenticate.stale, True)
auth_data = Client.make_authorization(
www_authenticate, uri, _USERNAME, _PASSWORD + "2")
response = self.client.get(uri, auth=auth_data)
self.assertEqual(response.status_code, 401)
www_authenticate = response.www_authenticate
self.assertEqual(www_authenticate.stale, False)
auth_data = Client.make_authorization(
www_authenticate, uri, _USERNAME, _PASSWORD)
response = self.client.get(uri, auth=auth_data)
self.assertEqual(response.status_code, 200)

41
tests/test_flask_login.py
View File

@ -21,8 +21,9 @@
import typing as t import typing as t
from secrets import token_urlsafe from secrets import token_urlsafe
from flask import Response, Flask from flask import Response, Flask, g
from flask_testing import TestCase from flask_testing import TestCase
from werkzeug.datastructures import WWWAuthenticate, Authorization
from flask_digest_auth import DigestAuth, make_password_hash, Client from flask_digest_auth import DigestAuth, make_password_hash, Client
@ -135,3 +136,41 @@ class FlaskLoginTestCase(TestCase):
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
self.assertEqual(response.data.decode("UTF-8"), self.assertEqual(response.data.decode("UTF-8"),
f"Hello, {_USERNAME}! #2") f"Hello, {_USERNAME}! #2")
def test_stale(self) -> None:
"""Tests the stale value.
:return: None.
"""
uri: str = self.app.url_for("auth-1")
response: Response = self.client.get(uri)
self.assertEqual(response.status_code, 401)
www_authenticate: WWWAuthenticate = response.www_authenticate
self.assertEqual(www_authenticate.type, "digest")
self.assertEqual(www_authenticate.stale, None)
if hasattr(g, "_login_user"):
delattr(g, "_login_user")
www_authenticate.nonce = "bad"
auth_data: Authorization = Client.make_authorization(
www_authenticate, uri, _USERNAME, _PASSWORD)
response = self.client.get(uri, auth=auth_data)
self.assertEqual(response.status_code, 401)
www_authenticate = response.www_authenticate
self.assertEqual(www_authenticate.stale, True)
if hasattr(g, "_login_user"):
delattr(g, "_login_user")
auth_data = Client.make_authorization(
www_authenticate, uri, _USERNAME, _PASSWORD + "2")
response = self.client.get(uri, auth=auth_data)
self.assertEqual(response.status_code, 401)
www_authenticate = response.www_authenticate
self.assertEqual(www_authenticate.stale, False)
if hasattr(g, "_login_user"):
delattr(g, "_login_user")
auth_data = Client.make_authorization(
www_authenticate, uri, _USERNAME, _PASSWORD)
response = self.client.get(uri, auth=auth_data)
self.assertEqual(response.status_code, 200)