1 | # Tests for waeup.cas.authentictors |
---|
2 | import os |
---|
3 | import threading |
---|
4 | import unittest |
---|
5 | from paste.deploy import loadapp |
---|
6 | try: |
---|
7 | from SimpleXMLRPCServer import SimpleXMLRPCServer # Python 2.x |
---|
8 | except ImportError: |
---|
9 | from xmlrpc.server import SimpleXMLRPCServer # Python 3.x |
---|
10 | try: |
---|
11 | import xmlrpclib # Python 2.x |
---|
12 | except ImportError: |
---|
13 | import xmlrpc.client as xmlrpclib # Python 3.x |
---|
14 | from waeup.cas.authenticators import ( |
---|
15 | get_all_authenticators, get_authenticator, filter_auth_opts, |
---|
16 | Authenticator, DummyAuthenticator, KofaAuthenticator, |
---|
17 | KofaMoodleAuthenticator |
---|
18 | ) |
---|
19 | from waeup.cas.server import CASServer |
---|
20 | |
---|
21 | |
---|
22 | class TestHelpers(unittest.TestCase): |
---|
23 | |
---|
24 | def test_get_all_authenticators(self): |
---|
25 | # we can get authenticators via entry points |
---|
26 | auths = get_all_authenticators() |
---|
27 | assert 'dummy' in auths |
---|
28 | assert auths['dummy'] is DummyAuthenticator |
---|
29 | |
---|
30 | def test_filter_auth_opts(self): |
---|
31 | # we can filter auth opts |
---|
32 | result = filter_auth_opts( |
---|
33 | dict(auth='foo', auth_bar='baz', auth_baz='blah') |
---|
34 | ) |
---|
35 | assert result == ( |
---|
36 | {'auth': 'foo'}, |
---|
37 | {'auth_bar': 'baz', 'auth_baz': 'blah'} |
---|
38 | ) |
---|
39 | |
---|
40 | def test_get_authenticator(self): |
---|
41 | # we can parse a paste.deploy config dict for auth |
---|
42 | result = get_authenticator({}) |
---|
43 | assert result == {} |
---|
44 | result = get_authenticator({'auth': 'dummy'}) |
---|
45 | assert isinstance(result['auth'], DummyAuthenticator) |
---|
46 | |
---|
47 | |
---|
48 | class AuthenticatorTests(unittest.TestCase): |
---|
49 | |
---|
50 | def test_create(self): |
---|
51 | # we can create Authenticator instances |
---|
52 | auth = Authenticator() |
---|
53 | assert isinstance(auth, Authenticator) |
---|
54 | |
---|
55 | |
---|
56 | class DummyAuthenticatorTests(unittest.TestCase): |
---|
57 | |
---|
58 | def test_create(self): |
---|
59 | # we can create DummyAuthenticator instances |
---|
60 | auth = DummyAuthenticator() |
---|
61 | assert isinstance(auth, DummyAuthenticator) |
---|
62 | |
---|
63 | def test_check_credentials(self): |
---|
64 | # we can succeed with 'bird'/'bebop'. Others will fail. |
---|
65 | auth = DummyAuthenticator() |
---|
66 | result1 = auth.check_credentials('bird', 'bebop') |
---|
67 | assert result1 == (True, '') |
---|
68 | result2 = auth.check_credentials('foo', 'bar') |
---|
69 | assert result2 == (False, 'Invalid username or password.') |
---|
70 | |
---|
71 | |
---|
72 | BACKENDS1 = dict( |
---|
73 | inst1=dict( |
---|
74 | url='http://localhost:6666/app', |
---|
75 | marker='^MA-', |
---|
76 | ) |
---|
77 | ) |
---|
78 | |
---|
79 | BACKENDS2 = dict( |
---|
80 | inst1=dict( |
---|
81 | url='http://localhost:6666/', |
---|
82 | marker='^SCHOOL1-', |
---|
83 | ) |
---|
84 | ) |
---|
85 | |
---|
86 | BACKENDS3 = dict( |
---|
87 | inst1=dict( |
---|
88 | url='http://localhost:6666/', |
---|
89 | marker='^SCHOOL1-', |
---|
90 | moodle_url = 'http://localhost:7777/', |
---|
91 | ) |
---|
92 | ) |
---|
93 | |
---|
94 | class KofaAuthenticatorTests(unittest.TestCase): |
---|
95 | |
---|
96 | def test_create(self): |
---|
97 | # we can create KofaAuthenticator instances |
---|
98 | auth = KofaAuthenticator() |
---|
99 | assert isinstance(auth, KofaAuthenticator) |
---|
100 | |
---|
101 | def test_options_defaults(self): |
---|
102 | # all options have sensible defaults |
---|
103 | auth = KofaAuthenticator() |
---|
104 | assert auth.backends == {} |
---|
105 | |
---|
106 | def test_options(self): |
---|
107 | # we can pass options |
---|
108 | auth = KofaAuthenticator(auth_backends=str(BACKENDS1)) |
---|
109 | assert auth.backends == BACKENDS1 |
---|
110 | auth = KofaAuthenticator(auth_backends='{"foo": {"url": "bar"}}') |
---|
111 | assert auth.backends['foo']['marker'] == '.+' |
---|
112 | self.assertRaises( |
---|
113 | ValueError, KofaAuthenticator, auth_backends='not-a-py-expr') |
---|
114 | self.assertRaises( |
---|
115 | ValueError, KofaAuthenticator, auth_backends='"Not a dict"') |
---|
116 | self.assertRaises( |
---|
117 | ValueError, KofaAuthenticator, |
---|
118 | auth_backends='{"foo": "not-a-dict"}') |
---|
119 | self.assertRaises( |
---|
120 | ValueError, KofaAuthenticator, |
---|
121 | auth_backends='{"foo": {"no-url-key": "bar"}}') |
---|
122 | self.assertRaises( |
---|
123 | ValueError, KofaAuthenticator, |
---|
124 | auth_backends='{"foo": {"url": "bar", "marker": "inv_re)"}}') |
---|
125 | |
---|
126 | def test_paste_deploy_options(self): |
---|
127 | # we can set CAS server-related options via paste.deploy config |
---|
128 | paste_conf = os.path.join( |
---|
129 | os.path.dirname(__file__), 'sample3.ini') |
---|
130 | app = loadapp('config:%s' % paste_conf) |
---|
131 | assert isinstance(app, CASServer) |
---|
132 | assert app.db_connection_string == 'sqlite:///:memory:' |
---|
133 | assert isinstance(app.auth, KofaAuthenticator) |
---|
134 | |
---|
135 | class KofaMoodleAuthenticatorTests(unittest.TestCase): |
---|
136 | |
---|
137 | def test_paste_deploy_options(self): |
---|
138 | # we can set CAS server-related options via paste.deploy config |
---|
139 | paste_conf = os.path.join( |
---|
140 | os.path.dirname(__file__), 'sample4.ini') |
---|
141 | app = loadapp('config:%s' % paste_conf) |
---|
142 | assert isinstance(app, CASServer) |
---|
143 | assert app.db_connection_string == 'sqlite:///:memory:' |
---|
144 | assert isinstance(app.auth, KofaAuthenticator) |
---|
145 | assert app.auth.name == 'kofa_moodle1' |
---|
146 | auth_backends = { |
---|
147 | 'kofa_moodle1': |
---|
148 | {'url': 'http://xmlrpcuser1:xmlrpcuser1@localhost:8080/app1/', |
---|
149 | 'marker': '^K', |
---|
150 | 'moodle_url': 'http://localhost/moodle/webservice/xmlrpc/server.php?wstoken=de1e1cbacf91ec6290bb6f6339122e7d', |
---|
151 | }, |
---|
152 | } |
---|
153 | assert app.auth.backends == auth_backends |
---|
154 | |
---|
155 | |
---|
156 | class FakeKofaServer(SimpleXMLRPCServer): |
---|
157 | # A fake Kofa server that provides only XMLRPC methods |
---|
158 | |
---|
159 | allow_reuse_address = True |
---|
160 | |
---|
161 | def __init__(self, *args, **kw): |
---|
162 | kw.update(allow_none=True) |
---|
163 | SimpleXMLRPCServer.__init__(self, *args, **kw) |
---|
164 | self.register_function( |
---|
165 | self._check_credentials, 'check_applicant_credentials') |
---|
166 | self.register_function( |
---|
167 | self._check_credentials, 'check_student_credentials') |
---|
168 | self.register_function( |
---|
169 | self._get_moodle_data, 'get_student_moodle_data') |
---|
170 | self.register_function( |
---|
171 | self._get_moodle_data, 'get_applicant_moodle_data') |
---|
172 | |
---|
173 | def _check_credentials(self, username, password): |
---|
174 | # fake waeup.kofa check_credentials method. |
---|
175 | # |
---|
176 | # This method is supposed to mimic the behaviour of an |
---|
177 | # original waeup.kofa check_credentials method. It returns a |
---|
178 | # positive result for the credentials `bird`/`bebop`. |
---|
179 | if username == 'bird' and password == 'bebop': |
---|
180 | return {'id': 'bird', 'email': 'bird@gods.net', |
---|
181 | 'description': 'Mr. Charles Parker', |
---|
182 | 'type': 'student'} |
---|
183 | if username == 'pig' and password == 'pog': |
---|
184 | return {'id': 'pig', 'email': 'pig@gods.net', |
---|
185 | 'description': 'Mr. Ray Charles', |
---|
186 | 'type': 'applicant'} |
---|
187 | if username in ( |
---|
188 | 'fault1', 'fault2', 'fault3', 'fault4') and password == 'biz': |
---|
189 | return {'type': 'student'} |
---|
190 | if username == 'fault5' and password == 'biz': |
---|
191 | return {'type': 'applicant'} |
---|
192 | return None |
---|
193 | |
---|
194 | def _get_moodle_data(self, username): |
---|
195 | # fake waeup.kofa get_student_moodle_data method. |
---|
196 | if username == 'bird': |
---|
197 | return dict(email='aa@aa.aa', |
---|
198 | firstname='Charles', |
---|
199 | lastname='Parker', |
---|
200 | ) |
---|
201 | if username == 'pig': |
---|
202 | return dict(email='bb@bb.bb', |
---|
203 | firstname='Ray', |
---|
204 | lastname='Charles', |
---|
205 | ) |
---|
206 | if username in ('fault1', 'fault2', 'fault3', 'fault4', 'fault5'): |
---|
207 | return dict(email='ff@ff.ff', |
---|
208 | firstname='John', |
---|
209 | lastname='Fault', |
---|
210 | ) |
---|
211 | |
---|
212 | class FakeMoodleServer(SimpleXMLRPCServer): |
---|
213 | # A fake Moodle server that provides only XMLRPC methods |
---|
214 | |
---|
215 | allow_reuse_address = True |
---|
216 | |
---|
217 | def __init__(self, *args, **kw): |
---|
218 | kw.update(allow_none=True) |
---|
219 | SimpleXMLRPCServer.__init__(self, *args, **kw) |
---|
220 | self.register_function( |
---|
221 | self._core_user_create_users, 'core_user_create_users') |
---|
222 | self.register_function( |
---|
223 | self._core_user_get_users, 'core_user_get_users') |
---|
224 | self.register_function( |
---|
225 | self._core_user_update_users, 'core_user_update_users') |
---|
226 | |
---|
227 | def _core_user_create_users(self, arg): |
---|
228 | # fake Moodle core_user_create_users method. |
---|
229 | if arg[0]['username'] == 'fault1': |
---|
230 | raise xmlrpclib.Fault('faultCode', 'faultString') |
---|
231 | if arg[0]['username'] in ('fault4', 'fault5'): |
---|
232 | raise xmlrpclib.Fault('faultCode', 'Username already exists') |
---|
233 | return None |
---|
234 | |
---|
235 | def _core_user_get_users(self, arg): |
---|
236 | # fake Moodle core_user_get_users method. |
---|
237 | if arg[0]['value'] == 'fault2': |
---|
238 | raise xmlrpclib.Fault('faultCode', 'faultString') |
---|
239 | if arg[0]['value'] == 'fault3': |
---|
240 | return {'users':[{'id':'fault3'}]} |
---|
241 | return {'users':[{'id':'any id'}]} |
---|
242 | |
---|
243 | def _core_user_update_users(self, arg): |
---|
244 | # fake Moodle core_user_update_users method. |
---|
245 | if arg[0]['id'] == 'fault3': |
---|
246 | raise xmlrpclib.Fault('faultCode', 'faultString') |
---|
247 | return None |
---|
248 | |
---|
249 | class KofaAuthenticatorsIntegrationTests(unittest.TestCase): |
---|
250 | # A test case where a fake Kofa server is started before tests (and |
---|
251 | # shut down afterwards). |
---|
252 | |
---|
253 | kofa_server = None |
---|
254 | kofa_th = None |
---|
255 | moodle_server = None |
---|
256 | moodle_th = None |
---|
257 | |
---|
258 | @classmethod |
---|
259 | def setUpClass(cls): |
---|
260 | # set up a fake kofa server |
---|
261 | cls.kofa_server = FakeKofaServer(('localhost', 6666)) |
---|
262 | cls.kofa_th = threading.Thread(target=cls.kofa_server.serve_forever) |
---|
263 | cls.kofa_th.daemon = True |
---|
264 | cls.kofa_th.start() |
---|
265 | # set up a fake moodle server |
---|
266 | cls.moodle_server = FakeMoodleServer(('localhost', 7777)) |
---|
267 | cls.moodle_th = threading.Thread(target=cls.moodle_server.serve_forever) |
---|
268 | cls.moodle_th.daemon = True |
---|
269 | cls.moodle_th.start() |
---|
270 | |
---|
271 | @classmethod |
---|
272 | def tearDownClass(cls): |
---|
273 | # tear down fake kofa server |
---|
274 | cls.kofa_server.shutdown() |
---|
275 | cls.kofa_server.server_close() |
---|
276 | # tear down fake moodle server |
---|
277 | cls.moodle_server.shutdown() |
---|
278 | cls.moodle_server.server_close() |
---|
279 | |
---|
280 | def test_fake_kofa_works(self): |
---|
281 | # make sure the local fake kofa works |
---|
282 | proxy = xmlrpclib.ServerProxy("http://localhost:6666", allow_none=True) |
---|
283 | result = proxy.check_student_credentials('bird', 'bebop') |
---|
284 | assert result == { |
---|
285 | 'description': 'Mr. Charles Parker', |
---|
286 | 'email': 'bird@gods.net', |
---|
287 | 'id': 'bird', |
---|
288 | 'type': 'student'} |
---|
289 | result = proxy.check_applicant_credentials('pig', 'pog') |
---|
290 | assert result == { |
---|
291 | 'description': 'Mr. Ray Charles', |
---|
292 | 'email': 'pig@gods.net', |
---|
293 | 'id': 'pig', |
---|
294 | 'type': 'applicant'} |
---|
295 | result = proxy.get_student_moodle_data('pig') |
---|
296 | assert result == { |
---|
297 | 'lastname': 'Charles', |
---|
298 | 'email': 'bb@bb.bb', |
---|
299 | 'firstname': 'Ray', |
---|
300 | } |
---|
301 | result = proxy.get_applicant_moodle_data('pig') |
---|
302 | assert result == { |
---|
303 | 'lastname': 'Charles', |
---|
304 | 'email': 'bb@bb.bb', |
---|
305 | 'firstname': 'Ray', |
---|
306 | } |
---|
307 | return |
---|
308 | |
---|
309 | def test_fake_moodle_works(self): |
---|
310 | # make sure the local fake moodle works |
---|
311 | proxy = xmlrpclib.ServerProxy("http://localhost:7777", allow_none=True) |
---|
312 | # test core_user_create_users |
---|
313 | result = proxy.core_user_create_users( |
---|
314 | [{'username': 'any name'}]) |
---|
315 | assert result == None |
---|
316 | self.assertRaises( |
---|
317 | xmlrpclib.Fault, proxy.core_user_create_users, |
---|
318 | [{'username': 'fault1'}]) |
---|
319 | # test core_user_get_users |
---|
320 | result = proxy.core_user_get_users( |
---|
321 | [{'key': 'username', 'value': 'any name'}]) |
---|
322 | assert result == {'users':[{'id':'any id'}]} |
---|
323 | self.assertRaises( |
---|
324 | xmlrpclib.Fault, proxy.core_user_get_users, |
---|
325 | [{'key': 'username', 'value': 'fault2'}]) |
---|
326 | # test core_user_update_users |
---|
327 | result = proxy.core_user_update_users( |
---|
328 | [{'id': 'any id'}]) |
---|
329 | assert result == None |
---|
330 | self.assertRaises( |
---|
331 | xmlrpclib.Fault, proxy.core_user_update_users, |
---|
332 | [{'id': 'fault3'}]) |
---|
333 | return |
---|
334 | |
---|
335 | def test_check_credentials_KofaAuthenticator(self): |
---|
336 | # we get real responses when querying Kofa instances |
---|
337 | auth = KofaAuthenticator(auth_backends=str(BACKENDS2)) |
---|
338 | result1 = auth.check_credentials('SCHOOL1-bird', 'bebop') |
---|
339 | assert result1 == (True, '') |
---|
340 | result2 = auth.check_credentials('SCHOOL1-foo', 'bar') |
---|
341 | assert result2 == (False, 'Invalid username or password.') |
---|
342 | result3 = auth.check_credentials('SCHOOL2-bar', 'baz') |
---|
343 | assert result3 == (False, 'Invalid username or password.') |
---|
344 | |
---|
345 | def test_check_credentials_KofaMoodleAuthenticator(self): |
---|
346 | # we get real responses when querying Kofa instances |
---|
347 | auth = KofaMoodleAuthenticator(auth_backends=str(BACKENDS3)) |
---|
348 | result1s = auth.check_credentials('SCHOOL1-bird', 'bebop') |
---|
349 | assert result1s == (True, '') |
---|
350 | result1a = auth.check_credentials('SCHOOL1-pig', 'pog') |
---|
351 | assert result1a == (True, '') |
---|
352 | result2s = auth.check_credentials('SCHOOL1-foo', 'bar') |
---|
353 | assert result2s == ( |
---|
354 | False, 'Invalid username or password or user not eligible.') |
---|
355 | result3s = auth.check_credentials('SCHOOL2-bar', 'baz') |
---|
356 | assert result3s == ( |
---|
357 | False, 'Invalid username or password or user not eligible.') |
---|
358 | |
---|
359 | # exceptions are raised in the follwoing cases |
---|
360 | result4s = auth.check_credentials('SCHOOL1-fault1', 'biz') |
---|
361 | assert result4s == (False, 'faultString') |
---|
362 | result5s = auth.check_credentials('SCHOOL1-fault2', 'biz') |
---|
363 | assert result5s == (False, 'faultString') |
---|
364 | result6s = auth.check_credentials('SCHOOL1-fault3', 'biz') |
---|
365 | assert result6s == (False, 'faultString') |
---|
366 | |
---|
367 | # no exception if user exists |
---|
368 | result7s = auth.check_credentials('SCHOOL1-fault4', 'biz') |
---|
369 | assert result7s == (True, '') |
---|
370 | result7a = auth.check_credentials('SCHOOL1-fault5', 'biz') |
---|
371 | assert result7a == (True, '') |
---|