Context navigation

source: main/waeup.cas/trunk/waeup/cas/tests/test_server.py @ 10492

Last change on this file since 10492 was 10492, checked in by uli, 11 years ago
Update regression test to allow query params in arbitrary order.
File size: 22.8 KB

Rev	Line
[10321]	1	import os
[10394]	2	import re
[10321]	3	import shutil
	4	import tempfile
	5	import unittest
	6	from paste.deploy import loadapp
[10492]	7	from urlparse import parse_qsl
[10394]	8	from webob import Request, Response
	9	from webtest import TestApp as WebTestApp # avoid py.test skip message
	10	from waeup.cas.authenticators import DummyAuthenticator
	11	from waeup.cas.db import DB, LoginTicket, ServiceTicket, TicketGrantingCookie
	12	from waeup.cas.server import (
	13	CASServer, create_service_ticket, create_login_ticket,
	14	create_tgc_value, check_login_ticket, set_session_cookie,
[10414]	15	check_session_cookie, get_template, delete_session_cookie,
[10491]	16	check_service_ticket, update_url
[10394]	17	)
[10321]	18
[10394]	19	RE_ALPHABET = re.compile('^[a-zA-Z0-9\-]*$')
	20	RE_COOKIE = re.compile('^cas-tgc=[A-Za-z0-9\-]+; Path=/; secure; HttpOnly$')
[10414]	21	RE_COOKIE_DEL = re.compile(
	22	'^cas-tgc=; Max-Age=\-[0-9]+; Path=/; '
	23	'expires=Thu, 01-Jan-1970 00:00:00 GMT; secure; HttpOnly$')
[10394]	24
	25
[10321]	26	class CASServerTests(unittest.TestCase):
	27
	28	def setUp(self):
[10348]	29	# Create a new location where tempfiles are created. This way
	30	# also temporary dirs of local CASServers can be removed on
	31	# tear-down.
	32	self._new_tmpdir = tempfile.mkdtemp()
	33	self._old_tmpdir = tempfile.tempdir
	34	tempfile.tempdir = self._new_tmpdir
	35	self.workdir = os.path.join(self._new_tmpdir, 'home')
	36	self.db_path = os.path.join(self.workdir, 'mycas.db')
[10394]	37	os.mkdir(self.workdir)
[10321]	38	self.paste_conf1 = os.path.join(
	39	os.path.dirname(__file__), 'sample1.ini')
[10352]	40	self.paste_conf2 = os.path.join(
	41	os.path.dirname(__file__), 'sample2.ini')
[10321]	42
	43	def tearDown(self):
[10348]	44	# remove local tempfile and reset old tempdir setting
	45	if os.path.isdir(self._new_tmpdir):
	46	shutil.rmtree(self._new_tmpdir)
	47	tempfile.tempdir = self._old_tmpdir
[10321]	48
	49	def test_paste_deploy_loader(self):
	50	# we can load the CAS server via paste.deploy plugin
	51	app = loadapp('config:%s' % self.paste_conf1)
	52	assert isinstance(app, CASServer)
[10394]	53	assert hasattr(app, 'db')
	54	assert isinstance(app.db, DB)
	55	assert hasattr(app, 'auth')
[10321]	56
	57	def test_paste_deploy_options(self):
	58	# we can set CAS server-related options via paste.deploy config
[10352]	59	app = loadapp('config:%s' % self.paste_conf2)
[10321]	60	assert isinstance(app, CASServer)
[10394]	61	assert app.db_connection_string == 'sqlite:///:memory:'
	62	assert isinstance(app.auth, DummyAuthenticator)
[10321]	63
[10351]	64	def test_init(self):
[10394]	65	# we get a `DB` instance created automatically
[10351]	66	app = CASServer()
[10394]	67	assert hasattr(app, 'db')
	68	assert app.db is not None
[10351]	69
	70	def test_init_explicit_db_path(self):
	71	# we can set a db_path explicitly
[10394]	72	app = CASServer(db='sqlite:///%s' % self.db_path)
	73	assert hasattr(app, 'db')
	74	assert isinstance(app.db, DB)
	75	assert os.path.isfile(self.db_path)
[10351]	76
[10394]	77	def test_get_template(self):
	78	app = CASServer()
	79	assert app._get_template('login.html') is not None
	80	assert app._get_template('not-existent.html') is None
	81
[10321]	82	def test_call_root(self):
[10326]	83	# the CAS protocol requires no root
[10321]	84	app = CASServer()
	85	req = Request.blank('http://localhost/')
	86	resp = app(req)
[10322]	87	assert resp.status == '404 Not Found'
[10326]	88
	89	def test_first_time_login(self):
	90	# we can get a login page
	91	app = CASServer()
	92	req = Request.blank('http://localhost/login')
	93	resp = app(req)
	94	assert resp.status == '200 OK'
	95
	96	def test_validate(self):
	97	# we can access a validation page
	98	app = CASServer()
[10416]	99	req = Request.blank('http://localhost/validate?service=foo&ticket=bar')
[10326]	100	resp = app(req)
[10416]	101	assert resp.status == '200 OK'
[10326]	102
	103	def test_logout(self):
	104	# we can access a logout page
	105	app = CASServer()
	106	req = Request.blank('http://localhost/logout')
	107	resp = app(req)
[10415]	108	assert resp.status == '200 OK'
[10335]	109
	110	def test_login_simple(self):
	111	# a simple login with no service will result in login screen
	112	# (2.1.1#service of protocol specs)
	113	app = CASServer()
	114	req = Request.blank('http://localhost/login')
	115	resp = app(req)
	116	assert resp.status == '200 OK'
	117	assert resp.content_type == 'text/html'
	118	assert b'<form ' in resp.body
[10394]	119
[10401]	120	def test_login_cred_acceptor_sso_no_service(self):
	121	# 2.2.4: successful login via single sign on
	122	app = CASServer()
	123	tgc = create_tgc_value()
	124	app.db.add(tgc)
	125	value = str(tgc.value)
	126	req = Request.blank('https://localhost/login')
	127	req.headers['Cookie'] = 'cas-tgc=%s' % value
	128	resp = app(req)
	129	assert resp.status == '200 OK'
	130	assert b'already' in resp.body
	131	assert 'Set-Cookie' not in resp.headers
	132	return
[10394]	133
[10411]	134	def test_login_renew_with_cookie(self):
	135	# 2.1.1: cookie will be ignored when renew is set
	136	app = CASServer()
	137	tgc = create_tgc_value()
	138	app.db.add(tgc)
	139	value = str(tgc.value)
	140	req = Request.blank('https://localhost/login?renew=true')
	141	req.headers['Cookie'] = 'cas-tgc=%s' % value
	142	resp = app(req)
	143	assert resp.status == '200 OK'
	144	assert b'username' in resp.body
	145	assert 'Set-Cookie' not in resp.headers
[10401]	146
[10412]	147	def test_login_renew_without_cookie(self):
	148	# 2.1.1: with renew and no cookie, normal auth will happen
	149	app = CASServer()
	150	req = Request.blank('https://localhost/login?renew=true')
	151	resp = app(req)
	152	assert resp.status == '200 OK'
	153	assert b'username' in resp.body
	154
[10411]	155	def test_login_renew_as_empty_string(self):
	156	# `renew` is handled correctly, even with empty value
	157	app = CASServer()
	158	tgc = create_tgc_value()
	159	app.db.add(tgc)
	160	value = str(tgc.value)
	161	req = Request.blank('https://localhost/login?renew')
	162	req.headers['Cookie'] = 'cas-tgc=%s' % value
	163	resp = app(req)
	164	assert resp.status == '200 OK'
	165	assert b'username' in resp.body
	166	assert 'Set-Cookie' not in resp.headers
	167
[10412]	168	def test_login_gateway_no_cookie_with_service(self):
	169	# 2.1.1: with gateway but w/o cookie we will be redirected to service
	170	# no service ticket will be issued
	171	app = CASServer()
	172	params = 'gateway=true&service=http%3A%2F%2Fwww.service.com'
	173	req = Request.blank('https://localhost/login?%s' % params)
	174	resp = app(req)
	175	assert resp.status == '303 See Other'
	176	assert 'Location' in resp.headers
	177	assert resp.headers['Location'] == 'http://www.service.com'
[10411]	178
[10412]	179	def test_login_gateway_with_cookie_and_service(self):
	180	# 2.1.1: with cookie and gateway we will be redirected to service
	181	app = CASServer()
	182	tgc = create_tgc_value()
	183	app.db.add(tgc)
	184	value = str(tgc.value)
	185	params = 'gateway=true&service=http%3A%2F%2Fwww.service.com'
	186	req = Request.blank('https://localhost/login?%s' % params)
	187	req.headers['Cookie'] = 'cas-tgc=%s' % value
	188	resp = app(req)
	189	assert resp.status == '303 See Other'
	190	assert 'Location' in resp.headers
	191	assert resp.headers['Location'].startswith(
	192	'http://www.service.com?ticket=ST-')
	193
	194	def test_login_gateway_and_renew(self):
	195	# 2.1.1 if both, gateway and renew are specified, only renew is valid
	196	app = CASServer()
	197	tgc = create_tgc_value()
	198	app.db.add(tgc)
	199	value = str(tgc.value)
	200	req = Request.blank('https://localhost/login?renew=true&gateway=true')
	201	req.headers['Cookie'] = 'cas-tgc=%s' % value
	202	resp = app(req)
	203	# with only gateway true, this would lead to a redirect
	204	assert resp.status == '200 OK'
	205	assert b'username' in resp.body
	206	assert 'Set-Cookie' not in resp.headers
	207
[10413]	208	def test_login_warn(self):
	209	# 2.2.1 as a credential acceptor, with `warn` set we require confirm
	210	app = CASServer()
	211	tgc = create_tgc_value()
	212	app.db.add(tgc)
	213	value = str(tgc.value)
	214	params = 'warn=true&service=http%3A%2F%2Fwww.service.com'
	215	req = Request.blank('https://localhost/login?%s' % params)
	216	req.headers['Cookie'] = 'cas-tgc=%s' % value
	217	resp = app(req)
	218	# without warn, we would get a redirect
	219	assert resp.status == '200 OK'
	220	assert b'CAS login successful' in resp.body
[10412]	221
[10415]	222	def test_logout_no_cookie(self):
	223	# 2.3 logout displays a logout page.
	224	app = CASServer()
	225	req = Request.blank('https://localhost/logout')
	226	resp = app(req)
	227	assert resp.status == '200 OK'
	228	assert b'logged out' in resp.body
[10413]	229
[10415]	230	def test_logout_with_cookie(self):
	231	# 2.3 logout destroys any existing SSO session
	232	app = CASServer()
	233	tgc = create_tgc_value()
	234	app.db.add(tgc)
	235	value = str(tgc.value)
	236	req = Request.blank('https://localhost/logout')
	237	req.headers['Cookie'] = 'cas-tgc=%s' % value
	238	resp = app(req)
	239	assert resp.status == '200 OK'
	240	assert b'logged out' in resp.body
	241	assert 'Set-Cookie' in resp.headers
	242	cookie = resp.headers['Set-Cookie']
	243	assert cookie.startswith('cas-tgc=;')
	244	assert 'expires' in cookie
	245	assert 'Max-Age' in cookie
	246	assert len(list(app.db.query(TicketGrantingCookie))) == 0
	247
	248	def test_logout_url(self):
	249	# 2.3.1 with an `url` given we provide a link on logout
	250	app = CASServer()
	251	params = 'url=http%3A%2F%2Fwww.logout.com'
	252	req = Request.blank('https://localhost/logout?%s' % params)
	253	resp = app(req)
	254	assert resp.status == '200 OK'
	255	assert b'logged out' in resp.body
	256	assert b'like you to' in resp.body
	257	assert b'http://www.logout.com' in resp.body
	258
[10416]	259	def test_validate_invalid(self):
	260	# 2.4.2 validation failures is indicated by a given format
	261	app = CASServer()
	262	params = 'ticket=foo&service=bar'
	263	req = Request.blank('https://localhost/validate?%s' % params)
	264	resp = app(req)
	265	assert resp.body == b'no\n\n'
[10415]	266
[10416]	267	def test_validate_valid(self):
	268	# 2.4 validation success is indicated by a given format
	269	app = CASServer()
	270	sticket = create_service_ticket(
	271	'someuser', 'http://service.com/', sso=False)
	272	app.db.add(sticket)
	273	params = 'ticket=%s&service=%s' % (
	274	sticket.ticket, sticket.service)
	275	req = Request.blank('https://localhost/validate?%s' % params)
	276	resp = app(req)
	277	assert resp.body == b'yes\nsomeuser\n'
	278
	279	def test_validate_renew_invalid(self):
	280	# 2.4.1 with `renew` we accept only non-sso issued tickets
	281	app = CASServer()
	282	sticket = create_service_ticket(
	283	'someuser', 'http://service.com/', sso=True)
	284	app.db.add(sticket)
	285	params = 'ticket=%s&service=%s&renew=true' % (
	286	sticket.ticket, sticket.service)
	287	req = Request.blank('https://localhost/validate?%s' % params)
	288	resp = app(req)
	289	assert resp.body == b'no\n\n'
	290
	291	def test_validate_renew_valid(self):
	292	# 2.4.1 with `renew` we accept only non-sso issued tickets
	293	app = CASServer()
	294	sticket = create_service_ticket(
	295	'someuser', 'http://service.com/', sso=False)
	296	app.db.add(sticket)
	297	params = 'ticket=%s&service=%s&renew=true' % (
	298	sticket.ticket, sticket.service)
	299	req = Request.blank('https://localhost/validate?%s' % params)
	300	resp = app(req)
	301	assert resp.body == b'yes\nsomeuser\n'
	302
	303
[10394]	304	class BrowserTests(unittest.TestCase):
	305
	306	def setUp(self):
	307	self.raw_app = CASServer(auth=DummyAuthenticator())
	308	self.app = WebTestApp(self.raw_app)
	309
	310	def test_login(self):
	311	resp = self.app.get('/login')
	312	assert resp.status == '200 OK'
	313	form = resp.forms[0]
	314	# 2.1.3: form must be submitted by POST
	315	assert form.method == 'post'
	316	fieldnames = form.fields.keys()
	317	# 2.1.3: form must contain: username, password, lt
	318	assert 'username' in fieldnames
	319	assert 'password' in fieldnames
	320	assert 'lt' in fieldnames
	321	assert RE_ALPHABET.match(form['lt'].value)
	322
	323	def test_login_no_service(self):
	324	# w/o a service passed in, the form should not contain service
	325	# (not a strict protocol requirement, but handy)
	326	resp = self.app.get('/login')
	327	assert 'service' not in resp.forms[0].fields.keys()
	328
	329	def test_login_service_replayed(self):
	330	# 2.1.3: the login form must contain the service param sent
	331	resp = self.app.get('/login?service=http%3A%2F%2Fwww.service.com')
	332	form = resp.forms[0]
	333	assert resp.status == '200 OK'
	334	assert 'service' in form.fields.keys()
	335	assert form['service'].value == 'http://www.service.com'
	336
	337	def test_login_cred_acceptor_valid_no_service(self):
	338	# 2.2.4: successful login w/o service yields a message
	339	lt = create_login_ticket()
	340	self.raw_app.db.add(lt)
	341	lt_string = lt.ticket
	342	resp = self.app.post('/login', dict(
	343	username='bird', password='bebop', lt=lt_string))
	344	assert resp.status == '200 OK'
	345	assert b'successful' in resp.body
	346	# single-sign-on session initiated
	347	assert 'Set-Cookie' in resp.headers
	348	cookie = resp.headers['Set-Cookie']
	349	assert cookie.startswith('cas-tgc=')
	350
	351	def test_login_cred_acceptor_valid_w_service(self):
	352	# 2.2.4: successful login with service makes a redirect
	353	# Appendix B: safe redirect
	354	lt = create_login_ticket()
	355	self.raw_app.db.add(lt)
	356	lt_string = lt.ticket
	357	resp = self.app.post('/login', dict(
	358	username='bird', password='bebop', lt=lt_string,
	359	service='http://example.com/Login'))
	360	assert resp.status == '303 See Other'
	361	assert 'Location' in resp.headers
	362	assert resp.headers['Location'].startswith(
	363	'http://example.com/Login?ticket=ST-')
	364	assert 'Pragma' in resp.headers
	365	assert resp.headers['Pragma'] == 'no-cache'
	366	assert 'Cache-Control' in resp.headers
	367	assert resp.headers['Cache-Control'] == 'no-store'
	368	assert 'Expires' in resp.headers
	369	assert resp.headers['Expires'] == 'Thu, 01 Dec 1994 16:00:00 GMT'
	370	assert b'window.location.href' in resp.body
	371	assert b'noscript' in resp.body
	372	assert b'ticket=ST-' in resp.body
	373
[10397]	374	def test_login_cred_acceptor_failed(self):
	375	# 2.2.4: failed login yields a message
	376	lt = create_login_ticket()
	377	self.raw_app.db.add(lt)
	378	lt_string = lt.ticket
	379	resp = self.app.post('/login', dict(
	380	username='bird', password='cat', lt=lt_string))
	381	assert resp.status == '200 OK'
	382	assert b'failed' in resp.body
[10394]	383
[10401]	384	def test_login_sso_no_service(self):
	385	# we can initiate single-sign-on without service
	386	resp1 = self.app.get('https://localhost/login') # HTTPS required!
	387	assert resp1.status == '200 OK'
	388	assert 'cas-tgc' not in self.app.cookies
	389	form = resp1.forms[0]
	390	form.set('username', 'bird')
	391	form.set('password', 'bebop')
	392	resp2 = form.submit('AUTHENTICATE')
	393	assert resp2.status == '200 OK'
	394	# we got a secure cookie
	395	assert 'cas-tgc' in self.app.cookies
	396	# when we get the login page again, the cookie will replace creds.
	397	resp3 = self.app.get('https://localhost/login')
	398	assert b'You logged in already' in resp3.body
[10397]	399
[10409]	400	def test_login_sso_with_service(self):
	401	resp1 = self.app.get(
[10410]	402	'https://localhost/login?service=http%3A%2F%2Fservice.com%2F')
[10409]	403	assert resp1.status == '200 OK'
	404	assert 'cas-tgc' not in self.app.cookies
	405	form = resp1.forms[0]
	406	form.set('username', 'bird')
	407	form.set('password', 'bebop')
	408	resp2 = form.submit('AUTHENTICATE')
	409	assert resp2.status == '303 See Other'
	410	assert resp2.headers['Location'].startswith(
	411	'http://service.com/?ticket=ST-')
	412	# we got a secure cookie
	413	assert 'cas-tgc' in self.app.cookies
	414	resp3 = self.app.get(
[10410]	415	'https://localhost/login?service=http%3A%2F%2Fservice.com%2F')
[10409]	416	assert resp3.status == '303 See Other'
	417	assert resp3.headers['Location'].startswith(
	418	'http://service.com/?ticket=ST-')
[10401]	419
[10490]	420	def test_login_sso_with_service_additional_params1(self):
	421	# we can get a service ticket also with a service providing
	422	# get params
	423	# this service url reads http://service.com/index.php?authCAS=CAS
	424	service_url = 'http%3A%2F%2Fservice.com%2Findex.php%3FauthCAS%3DCAS'
	425	resp1 = self.app.get(
	426	'https://localhost/login?service=%s' % service_url)
	427	assert resp1.status == '200 OK'
	428	assert 'cas-tgc' not in self.app.cookies
	429	form = resp1.forms[0]
	430	form.set('username', 'bird')
	431	form.set('password', 'bebop')
	432	resp2 = form.submit('AUTHENTICATE')
	433	assert resp2.status == '303 See Other'
	434	location = resp2.headers['Location']
[10492]	435	query_string = location.split('?', 1)[1]
	436	query_params = dict(parse_qsl(query_string))
	437	assert 'authCAS' in query_params.keys()
	438	assert 'ticket' in query_params.keys()
	439	assert len(query_params['ticket']) == 32
[10409]	440
[10490]	441
[10394]	442	class CASServerHelperTests(unittest.TestCase):
	443
	444	def setUp(self):
	445	self.workdir = tempfile.mkdtemp()
	446	self.db_file = os.path.join(self.workdir, 'mycas.db')
	447	self.conn_string = 'sqlite:///%s' % self.db_file
	448	self.db = DB(self.conn_string)
	449
	450	def tearDown(self):
	451	shutil.rmtree(self.workdir)
	452
	453	def test_create_service_ticket(self):
	454	# we can create service tickets
	455	st = create_service_ticket(
	456	user='bob', service='http://www.example.com')
	457	assert isinstance(st, ServiceTicket)
	458	# 3.1.1: service not part of ticket
	459	assert 'example.com' not in st.ticket
	460	# 3.1.1: ticket must start with 'ST-'
	461	assert st.ticket.startswith('ST-')
	462	# 3.1.1: min. ticket length clients must be able to process is 32
	463	assert len(st.ticket) < 33
	464	# 3.7: allowed character set == [a-zA-Z0-9\-]
	465	assert RE_ALPHABET.match(st.ticket), (
	466	'Ticket contains forbidden chars: %s' % st)
	467
	468	def test_create_login_ticket(self):
	469	# we can create login tickets
	470	lt = create_login_ticket()
	471	# 3.5.1: ticket should start with 'LT-'
	472	assert lt.ticket.startswith('LT-')
	473	# 3.7: allowed character set == [a-zA-Z0-9\-]
	474	assert RE_ALPHABET.match(lt.ticket), (
	475	'Ticket contains forbidden chars: %s' % lt)
	476
	477	def test_create_login_ticket_unique(self):
	478	# 3.5.1: login tickets are unique (although not hard to guess)
	479	ticket_num = 1000 # increase to test more thoroughly
	480	lt_list = [create_login_ticket() for x in range(ticket_num)]
	481	assert len(set(lt_list)) == ticket_num
	482
	483	def test_create_tgc_value(self):
	484	# we can create ticket granting cookies
	485	tgc = create_tgc_value()
	486	assert isinstance(tgc, TicketGrantingCookie)
	487	# 3.6.1: cookie value should start with 'TGC-'
	488	assert tgc.value.startswith('TGC-')
	489	# 3.7: allowed character set == [a-zA-Z0-9\-]
	490	assert RE_ALPHABET.match(tgc.value), (
	491	'Cookie value contains forbidden chars: %s' % tgc)
	492
	493	def test_check_login_ticket(self):
	494	db = DB('sqlite:///')
	495	lt = LoginTicket('LT-123456')
	496	db.add(lt)
	497	assert check_login_ticket(db, None) is False
	498	assert check_login_ticket(db, 'LT-123456') is True
	499	# the ticket will be removed after check
	500	assert check_login_ticket(db, 'LT-123456') is False
	501	assert check_login_ticket(db, 'LT-654321') is False
	502
[10490]	503	def test_set_session_cookie1(self):
[10394]	504	# make sure we can add session cookies to responses
	505	db = DB('sqlite:///')
[10405]	506	resp = set_session_cookie(db, Response())
[10394]	507	assert 'Set-Cookie' in resp.headers
	508	cookie = resp.headers['Set-Cookie']
	509	assert RE_COOKIE.match(cookie), (
	510	'Cookie in unexpected format: %s' % cookie)
	511	# the cookie is stored in database
	512	value = cookie.split('=')[1].split(';')[0]
	513	q = db.query(TicketGrantingCookie).filter(
	514	TicketGrantingCookie.value == value)
	515	assert len(list(q)) == 1
[10398]	516
[10490]	517	def test_check_session_cookie2(self):
[10398]	518	db = DB('sqlite:///')
	519	tgc = create_tgc_value()
	520	db.add(tgc)
	521	value = tgc.value
	522	assert check_session_cookie(db, value) == tgc
	523	assert check_session_cookie(db, 'foo') is None
	524	assert check_session_cookie(db, b'foo') is None
[10402]	525	assert check_session_cookie(db, None) is None
[10398]	526	value2 = value.encode('utf-8')
	527	assert check_session_cookie(db, value2) == tgc
[10404]	528
	529	def test_get_template(self):
	530	# we can load templates
	531	assert get_template('not-existing-template') is None
	532	assert get_template('login.html') is not None
[10414]	533
	534	def test_delete_session_cookie(self):
	535	# we can unset cookies
	536	db = DB('sqlite:///')
	537	tgc = create_tgc_value()
	538	db.add(tgc)
	539	value = tgc.value
	540	resp = delete_session_cookie(db, Response(), old_value=value)
	541	assert 'Set-Cookie' in resp.headers
	542	cookie = resp.headers['Set-Cookie']
	543	assert RE_COOKIE_DEL.match(cookie), (
	544	'Cookie in unexpected format: %s' % cookie)
	545	# the cookie values was deleted from database
	546	q = db.query(TicketGrantingCookie).filter(
	547	TicketGrantingCookie.value == value)
	548	assert len(list(q)) == 0
[10416]	549
	550	def test_check_service_ticket(self):
	551	db = DB('sqlite:///')
	552	st = ServiceTicket(
	553	'ST-123456', 'someuser', 'http://myservice.com', True)
	554	db.add(st)
	555	assert check_service_ticket(db, None, 'foo') is None
	556	assert check_service_ticket(db, 'foo', None) is None
	557	assert check_service_ticket(db, 'ST-123456', 'foo') is None
	558	assert check_service_ticket(db, 'foo', 'http://myservice.com') is None
	559	result = check_service_ticket(db, 'ST-123456', 'http://myservice.com')
	560	assert isinstance(result, ServiceTicket)
	561	assert result.user == 'someuser'
	562	assert check_service_ticket(
	563	db, 'ST-123456', 'http://myservice.com', True) is None
	564	assert check_service_ticket(
	565	db, 'ST-123456', 'http://myservice.com', False) is not None
[10491]	566
	567	def test_update_url(self):
	568	# we can create valid new urls with query string params updated
	569	url = 'http://sample.com/index?a=1&b=2'
	570	result1 = update_url('http://sample.com/index?a=1&b=2', dict(b='3'))
	571	assert result1 == 'http://sample.com/index?a=1&b=3'
	572	result2 = update_url('http://sample.com/index?b=2', dict(b='3'))
	573	assert result2 == 'http://sample.com/index?b=3'
	574	result3 = update_url('http://sample.com/index', dict(b='3'))
	575	assert result3 == 'http://sample.com/index?b=3'
	576	result4 = update_url('http://sample.com/index?a=2', dict(b='3'))
	577	assert result4 == 'http://sample.com/index?a=2&b=3'

Note: See TracBrowser for help on using the repository browser.

Download in other formats: