Ignore:
Timestamp:
5 Apr 2017, 13:06:02 (8 years ago)
Author:
uli
Message:

Add XMLRPC-aware auth credentials plugin.

This new plugin can be used to authenticate users in a site
(i.e. normally officers of a University instance) with
regular HTTP basic auth credentials (normally we expect a
web form, where credentials are sent as form-vars).

This plugin is registered in _new_ University instances
automatically, but it is _not_ registered with already
existing PAUs.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/trunk/src/waeup/kofa/tests/test_authentication.py

    r10055 r14667  
    2121import unittest
    2222from cStringIO import StringIO
    23 from zope.component import getGlobalSiteManager
     23from zope.component import getGlobalSiteManager, queryUtility
    2424from zope.component.hooks import setSite, clearSite
    2525from zope.interface.verify import verifyClass, verifyObject
    2626from zope.password.testing import setUpPasswordManagers
    27 from zope.pluggableauth.interfaces import IAuthenticatorPlugin
     27from zope.pluggableauth import PluggableAuthentication
     28from zope.pluggableauth.interfaces import (
     29    IAuthenticatorPlugin, ICredentialsPlugin)
     30from zope.publisher.browser import TestRequest
    2831from zope.securitypolicy.interfaces import IPrincipalRoleManager
    2932from waeup.kofa.testing import FunctionalTestCase, FunctionalLayer
    3033from waeup.kofa.authentication import (
    3134    UserAuthenticatorPlugin, Account, KofaPrincipalInfo, FailedLoginInfo,
    32     get_principal_role_manager, UsersPlugin,)
     35    get_principal_role_manager, UsersPlugin, KofaXMLRPCCredentialsPlugin,
     36    setup_authentication)
    3337from waeup.kofa.interfaces import (
    34     IUserAccount, IFailedLoginInfo, IKofaPrincipalInfo, IKofaPluggable)
     38    IAuthPluginUtility, IUserAccount, IFailedLoginInfo, IKofaPrincipalInfo,
     39    IKofaPluggable)
     40
    3541
    3642class FakeSite(grok.Site, grok.Container):
     
    3945    #    return getGlobalSiteManager()
    4046    pass
     47
     48
     49class FakeAuthPlugin(object):
     50    def register(self, pau):
     51        pau.credentialsPlugins += ('foo', )
     52
     53
     54class Test_setup_authentication(FunctionalTestCase):
     55    # Tests for the `setup_authentication` function
     56
     57    layer = FunctionalLayer
     58
     59    def tearDown(self):
     60        # clean up registry.
     61        gsm = getGlobalSiteManager()
     62        for iface, name in ((IAuthPluginUtility, 'myauth'), ):
     63            to_delete = queryUtility(iface, name=name)
     64            if to_delete is not None:
     65                gsm.unregisterUtility(provided=iface, name=name)
     66        super(Test_setup_authentication, self).tearDown()
     67
     68    def test_plugins_are_registered(self):
     69        # We can populate a PAU with (hardcoded set of) plugins
     70        pau = PluggableAuthentication()
     71        setup_authentication(pau)
     72        for name in (
     73                'No Challenge if Authenticated',
     74                'xmlrpc-credentials',
     75                'credentials'):
     76            assert name in pau.credentialsPlugins
     77        for name in ('users', ):
     78            assert name in pau.authenticatorPlugins
     79
     80    def test_external_plugins_are_registered(self):
     81        # registered plugins are called as well
     82        gsm = getGlobalSiteManager()
     83        gsm.registerUtility(
     84            MyFakeAuthPlugin(), IAuthPluginUtility, name='myauth')
     85        pau = PluggableAuthentication()
     86        setup_authentication(pau)
     87        assert 'foo' in pau.credentialsPlugins
     88
     89
     90class KofaXMLRPCCredentialsPluginTests(FunctionalTestCase):
     91    # Test for XMLRPC credentials plugin
     92
     93    layer = FunctionalLayer
     94
     95    def test_ifaces(self):
     96        # we meet interface requirements
     97        plugin = KofaXMLRPCCredentialsPlugin()
     98        self.assertTrue(
     99            verifyClass(ICredentialsPlugin, KofaXMLRPCCredentialsPlugin))
     100
     101    def test_util_is_registered(self):
     102        # we can query this named utility
     103        util = queryUtility(ICredentialsPlugin, name='xmlrpc-credentials')
     104        assert util is not None
     105
     106    def test_can_extract_creds(self):
     107        # we can extract credentials from appropriate requests
     108        req = TestRequest(
     109            environ={'HTTP_AUTHORIZATION': u'Basic bWdyOm1ncnB3'})
     110        plugin = KofaXMLRPCCredentialsPlugin()
     111        assert plugin.extractCredentials(req) == {
     112            'login': 'mgr', 'password': 'mgrpw'}
     113
     114    def test_challenge_disabled(self):
     115        # we will not challenge people
     116        plugin = KofaXMLRPCCredentialsPlugin()
     117        assert plugin.challenge(TestRequest()) is False
     118
     119    def test_logout_disabled(self):
     120        # we do not support logging out. HTTP basic auth cannot do this.
     121        plugin = KofaXMLRPCCredentialsPlugin()
     122        assert plugin.logout(TestRequest()) is False
     123
    41124
    42125class UserAuthenticatorPluginTests(FunctionalTestCase):
Note: See TracChangeset for help on using the changeset viewer.