当前位置: 首页>>代码示例>>Python>>正文


Python authenticator.AuthenticatorView类代码示例

本文整理汇总了Python中plone.protect.authenticator.AuthenticatorView的典型用法代码示例。如果您正苦于以下问题:Python AuthenticatorView类的具体用法?Python AuthenticatorView怎么用?Python AuthenticatorView使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了AuthenticatorView类的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: testCSRF

    def testCSRF(self):
        """ test csrf protection """

        # for this test, we need a bit more serious request simulation
        from ZPublisher.HTTPRequest import HTTPRequest
        from ZPublisher.HTTPResponse import HTTPResponse

        environ = {}
        environ.setdefault("SERVER_NAME", "foo")
        environ.setdefault("SERVER_PORT", "80")
        environ.setdefault("REQUEST_METHOD", "POST")
        request = HTTPRequest(sys.stdin, environ, HTTPResponse(stdout=sys.stdout))

        request.form = {"topic": "test subject", "replyto": "[email protected]", "comments": "test comments"}

        self.ff1.checkAuthenticator = True

        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # with authenticator... no error
        tag = AuthenticatorView("context", "request").authenticator()
        token = tag.split('"')[5]
        request.form["_authenticator"] = token
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual(errors, {})

        # sneaky GET request
        environ["REQUEST_METHOD"] = "GET"
        request = HTTPRequest(sys.stdin, environ, HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # bad authenticator
        request.form["_authenticator"] = "inauthentic"
        request = HTTPRequest(sys.stdin, environ, HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)
开发者ID:hvelarde,项目名称:collective.easyform,代码行数:35,代码来源:testFunctions.py

示例2: testCSRF

    def testCSRF(self):
        """ test CSRF check on data clear """

        # create a saver and add a record
        self.ff1.invokeFactory('FormSaveDataAdapter', 'saver')
        saver = self.ff1.saver
        self.ff1.setActionAdapter( ('saver',) )
        request = FakeRequest(topic = 'test subject', replyto='[email protected]', comments='test comments')
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual( errors, {} )

        # for the rest of this test, we need a bit more serious request simulation
        environ = {}
        environ.setdefault('SERVER_NAME', 'foo')
        environ.setdefault('SERVER_PORT', '80')
        environ.setdefault('REQUEST_METHOD',  'POST')
        request = HTTPRequest(sys.stdin,
                    environ,
                    HTTPResponse(stdout=sys.stdout))

        # clearSavedFormInput is part of the API, so it should work if there's no
        # request
        saver.clearSavedFormInput()

        # But, if this is from a form, we should need a valid authenticator
        request.form = {'clearSavedFormInput':'1',}
        self.assertRaises(zExceptions.Forbidden, saver.clearSavedFormInput, **{'request':request})

        # with authenticator... no error
        tag = AuthenticatorView('context', 'request').authenticator()
        token = tag.split('"')[5]
        request.form['_authenticator'] = token
        saver.clearSavedFormInput(request=request)
开发者ID:Manca,项目名称:Products.PloneFormGen,代码行数:33,代码来源:testSaver.py

示例3: checkAuthenticator

 def checkAuthenticator(self, path, query='', status=200):
     credentials = '%s:%s' % (ptc.default_user, ptc.default_password)
     path = '/' + self.portal.absolute_url(relative=True) + path
     data = StringIO(query)
     # without authenticator...
     response = self.publish(path=path, basic=credentials, env={},
                             request_method='POST', stdin=data)
     self.assertEqual(response.getStatus(), 403)
     # with authenticator...
     tag = AuthenticatorView('context', 'request').authenticator()
     token = tag.split('"')[5]
     data = StringIO(query + '&_authenticator=%s' % token)
     response = self.publish(path=path, basic=credentials, env={},
                             request_method='POST', stdin=data)
     self.assertEqual(response.getStatus(), status)
开发者ID:CGTIC,项目名称:Plone_SP,代码行数:15,代码来源:testCSRFProtection.py

示例4: AuthenticatorTests

class AuthenticatorTests(KeyringTestCase):

    def setUp(self):
        KeyringTestCase.setUp(self)
        self.view = AuthenticatorView(None, None)

    def setUsername(self, name):
        user = getSecurityManager().getUser()
        user.name = name

    def setSecret(self, secret):
        self.manager['_forms'].data[0] = secret

    def testIsHtmlInput(self):
        auth = self.view.authenticator()
        self.failUnless(auth.startswith("<input"))
        self.failUnless(auth.endswith("/>"))

    def testDiffersPerUser(self):
        one = self.view.authenticator()
        self.setUsername("other")
        two = self.view.authenticator()
        self.assertNotEqual(one, two)

    def testDiffersPerSecret(self):
        one = self.view.authenticator()
        self.setSecret("other")
        two = self.view.authenticator()
        self.assertNotEqual(one, two)

    def testDiffersPerExtra(self):
        one = self.view.authenticator()
        two = self.view.authenticator('some-extra-value')
        self.assertNotEqual(one, two)
开发者ID:FHNW,项目名称:plone.protect,代码行数:34,代码来源:testAuthenticator.py

示例5: testCSRF

    def testCSRF(self):
        """ test csrf protection """

        # for this test, we need a bit more serious request simulation
        from ZPublisher.HTTPRequest import HTTPRequest
        from ZPublisher.HTTPResponse import HTTPResponse
        environ = {}
        environ.setdefault('SERVER_NAME', 'foo')
        environ.setdefault('SERVER_PORT', '80')
        environ.setdefault('REQUEST_METHOD', 'POST')
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))

        request.form = {
            'topic': 'test subject',
            'replyto': '[email protected]',
            'comments': 'test comments',
        }

        self.ff1.CSRFProtection = True

        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # with authenticator... no error
        tag = AuthenticatorView('context', 'request').authenticator()
        token = tag.split('"')[5]
        request.form['_authenticator'] = token
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual(errors, {})

        # sneaky GET request
        environ['REQUEST_METHOD'] = 'GET'
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # bad authenticator
        request.form['_authenticator'] = 'inauthentic'
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)
开发者ID:collective,项目名称:collective.easyform,代码行数:44,代码来源:testFunctions.py

示例6: VerifyTests

class VerifyTests(KeyringTestCase):

    key_size = 2

    def setUp(self):
        self.request = MockRequest()
        super(VerifyTests, self).setUp()
        self.view = AuthenticatorView(None, self.request)

    def setAuthenticator(self, key, extra='', name="_authenticator"):
        user = getSecurityManager().getUser().getUserName()
        if six.PY3:
            user = user.encode('utf-8')
            extra = extra.encode('utf-8')
        auth = hmac.new(key.encode('utf-8'), user + extra, sha).hexdigest()
        self.request[name] = auth

    def testCorrectAuthenticator(self):
        self.manager['_forms'].data[0] = "secret"
        self.setAuthenticator("secret")
        self.assertEqual(self.view.verify(), True)

    def testCustomAuthenticatorKeyName(self):
        self.manager['_forms'].data[0] = "secret"
        self.setAuthenticator("secret", name="_my_authenticator")
        self.assertEqual(self.view.verify(name="_my_authenticator"), True)

    def testOlderSecretVerifies(self):
        self.manager['_forms'].data[1] = "backup"
        self.setAuthenticator("backup")
        self.assertEqual(self.view.verify(), True)

    def testMissingAuthenticator(self):
        self.assertEqual(self.view.verify(), False)

    def testIncorrectAuthenticator(self):
        self.request["_authenticator"] = "incorrect"
        self.assertEqual(self.view.verify(), False)

    def testAuthenticatorWrongType(self):
        self.request["_authenticator"] = 123
        self.assertEqual(self.view.verify(), False)

    def testExtraArgumentCanBeVerified(self):
        self.manager['_forms'].data[0] = "secret"
        self.setAuthenticator("secret", 'some-extra-value')
        self.assertEqual(self.view.verify('some-extra-value'), True)
开发者ID:plone,项目名称:plone.protect,代码行数:47,代码来源:testAuthenticator.py

示例7: VerifyTests

class VerifyTests(KeyringTestCase):

    def setUp(self):
        self.request = MockRequest()
        KeyringTestCase.setUp(self)
        self.view = AuthenticatorView(None, self.request)

    def setAuthenticator(self, key, extra='', name="_authenticator"):
        user = getSecurityManager().getUser().getUserName()
        auth = hmac.new(key, user + extra, sha).hexdigest()
        self.request[name] = auth

    def testCorrectAuthenticator(self):
        self.manager.keys[0] = ("secret")
        self.setAuthenticator("secret")
        self.assertEqual(self.view.verify(), True)

    def testCustomAuthenticatorKeyName(self):
        self.manager.keys[0] = ("secret")
        self.setAuthenticator("secret", name="_my_authenticator")
        self.assertEqual(self.view.verify(name="_my_authenticator"), True)

    def testOlderSecretVerifies(self):
        self.manager.keys[3] = "backup"
        self.setAuthenticator("backup")
        self.assertEqual(self.view.verify(), True)

    def testMissingAuthenticator(self):
        self.assertEqual(self.view.verify(), False)

    def testIncorrectAuthenticator(self):
        self.request["_authenticator"] = "incorrect"
        self.assertEqual(self.view.verify(), False)

    def testAuthenticatorWrongType(self):
        self.request["_authenticator"] = 123
        self.assertEqual(self.view.verify(), False)

    def testExtraArgumentCanBeVerified(self):
        self.manager.keys[0] = ("secret")
        self.setAuthenticator("secret", 'some-extra-value')
        self.assertEqual(self.view.verify('some-extra-value'), True)
开发者ID:CGTIC,项目名称:Plone_SP,代码行数:42,代码来源:testAuthenticator.py

示例8: setUp

 def setUp(self):
     self.request = MockRequest()
     super(VerifyTests, self).setUp()
     self.view = AuthenticatorView(None, self.request)
开发者ID:FHNW,项目名称:plone.protect,代码行数:4,代码来源:testAuthenticator.py


注:本文中的plone.protect.authenticator.AuthenticatorView类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。