source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/ssl/test_ssl.py @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/ssl/test_ssl.py@7077
Revision 7077, 2.9 KB checked in by pjkersha, 11 years ago (diff)
  • Property svn:keywords set to Id
Line 
1#!/usr/bin/env python
2"""Unit tests for WSGI SSL Client Authentication Middleware
3
4NERC DataGrid Project
5"""
6__author__ = "P J Kershaw"
7__date__ = "22/05/09"
8__copyright__ = "(C) 2009 Science and Technology Facilities Council"
9__license__ = "BSD - see LICENSE file in top-level directory"
10__contact__ = "Philip.Kershaw@stfc.ac.uk"
11__revision__ = '$Id$'
12import logging
13
14import unittest
15import os
16import re
17
18import paste.fixture
19from paste.deploy import loadapp
20from ndg.security.test.unit import BaseTestCase
21from ndg.security.common.X509 import X509Cert
22
23class TestSSLClientAuthnApp(BaseTestCase):
24    '''Test Application for the Authentication handler to protect'''
25    response = "Test Authentication redirect application"
26       
27    def __init__(self, app_conf, **local_conf):
28        pass
29   
30    def __call__(self, environ, start_response):
31       
32        if environ['PATH_INFO'] == '/secured/uri':
33            status = "200 OK"
34           
35        elif environ['PATH_INFO'] == '/unsecured':
36            status = "200 OK"
37           
38        elif environ['PATH_INFO'] == '/test_200WithNotLoggedIn':
39            status = "200 OK"
40           
41        elif environ['PATH_INFO'] == '/test_200WithLoggedIn':
42            environ['REMOTE_USER'] = 'testuser'
43            status = "200 OK"
44        else:
45            status = "404 Not found"
46               
47        start_response(status,
48                       [('Content-length', 
49                         str(len(TestSSLClientAuthnApp.response))),
50                        ('Content-type', 'text/plain')])
51        return [TestSSLClientAuthnApp.response]
52
53
54class SSLClientAuthNTestCase(BaseTestCase):
55
56    def __init__(self, *args, **kwargs):
57        here_dir = os.path.dirname(os.path.abspath(__file__))
58        wsgiapp = loadapp('config:test.ini', relative_to=here_dir)
59        self.app = paste.fixture.TestApp(wsgiapp)
60         
61        BaseTestCase.__init__(self, *args, **kwargs)
62       
63
64    def test01NotAnSSLRequest(self):
65        # This request should be ignored because the SSL environment settings
66        # are not present
67        response = self.app.get('/unsecured')
68   
69    def test02NoClientCertSet(self):
70        extra_environ = {'HTTPS':'1'}
71        response = self.app.get('/secured/uri',
72                                extra_environ=extra_environ,
73                                status=401)
74   
75    def test03ClientCertSet(self):
76        thisDir = os.path.dirname(__file__)
77        sslClientCertFilePath = os.path.join(
78                                os.environ[BaseTestCase.configDirEnvVarName],
79                                'pki',
80                                'test.crt')
81        sslClientCert = X509Cert.Read(sslClientCertFilePath).toString()
82        extra_environ = {'HTTPS':'1', 'SSL_CLIENT_CERT': sslClientCert}
83        response = self.app.get('/secured/uri',
84                                extra_environ=extra_environ,
85                                status=200)
86
87
88if __name__ == "__main__":
89    unittest.main()       
Note: See TracBrowser for help on using the repository browser.