4
from openid.consumer import consumer
5
from openid import message
6
from openid.test import support
8
class DummyEndpoint(object):
9
preferred_namespace = None
12
is_op_identifier = False
14
def preferredNamespace(self):
15
return self.preferred_namespace
20
def isOPIdentifier(self):
21
return self.is_op_identifier
23
class DummyAssoc(object):
24
handle = "assoc-handle"
26
class TestAuthRequestMixin(support.OpenIDTestMixin):
27
"""Mixin for AuthRequest tests for OpenID 1 and 2; DON'T add
28
unittest.TestCase as a base class here."""
30
preferred_namespace = None
32
expected_mode = 'checkid_setup'
35
self.endpoint = DummyEndpoint()
36
self.endpoint.local_id = 'http://server.unittest/joe'
37
self.endpoint.claimed_id = 'http://joe.vanity.example/'
38
self.endpoint.server_url = 'http://server.unittest/'
39
self.endpoint.preferred_namespace = self.preferred_namespace
40
self.realm = 'http://example/'
41
self.return_to = 'http://example/return/'
42
self.assoc = DummyAssoc()
43
self.authreq = consumer.AuthRequest(self.endpoint, self.assoc)
45
def failUnlessAnonymous(self, msg):
46
for key in ['claimed_id', 'identity']:
47
self.failIfOpenIDKeyExists(msg, key)
49
def failUnlessHasRequiredFields(self, msg):
50
self.failUnlessEqual(self.preferred_namespace,
51
self.authreq.message.getOpenIDNamespace())
53
self.failUnlessEqual(self.preferred_namespace,
54
msg.getOpenIDNamespace())
56
self.failUnlessOpenIDValueEquals(msg, 'mode',
59
# Implement these in subclasses because they depend on
60
# protocol differences!
61
self.failUnlessHasRealm(msg)
62
self.failUnlessIdentifiersPresent(msg)
66
def test_checkNoAssocHandle(self):
67
self.authreq.assoc = None
68
msg = self.authreq.getMessage(self.realm, self.return_to,
71
self.failIfOpenIDKeyExists(msg, 'assoc_handle')
73
def test_checkWithAssocHandle(self):
74
msg = self.authreq.getMessage(self.realm, self.return_to,
77
self.failUnlessOpenIDValueEquals(msg, 'assoc_handle',
80
def test_addExtensionArg(self):
81
self.authreq.addExtensionArg('bag:', 'color', 'brown')
82
self.authreq.addExtensionArg('bag:', 'material', 'paper')
83
self.failUnless('bag:' in self.authreq.message.namespaces)
84
self.failUnlessEqual(self.authreq.message.getArgs('bag:'),
87
msg = self.authreq.getMessage(self.realm, self.return_to,
90
# XXX: this depends on the way that Message assigns
91
# namespaces. Really it doesn't care that it has alias "0",
92
# but that is tested anyway
93
post_args = msg.toPostArgs()
94
self.failUnlessEqual('brown', post_args['openid.ext0.color'])
95
self.failUnlessEqual('paper', post_args['openid.ext0.material'])
97
def test_standard(self):
98
msg = self.authreq.getMessage(self.realm, self.return_to,
101
self.failUnlessHasIdentifiers(
102
msg, self.endpoint.local_id, self.endpoint.claimed_id)
104
class TestAuthRequestOpenID2(TestAuthRequestMixin, unittest.TestCase):
105
preferred_namespace = message.OPENID2_NS
107
def failUnlessHasRealm(self, msg):
108
# check presence of proper realm key and absence of the wrong
110
self.failUnlessOpenIDValueEquals(msg, 'realm', self.realm)
111
self.failIfOpenIDKeyExists(msg, 'trust_root')
113
def failUnlessIdentifiersPresent(self, msg):
114
identity_present = msg.hasKey(message.OPENID_NS, 'identity')
115
claimed_present = msg.hasKey(message.OPENID_NS, 'claimed_id')
117
self.failUnlessEqual(claimed_present, identity_present)
119
def failUnlessHasIdentifiers(self, msg, op_specific_id, claimed_id):
120
self.failUnlessOpenIDValueEquals(msg, 'identity', op_specific_id)
121
self.failUnlessOpenIDValueEquals(msg, 'claimed_id', claimed_id)
125
def test_setAnonymousWorksForOpenID2(self):
126
"""OpenID AuthRequests should be able to set 'anonymous' to true."""
127
self.failUnless(self.authreq.message.isOpenID2())
128
self.authreq.setAnonymous(True)
129
self.authreq.setAnonymous(False)
131
def test_userAnonymousIgnoresIdentfier(self):
132
self.authreq.setAnonymous(True)
133
msg = self.authreq.getMessage(self.realm, self.return_to,
135
self.failUnlessHasRequiredFields(msg)
136
self.failUnlessAnonymous(msg)
138
def test_opAnonymousIgnoresIdentifier(self):
139
self.endpoint.is_op_identifier = True
140
self.authreq.setAnonymous(True)
141
msg = self.authreq.getMessage(self.realm, self.return_to,
143
self.failUnlessHasRequiredFields(msg)
144
self.failUnlessAnonymous(msg)
146
def test_opIdentifierSendsIdentifierSelect(self):
147
self.endpoint.is_op_identifier = True
148
msg = self.authreq.getMessage(self.realm, self.return_to,
150
self.failUnlessHasRequiredFields(msg)
151
self.failUnlessHasIdentifiers(
152
msg, message.IDENTIFIER_SELECT, message.IDENTIFIER_SELECT)
154
class TestAuthRequestOpenID1(TestAuthRequestMixin, unittest.TestCase):
155
preferred_namespace = message.OPENID1_NS
157
def setUpEndpoint(self):
158
TestAuthRequestBase.setUpEndpoint(self)
159
self.endpoint.preferred_namespace = message.OPENID1_NS
161
def failUnlessHasIdentifiers(self, msg, op_specific_id, claimed_id):
162
"""Make sure claimed_is is *absent* in request."""
163
self.failUnlessOpenIDValueEquals(msg, 'identity', op_specific_id)
164
self.failIfOpenIDKeyExists(msg, 'claimed_id')
166
def failUnlessIdentifiersPresent(self, msg):
167
self.failIfOpenIDKeyExists(msg, 'claimed_id')
168
self.failUnless(msg.hasKey(message.OPENID_NS, 'identity'))
170
def failUnlessHasRealm(self, msg):
171
# check presence of proper realm key and absence of the wrong
173
self.failUnlessOpenIDValueEquals(msg, 'trust_root', self.realm)
174
self.failIfOpenIDKeyExists(msg, 'realm')
178
def test_setAnonymousFailsForOpenID1(self):
179
"""OpenID 1 requests MUST NOT be able to set anonymous to True"""
180
self.failUnless(self.authreq.message.isOpenID1())
181
self.failUnlessRaises(ValueError, self.authreq.setAnonymous, True)
182
self.authreq.setAnonymous(False)
184
def test_identifierSelect(self):
185
"""Identfier select SHOULD NOT be sent, but this pathway is in
186
here in case some special discovery stuff is done to trigger
187
it with OpenID 1. If it is triggered, it will send
188
identifier_select just like OpenID 2.
190
self.endpoint.is_op_identifier = True
191
msg = self.authreq.getMessage(self.realm, self.return_to,
193
self.failUnlessHasRequiredFields(msg)
194
self.failUnlessEqual(message.IDENTIFIER_SELECT,
195
msg.getArg(message.OPENID1_NS, 'identity'))
197
class TestAuthRequestOpenID1Immediate(TestAuthRequestOpenID1):
199
expected_mode = 'checkid_immediate'
201
class TestAuthRequestOpenID2Immediate(TestAuthRequestOpenID2):
203
expected_mode = 'checkid_immediate'
205
if __name__ == '__main__':