Add some tests using tox

tests/dummy.py

@@ -0,0 +1,61 @@
+from cas_server import models
+
+class DummyUserManager(object):
+    def __init__(self, username, session_key):
+        self.username = username
+        self.session_key = session_key
+    def get(self, username=None, session_key=None):
+        if username == self.username and session_key == self.session_key:
+            return models.User(username=username, session_key=session_key)
+        else:
+            raise models.User.DoesNotExist()
+
+class DummyTicketManager(object):
+    def __init__(self, ticket_class, service, ticket):
+        self.ticket_class = ticket_class
+        self.service = service
+        self.ticket = ticket
+
+    def create(self, **kwargs):
+        for field in models.ServiceTicket._meta.fields:
+            field.allow_unsaved_instance_assignment = True
+        return self.ticket_class(**kwargs)
+
+    def filter(self, *args, **kwargs):
+        return DummyQuerySet()
+
+    def get(self, **kwargs):
+        if 'value' in kwargs:
+            if kwargs['value'] != self.ticket:
+                raise self.ticket_class.DoesNotExist()
+        else:
+            kwargs['value'] = self.ticket
+        
+        if 'service' in kwargs:
+            if kwargs['service'] != self.service:
+                raise self.ticket_class.DoesNotExist()
+        else:
+            kwargs['service'] = self.service
+        if not 'user' in kwargs:
+            kwargs['user'] = models.User(username="test")
+        
+        for field in models.ServiceTicket._meta.fields:
+            field.allow_unsaved_instance_assignment = True
+        for key in kwargs.keys():
+            if '__' in key:
+                del kwargs[key]
+        kwargs['attributs'] = {'mail': 'test@example.com'}
+        kwargs['service_pattern'] = models.ServicePattern()
+        return self.ticket_class(**kwargs)
+
+
+
+class DummySession(dict):
+    session_key = "test_session"
+
+    def set_expiry(self, int):
+        pass
+
+
+class DummyQuerySet(set):
+    pass

tests/init.py

@@ -0,0 +1,32 @@
+import django
+from django.conf import settings
+from django.contrib import messages
+
+settings.configure()
+settings.STATIC_URL = "/static/"
+settings.DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': '/dev/null',
+    }
+}
+settings.INSTALLED_APPS = (
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'bootstrap3',
+    'cas_server',
+)
+
+settings.ROOT_URLCONF = "/"
+settings.CAS_AUTH_CLASS = 'cas_server.auth.TestAuthUser'
+
+try:
+    django.setup()
+except AttributeError:
+    pass
+messages.add_message = lambda x,y,z:None
+

tests/test_validate_service.py

@@ -0,0 +1,93 @@
+from __future__ import absolute_import
+from .init import *
+
+from django.test import RequestFactory
+
+import os
+import pytest
+from lxml import etree
+from cas_server.views import ValidateService
+from cas_server import models
+
+from .dummy import *
+
+@pytest.mark.django_db
+def test_validate_service_view_ok():
+    factory = RequestFactory()
+    request = factory.get('/serviceValidate?ticket=ST-random&service=https://www.example.com')
+
+    request.session = DummySession()
+
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+    models.ServiceTicket.save = lambda x:None
+
+    validate = ValidateService()
+    validate.allow_proxy_ticket = False
+    response = validate.get(request)
+
+    assert response.status_code == 200
+
+    root = etree.fromstring(response.content)
+    users = root.xpath("//cas:user", namespaces={'cas': "http://www.yale.edu/tp/cas"})
+
+    assert len(users) == 1
+    assert users[0].text == "test"
+
+    attributes = root.xpath("//cas:attributes", namespaces={'cas': "http://www.yale.edu/tp/cas"})
+
+    assert len(attributes) == 1
+    
+    attrs = {}
+    for attr in attributes[0]:
+        attrs[attr.tag[len("http://www.yale.edu/tp/cas")+2:]]=attr.text
+
+    assert 'mail' in attrs
+    assert attrs['mail'] == 'test@example.com'
+
+
+
+@pytest.mark.django_db
+def test_validate_service_view_badservice():
+    factory = RequestFactory()
+    request = factory.get('/serviceValidate?ticket=ST-random&service=https://www.example1.com')
+
+    request.session = DummySession()
+
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example2.com', "ST-random")
+    models.ServiceTicket.save = lambda x:None
+
+    validate = ValidateService()
+    validate.allow_proxy_ticket = False
+    response = validate.get(request)
+
+    assert response.status_code == 200
+
+    root = etree.fromstring(response.content)
+
+    error = root.xpath("//cas:authenticationFailure", namespaces={'cas': "http://www.yale.edu/tp/cas"})
+    
+    assert len(error) == 1
+    assert error[0].attrib['code'] == 'INVALID_SERVICE'
+
+@pytest.mark.django_db
+def test_validate_service_view_badticket():
+    factory = RequestFactory()
+    request = factory.get('/serviceValidate?ticket=ST-random1&service=https://www.example.com')
+
+    request.session = DummySession()
+
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random2")
+    models.ServiceTicket.save = lambda x:None
+
+    validate = ValidateService()
+    validate.allow_proxy_ticket = False
+    response = validate.get(request)
+
+    assert response.status_code == 200
+
+    root = etree.fromstring(response.content)
+
+    error = root.xpath("//cas:authenticationFailure", namespaces={'cas': "http://www.yale.edu/tp/cas"})
+    
+    assert len(error) == 1
+    assert error[0].attrib['code'] == 'INVALID_TICKET'

tests/test_views_auth.py

@@ -0,0 +1,49 @@
+from __future__ import absolute_import
+from .init import *
+
+from django.test import RequestFactory
+
+import os
+import pytest
+
+from cas_server.views import Auth
+from cas_server import models
+
+from .dummy import *
+
+settings.CAS_AUTH_SHARED_SECRET = "test"
+
+@pytest.mark.django_db
+def test_auth_view_goodpass():
+    factory = RequestFactory()
+    request = factory.post('/auth', {'username':'test', 'password':'test', 'service':'https://www.example.com', 'secret':'test'})
+
+    request.session = DummySession()
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+    models.ServicePattern.validate = classmethod(lambda x,y: models.ServicePattern())
+
+    auth = Auth()
+    response = auth.post(request)
+
+    assert response.status_code == 200
+    assert response.content == "yes\n"
+
+
+def test_auth_view_badpass():
+    factory = RequestFactory()
+    request = factory.post('/auth', {'username':'test', 'password':'badpass', 'service':'https://www.example.com', 'secret':'test'})
+
+    request.session = DummySession()
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+    models.ServicePattern.validate = classmethod(lambda x,y: models.ServicePattern())
+
+    auth = Auth()
+    response = auth.post(request)
+
+    assert response.status_code == 200
+    assert response.content == "no\n"
+

tests/test_views_login.py

@@ -0,0 +1,170 @@
+from __future__ import absolute_import
+from .init import *
+
+from django.test import RequestFactory
+
+import os
+import pytest
+
+from cas_server.views import LoginView
+from cas_server import models
+
+from .dummy import *
+
+
+
+def test_login_view_post_goodpass_goodlt():
+    factory = RequestFactory()
+    request = factory.post('/login', {'username':'test', 'password':'test', 'lt':'LT-random'})
+    request.session = DummySession()
+
+    request.session['lt'] = 'LT-random'
+
+    request.session["username"] = os.urandom(20)
+    request.session["warn"] = os.urandom(20)
+
+    login = LoginView()
+    login.init_post(request)
+
+    ret = login.process_post(pytest=True)
+
+    assert ret == LoginView.USER_LOGIN_OK
+    assert request.session.get("authenticated") == True
+    assert request.session.get("username") == "test"
+    assert request.session.get("warn") == False
+
+def test_login_view_post_badlt():
+    factory = RequestFactory()
+    request = factory.post('/login', {'username':'test', 'password':'test', 'lt':'LT-random1'})
+    request.session = DummySession()
+
+    request.session['lt'] = 'LT-random2'
+
+    authenticated = os.urandom(20)
+    username = os.urandom(20)
+    warn = os.urandom(20)
+
+    request.session["authenticated"] = authenticated
+    request.session["username"] = username
+    request.session["warn"] = warn
+
+    login = LoginView()
+    login.init_post(request)
+
+    ret = login.process_post(pytest=True)
+
+    assert ret == LoginView.INVALID_LOGIN_TICKET
+    assert request.session.get("authenticated") == authenticated
+    assert request.session.get("username") == username
+    assert request.session.get("warn") == warn
+
+def test_login_view_post_badpass_good_lt():
+    factory = RequestFactory()
+    request = factory.post('/login', {'username':'test', 'password':'badpassword', 'lt':'LT-random'})
+    request.session = DummySession()
+
+    request.session['lt'] = 'LT-random'
+
+    login = LoginView()
+    login.init_post(request)
+    ret = login.process_post()
+
+    assert ret == LoginView.USER_LOGIN_FAILURE
+    assert not request.session.get("authenticated")
+    assert not request.session.get("username")
+    assert not request.session.get("warn")
+
+
+def test_view_login_get_unauth():
+    factory = RequestFactory()
+    request = factory.post('/login')
+    request.session = DummySession()
+
+    login = LoginView()
+    login.init_get(request)
+    ret = login.process_get()
+
+    assert ret == LoginView.USER_NOT_AUTHENTICATED
+
+    login = LoginView()
+    response = login.get(request)
+
+    assert response.status_code == 200
+
+@pytest.mark.django_db
+def test_view_login_get_auth():
+    factory = RequestFactory()
+    request = factory.post('/login')
+    request.session = DummySession()
+
+    request.session["authenticated"] = True
+    request.session["username"] = "test"
+    request.session["warn"] = False
+
+    login = LoginView()
+    login.init_get(request)
+    ret = login.process_get()
+
+    assert ret == LoginView.USER_AUTHENTICATED
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+
+    login = LoginView()
+    response = login.get(request)
+
+    assert response.status_code == 200
+
+@pytest.mark.django_db
+def test_view_login_get_auth_service():
+    factory = RequestFactory()
+    request = factory.post('/login?service=https://www.example.com')
+    request.session = DummySession()
+
+    request.session["authenticated"] = True
+    request.session["username"] = "test"
+    request.session["warn"] = False
+
+    login = LoginView()
+    login.init_get(request)
+    ret = login.process_get()
+
+    assert ret == LoginView.USER_AUTHENTICATED
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    models.User.save = lambda x:None
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+    models.ServicePattern.validate = classmethod(lambda x,y: models.ServicePattern())
+    models.ServiceTicket.save = lambda x:None
+
+    login = LoginView()
+    response = login.get(request)
+
+    assert response.status_code == 302
+    assert response['Location'].startswith('https://www.example.com?ticket=ST-')
+
+@pytest.mark.django_db
+def test_view_login_get_auth_service_warn():
+    factory = RequestFactory()
+    request = factory.post('/login?service=https://www.example.com')
+    request.session = DummySession()
+
+    request.session["authenticated"] = True
+    request.session["username"] = "test"
+    request.session["warn"] = True
+
+    login = LoginView()
+    login.init_get(request)
+    ret = login.process_get()
+
+    assert ret == LoginView.USER_AUTHENTICATED
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    models.User.save = lambda x:None
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+    models.ServicePattern.validate = classmethod(lambda x,y: models.ServicePattern())
+    models.ServiceTicket.save = lambda x:None
+
+    login = LoginView()
+    response = login.get(request)
+
+    assert response.status_code == 200

tests/test_views_logout.py

@@ -0,0 +1,92 @@
+from __future__ import absolute_import
+from .init import *
+
+from django.test import RequestFactory
+
+import os
+import pytest
+
+from cas_server.views import LogoutView
+from cas_server import models
+
+from .dummy import *
+
+
+@pytest.mark.django_db
+def test_logout_view():
+    factory = RequestFactory()
+    request = factory.get('/logout')
+
+    request.session = DummySession()
+
+    request.session["authenticated"] = True
+    request.session["username"] = "test"
+    request.session["warn"] = False
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    dlist = [None]
+    models.User.delete = lambda x:dlist.pop()
+
+    logout = LogoutView()
+    response = logout.get(request)
+
+    assert response.status_code == 200
+    assert dlist == []
+    assert not request.session.get("authenticated")
+    assert not request.session.get("username")
+    assert not request.session.get("warn")
+
+
+@pytest.mark.django_db
+def test_logout_view_url():
+    factory = RequestFactory()
+    request = factory.get('/logout?url=https://www.example.com')
+
+    request.session = DummySession()
+
+    request.session["authenticated"] = True
+    request.session["username"] = "test"
+    request.session["warn"] = False
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    dlist = [None]
+    models.User.delete = lambda x:dlist.pop()
+
+    logout = LogoutView()
+    response = logout.get(request)
+
+    assert response.status_code == 302
+    assert response['Location'] == 'https://www.example.com'
+    assert dlist == []
+    assert not request.session.get("authenticated")
+    assert not request.session.get("username")
+    assert not request.session.get("warn")
+
+
+
+@pytest.mark.django_db
+def test_logout_view_service():
+    factory = RequestFactory()
+    request = factory.get('/logout?service=https://www.example.com')
+
+    request.session = DummySession()
+
+    request.session["authenticated"] = True
+    request.session["username"] = "test"
+    request.session["warn"] = False
+
+    models.User.objects = DummyUserManager(username="test", session_key=request.session.session_key)
+    dlist = [None]
+    models.User.delete = lambda x:dlist.pop()
+
+    logout = LogoutView()
+    response = logout.get(request)
+
+    assert response.status_code == 302
+    assert response['Location'] == 'https://www.example.com'
+    assert dlist == []
+    assert not request.session.get("authenticated")
+    assert not request.session.get("username")
+    assert not request.session.get("warn")
+
+

tests/test_views_validate.py

@@ -0,0 +1,61 @@
+from __future__ import absolute_import
+from .init import *
+
+from django.test import RequestFactory
+
+import os
+import pytest
+
+from cas_server.views import Validate
+from cas_server import models
+
+from .dummy import *
+
+@pytest.mark.django_db
+def test_validate_view_ok():
+    factory = RequestFactory()
+    request = factory.get('/validate?ticket=ST-random&service=https://www.example.com')
+
+    request.session = DummySession()
+
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+
+    validate = Validate()
+    response = validate.get(request)
+
+    assert response.status_code == 200
+    assert response.content == "yes\n"
+
+
+
+@pytest.mark.django_db
+def test_validate_view_badservice():
+    factory = RequestFactory()
+    request = factory.get('/validate?ticket=ST-random&service=https://www.example2.com')
+
+    request.session = DummySession()
+
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random")
+
+    validate = Validate()
+    response = validate.get(request)
+
+    assert response.status_code == 200
+    assert response.content == "no\n"
+
+
+
+@pytest.mark.django_db
+def test_validate_view_badticket():
+    factory = RequestFactory()
+    request = factory.get('/validate?ticket=ST-random2&service=https://www.example.com')
+
+    request.session = DummySession()
+
+    models.ServiceTicket.objects = DummyTicketManager(models.ServiceTicket, 'https://www.example.com', "ST-random1")
+
+    validate = Validate()
+    response = validate.get(request)
+
+    assert response.status_code == 200
+    assert response.content == "no\n"