diff options
| author | Lars Wirzenius <liw@liw.fi> | 2017-04-16 10:34:07 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2017-04-16 10:34:07 +0300 |
| commit | f558a1d1f2494ebc6e122547602c8c6fce0ef487 (patch) | |
| tree | bc39f0a80da6ee5b136b4d87f415bddac6e4d582 | |
| parent | 94c85cdb98945f475cc5db7b8869357f75c7ff43 (diff) | |
| download | distixapi-f558a1d1f2494ebc6e122547602c8c6fce0ef487.tar.gz | |
Implement get_credentials
| -rw-r--r-- | distixapi/authn.py | 16 | ||||
| -rw-r--r-- | distixapi/authn_tests.py | 22 |
2 files changed, 37 insertions, 1 deletions
diff --git a/distixapi/authn.py b/distixapi/authn.py index 53816b6..a7fbbcf 100644 --- a/distixapi/authn.py +++ b/distixapi/authn.py @@ -1,6 +1,9 @@ # Functions for checking authantication for API clients. +import base64 + + def get_credentials(request): '''Return username, password of API client. @@ -9,8 +12,19 @@ def get_credentials(request): ''' - raise AuthenticationError('No Authorization header') + header = request.get_header('Authorization') + if header is None: + raise AuthenticationError('No Authorization header') + + words = header.split() + if len(words) == 0: + raise AuthenticationError('Authorization header has no value') + + if len(words) != 2 or words[0].lower() != 'basic': + raise AuthenticationError('Authorization header is not for Basic Auth') + decoded = base64.b64decode(words[1]) + return decoded.split(':', 1) class AuthenticationError(Exception): diff --git a/distixapi/authn_tests.py b/distixapi/authn_tests.py index a32ccce..063b400 100644 --- a/distixapi/authn_tests.py +++ b/distixapi/authn_tests.py @@ -1,3 +1,4 @@ +import base64 import unittest import distixapi @@ -10,12 +11,33 @@ class GetCredentialsTests(unittest.TestCase): with self.assertRaises(distixapi.AuthenticationError): distixapi.get_credentials(request) + def test_raises_error_if_empty_Authentication_header(self): + request = DummyRequest() + request.add_header('Authorization', '') + with self.assertRaises(distixapi.AuthenticationError): + distixapi.get_credentials(request) + def test_raises_error_if_not_BasicAuth_header(self): request = DummyRequest() request.add_header('Authorization', 'Bearer token') with self.assertRaises(distixapi.AuthenticationError): distixapi.get_credentials(request) + def test_raises_error_if_no_BasicAuth_value(self): + request = DummyRequest() + request.add_header('Authorization', 'Basic') + with self.assertRaises(distixapi.AuthenticationError): + distixapi.get_credentials(request) + + def test_returns_username_password(self): + request = DummyRequest() + username = 'fooser' + password = 'secret' + value = base64.b64encode('{}:{}'.format(username, password)) + request.add_header('Authorization', 'Basic {}'.format(value)) + u, p = distixapi.get_credentials(request) + self.assertEqual(username, u) + self.assertEqual(password, p) class DummyRequest(object): |