OLD | NEW |
(Empty) | |
| 1 # Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 # Use of this source code is govered by a BSD-style |
| 3 # license that can be found in the LICENSE file or at |
| 4 # https://developers.google.com/open-source/licenses/bsd |
| 5 |
| 6 """Tests for XSRF utility functions.""" |
| 7 |
| 8 import time |
| 9 import unittest |
| 10 |
| 11 from google.appengine.ext import testbed |
| 12 |
| 13 import settings |
| 14 from framework import xsrf |
| 15 |
| 16 |
| 17 class XsrfTest(unittest.TestCase): |
| 18 """Set of unit tests for blocking XSRF attacks.""" |
| 19 |
| 20 def setUp(self): |
| 21 self.testbed = testbed.Testbed() |
| 22 self.testbed.activate() |
| 23 self.testbed.init_memcache_stub() |
| 24 self.testbed.init_datastore_v3_stub() |
| 25 |
| 26 def testGenerateToken_AnonUserGetsNoToken(self): |
| 27 self.assertEqual('', xsrf.GenerateToken(0L, '/path')) |
| 28 |
| 29 def testGenerateToken_DifferentUsersGetDifferentTokens(self): |
| 30 self.assertNotEqual( |
| 31 xsrf.GenerateToken(111L, '/path'), |
| 32 xsrf.GenerateToken(222L, '/path')) |
| 33 |
| 34 def testGenerateToken_DifferentPathsGetDifferentTokens(self): |
| 35 self.assertNotEqual( |
| 36 xsrf.GenerateToken(111L, '/path/one'), |
| 37 xsrf.GenerateToken(111L, '/path/two')) |
| 38 |
| 39 def testGenerateToken_DifferentTimesGetDifferentTokens(self): |
| 40 test_time = int(time.time()) |
| 41 self.assertNotEqual( |
| 42 xsrf.GenerateToken(111L, '/path', token_time=test_time), |
| 43 xsrf.GenerateToken(111L, '/path', token_time=test_time + 1)) |
| 44 |
| 45 def testValidToken(self): |
| 46 token = xsrf.GenerateToken(111L, '/path') |
| 47 xsrf.ValidateToken(token, 111L, '/path') # no exception raised |
| 48 |
| 49 def testMalformedToken(self): |
| 50 self.assertRaises( |
| 51 xsrf.TokenIncorrect, |
| 52 xsrf.ValidateToken, 'bad', 111L, '/path') |
| 53 self.assertRaises( |
| 54 xsrf.TokenIncorrect, |
| 55 xsrf.ValidateToken, '', 111L, '/path') |
| 56 |
| 57 self.assertRaises( |
| 58 xsrf.TokenIncorrect, |
| 59 xsrf.ValidateToken, '098a08fe08b08c08a05e:9721973123', 111L, '/path') |
| 60 |
| 61 def testWrongUser(self): |
| 62 token = xsrf.GenerateToken(111L, '/path') |
| 63 self.assertRaises( |
| 64 xsrf.TokenIncorrect, |
| 65 xsrf.ValidateToken, token, 222L, '/path') |
| 66 |
| 67 def testWrongPath(self): |
| 68 token = xsrf.GenerateToken(111L, '/path/one') |
| 69 self.assertRaises( |
| 70 xsrf.TokenIncorrect, |
| 71 xsrf.ValidateToken, token, 111L, '/path/two') |
| 72 |
| 73 def testValidateToken_Expiration(self): |
| 74 test_time = int(time.time()) |
| 75 token = xsrf.GenerateToken(111L, '/path', token_time=test_time) |
| 76 xsrf.ValidateToken(token, 111L, '/path', now=test_time) |
| 77 xsrf.ValidateToken(token, 111L, '/path', now=test_time + 1) |
| 78 xsrf.ValidateToken( |
| 79 token, 111L, '/path', now=test_time + xsrf.TOKEN_TIMEOUT_SEC) |
| 80 |
| 81 self.assertRaises( |
| 82 xsrf.TokenIncorrect, |
| 83 xsrf.ValidateToken, token, 11L, '/path', |
| 84 now=test_time + xsrf.TOKEN_TIMEOUT_SEC + 1) |
| 85 |
| 86 |
| 87 if __name__ == '__main__': |
| 88 unittest.main() |
OLD | NEW |