github.com/dustinrc/deis@v1.10.1-0.20150917223407-0894a5fb979e/controller/api/tests/test_key.py (about) 1 # -*- coding: utf-8 -*- 2 """ 3 Unit tests for the Deis api app. 4 5 Run the tests with "./manage.py test api" 6 """ 7 8 from __future__ import unicode_literals 9 10 import json 11 12 from django.contrib.auth.models import User 13 from django.test import TestCase 14 from rest_framework.authtoken.models import Token 15 16 from api.models import Key 17 from api.utils import fingerprint 18 19 20 RSA_PUBKEY = ( 21 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfQkkUUoxpvcNMkvv7jqnfodgs37M2eBO" 22 "APgLK+KNBMaZaaKB4GF1QhTCMfFhoiTW3rqa0J75bHJcdkoobtTHlK8XUrFqsquWyg3XhsT" 23 "Yr/3RQQXvO86e2sF7SVDJqVtpnbQGc5SgNrHCeHJmf5HTbXSIjCO/AJSvIjnituT/SIAMGe" 24 "Bw0Nq/iSltwYAek1hiKO7wSmLcIQ8U4A00KEUtalaumf2aHOcfjgPfzlbZGP0S0cuBwSqLr" 25 "8b5XGPmkASNdUiuJY4MJOce7bFU14B7oMAy2xacODUs1momUeYtGI9T7X2WMowJaO7tP3Gl" 26 "sgBMP81VfYTfYChAyJpKp2yoP autotest@autotesting comment" 27 ) 28 29 RSA_PUBKEY2 = ( 30 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4xELdubosJ2/bQuiSUyWclVVa71pXpmq" 31 "aXTwfau/XFLgD5yE+TOFbVT22xvEr4AwZqS9w0TBMp4RLfi4pTdjoIK+lau2lDMuEpbF4xg" 32 "PWAveAqKuLcKJbJrZQdo5VWn5//7+M1RHQCPqjeN2iS9I3C8yiPg3mMPT2mKuyZYB9VD3hK" 33 "mhT4xRAsS6vfKZr7CmFHgAmRBqdaU1RetR5nfTj0R5yyAv7Z2BkE8UhUAseFZ0djBs6kzjs" 34 "5ddgM4Gv2Zajs7qVvpVPzZpq3vFB16Q5TMj2YtoYF6UZFFf4u/4KAW8xfYJAFdpNsvh279s" 35 "dJS08nTeElUg6pn83A3hqWX+J testing" 36 ) 37 38 ECDSA_PUBKEY = ( 39 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAAB" 40 "BBCGB0x9lmubbLJTF5NekCI0Cgjyip6jJh/t/qQQi1LAZisbREBJ8Wy+hwSn3tnbf/Imh9X" 41 "+MQnrrza0jaQ3QUAQ= autotest@autotesting comment" 42 ) 43 44 ECDSA_PUBKEY2 = ( 45 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAAB" 46 "BBK6Vbpuk4DjPtIcPUw0L2j1ahuRMItM5IZzi0kU0xCNVSSFtF21yEqLMOzdJOQYKCgaGzl" 47 "pSPf7VWhYbJ753csQ= testing" 48 ) 49 50 BAD_KEY = ( 51 "ssh-rsa foo_bar" 52 ) 53 54 55 class KeyTest(TestCase): 56 57 """Tests cloud provider credentials""" 58 59 fixtures = ['tests.json'] 60 61 def setUp(self): 62 self.user = User.objects.get(username='autotest') 63 self.token = Token.objects.get(user=self.user).key 64 65 def _check_key(self, pubkey): 66 """ 67 Test that a user can add, remove and manage their SSH public keys 68 """ 69 url = '/v1/keys' 70 body = {'id': 'mykey@box.local', 'public': pubkey} 71 response = self.client.post(url, json.dumps(body), content_type='application/json', 72 HTTP_AUTHORIZATION='token {}'.format(self.token)) 73 self.assertEqual(response.status_code, 201) 74 key_id = response.data['id'] 75 response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 76 self.assertEqual(response.status_code, 200) 77 self.assertEqual(len(response.data['results']), 1) 78 url = '/v1/keys/{key_id}'.format(**locals()) 79 response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 80 self.assertEqual(response.status_code, 200) 81 self.assertEqual(body['id'], response.data['id']) 82 self.assertEqual(body['public'], response.data['public']) 83 response = self.client.delete(url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 84 self.assertEqual(response.status_code, 204) 85 86 def _check_bad_key(self, pubkey): 87 """ 88 Test that a user cannot add invalid SSH public keys 89 """ 90 url = '/v1/keys' 91 body = {'id': 'mykey@box.local', 'public': pubkey} 92 response = self.client.post(url, json.dumps(body), content_type='application/json', 93 HTTP_AUTHORIZATION='token {}'.format(self.token)) 94 self.assertEqual(response.status_code, 400) 95 return response 96 97 def test_rsa_key(self): 98 self._check_key(RSA_PUBKEY) 99 100 def test_ecdsa_key(self): 101 self._check_key(ECDSA_PUBKEY) 102 103 def test_bad_key(self): 104 response = self._check_bad_key(BAD_KEY) 105 self.assertEqual(response.data, {'public': ['Incorrect padding']}) 106 107 def _check_duplicate_key(self, pubkey, pubkey2): 108 """ 109 Test that a user cannot add a duplicate key 110 """ 111 url = '/v1/keys' 112 body = {'id': 'mykey@box.local', 'public': pubkey} 113 response = self.client.post(url, json.dumps(body), content_type='application/json', 114 HTTP_AUTHORIZATION='token {}'.format(self.token)) 115 self.assertEqual(response.status_code, 201) 116 response = self.client.post(url, json.dumps(body), content_type='application/json', 117 HTTP_AUTHORIZATION='token {}'.format(self.token)) 118 self.assertEqual(response.status_code, 400) 119 # test that adding a key with the same fingerprint fails 120 body = {'id': 'mykey2@box.local', 'public': pubkey} 121 response = self.client.post(url, json.dumps(body), content_type='application/json', 122 HTTP_AUTHORIZATION='token {}'.format(self.token)) 123 self.assertEqual(response.status_code, 400) 124 body = {'id': 'mykey2@box.local', 'public': pubkey2} 125 response = self.client.post(url, json.dumps(body), content_type='application/json', 126 HTTP_AUTHORIZATION='token {}'.format(self.token)) 127 self.assertEqual(response.status_code, 201) 128 129 def test_rsa_duplicate_key(self): 130 self._check_duplicate_key(RSA_PUBKEY, RSA_PUBKEY2) 131 132 def test_ecdsa_duplicate_key(self): 133 self._check_duplicate_key(ECDSA_PUBKEY, ECDSA_PUBKEY2) 134 135 def test_rsa_key_str(self): 136 """Test the text representation of a key""" 137 url = '/v1/keys' 138 body = {'id': 'autotest', 'public': 139 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDzqPAwHN70xsB0LXG//KzO' 140 'gcPikyhdN/KRc4x3j/RA0pmFj63Ywv0PJ2b1LcMSqfR8F11WBlrW8c9xFua0' 141 'ZAKzI+gEk5uqvOR78bs/SITOtKPomW4e/1d2xEkJqOmYH30u94+NZZYwEBqY' 142 'aRb34fhtrnJS70XeGF0RhXE5Qea5eh7DBbeLxPfSYd8rfHgzMSb/wmx3h2vm' 143 'HdQGho20pfJktNu7DxeVkTHn9REMUphf85su7slTgTlWKq++3fASE8PdmFGz' 144 'b6PkOR4c+LS5WWXd2oM6HyBQBxxiwXbA2lSgQxOdgDiM2FzT0GVSFMUklkUH' 145 'MdsaG6/HJDw9QckTS0vN autotest@deis.io'} 146 response = self.client.post(url, json.dumps(body), content_type='application/json', 147 HTTP_AUTHORIZATION='token {}'.format(self.token)) 148 self.assertEqual(response.status_code, 201) 149 key = Key.objects.get(uuid=response.data['uuid']) 150 self.assertEqual(str(key), 'ssh-rsa AAAAB3NzaC.../HJDw9QckTS0vN autotest@deis.io') 151 152 def test_rsa_key_fingerprint(self): 153 fp = fingerprint(RSA_PUBKEY) 154 self.assertEquals(fp, '54:6d:da:1f:91:b5:2b:6f:a2:83:90:c4:f9:73:76:f5') 155 156 def test_key_api_with_non_superuser_rsa(self): 157 self.user = User.objects.get(username='autotest2') 158 self.token = self.user.auth_token.key 159 self._check_key(RSA_PUBKEY) 160 161 def test_key_api_with_non_superuser_ecdsa(self): 162 self.user = User.objects.get(username='autotest2') 163 self.token = self.user.auth_token.key 164 self._check_key(ECDSA_PUBKEY)