openstack/deb-python-oauth2client
Code Issues Proposed changes
Files
ce7c1bb18f558417d17e508a4c7c005ac7ca1853
deb-python-oauth2client/tests/test_crypt.py
Danny Hermes 3b3aeb65d7 Factoring out conditional code from crypt.py. 
Until now, code that depended on PyCrypto or OpenSSL was
defined conditionally (e.g. indented) in `crypt.py`. Rather than
grouping all these together, we factor out the library specific
behavior into standalone modules (but make the modules
private / protected).

In addition, added a `_helpers.py` module with common behavior
that was previously defined in multiple places.

Finally, beefed up some test cases so that the three newly added
modules had 100% test coverage.

Towards #212.
2015-07-13 13:46:53 -07:00

122 lines
3.9 KiB
Python
Raw Blame History

# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import mock
import os
import sys
import unittest
try:
reload
except NameError:
# For Python3 (though importlib should be used, silly 3.3).
from imp import reload
from oauth2client import _helpers
from oauth2client.client import HAS_OPENSSL
from oauth2client.client import SignedJwtAssertionCredentials
from oauth2client import crypt
def datafile(filename):
f = open(os.path.join(os.path.dirname(__file__), 'data', filename), 'rb')
data = f.read()
f.close()
return data
class Test_pkcs12_key_as_pem(unittest.TestCase):
def _make_signed_jwt_creds(self, private_key_file='privatekey.p12',
private_key=None):
private_key = private_key or datafile(private_key_file)
return SignedJwtAssertionCredentials(
'some_account@example.com',
private_key,
scope='read+write',
sub='joe@example.org')
def _succeeds_helper(self, password=None):
self.assertEqual(True, HAS_OPENSSL)
credentials = self._make_signed_jwt_creds()
if password is None:
password = credentials.private_key_password
pem_contents = crypt.pkcs12_key_as_pem(credentials.private_key, password)
pkcs12_key_as_pem = datafile('pem_from_pkcs12.pem')
pkcs12_key_as_pem = _helpers._parse_pem_key(pkcs12_key_as_pem)
alternate_pem = datafile('pem_from_pkcs12_alternate.pem')
self.assertTrue(pem_contents in [pkcs12_key_as_pem, alternate_pem])
def test_succeeds(self):
self._succeeds_helper()
def test_succeeds_with_unicode_password(self):
password = u'notasecret'
self._succeeds_helper(password)
def test_without_openssl(self):
import imp
imp_find_module = imp.find_module
orig_sys_path = sys.path
def find_module(module_name):
raise ImportError('No module named %s' % module_name)
try:
for m in list(sys.modules):
if m.startswith('OpenSSL'):
sys.modules.pop(m)
sys.path = []
imp.find_module = find_module
reload(crypt)
self.assertRaises(NotImplementedError, crypt.pkcs12_key_as_pem,
'FOO', 'BAR')
finally:
sys.path = orig_sys_path
imp.find_module = imp_find_module
import OpenSSL.crypto
reload(crypt)
def test_without_openssl_crypto(self):
import imp
imp_find_module = imp.find_module
orig_sys_path = sys.path
orig_isfile = os.path.isfile
openssl_module = imp.find_module('OpenSSL')
def find_module(module_name):
if module_name == 'OpenSSL':
return openssl_module
raise ImportError('No module named %s' % module_name)
try:
for m in list(sys.modules):
if m.startswith('OpenSSL'):
sys.modules.pop(m)
sys.path = []
imp.find_module = find_module
os.path.isfile = lambda filename: False
reload(crypt)
self.assertRaises(NotImplementedError, crypt.pkcs12_key_as_pem,
'FOO', 'BAR')
finally:
sys.path = orig_sys_path
imp.find_module = imp_find_module
os.path.isfile = orig_isfile
import OpenSSL.crypto
reload(crypt)
def test_with_nonsense_key(self):
from OpenSSL import crypto
credentials = self._make_signed_jwt_creds(private_key=b'NOT_A_KEY')
self.assertRaises(crypto.Error, crypt.pkcs12_key_as_pem,
credentials.private_key, credentials.private_key_password)
View Git Blame Copy Permalink