Your IP : 216.73.216.172


Current Path : /lib/python3/dist-packages/certbot/tests/__pycache__/
Upload File :
Current File : //lib/python3/dist-packages/certbot/tests/__pycache__/auth_handler_test.cpython-38.pyc

U

�]%W�@s8dZddlZddlZddlZddlZddlZddlmZddlm	Z
ddlmZddlmZ
ddlmZddlmZddlmZdd	lmZdd
lmZdd	lmZGdd�dej�ZGd
d�dej�Zejddfdd�ZGdd�dej�ZGdd�dej�ZGdd�dej�Zdd�Zddd�Zedk�r4e� �dS)zTests for certbot.auth_handler.�N)�
challenges)�client)�messages)�errors)�achallenges)�
interfaces)�util)�	acme_utilc@s,eZdZdd�Zdd�Zdd�Zdd�Zd	S)
�ChallengeFactoryTestcCsHddlm}|ddtjdd�g�|_t�tjdtj	tjgdd�|_
dS)Nr��AuthHandlerZmock_key��key�test�F)�certbot.auth_handlerr�mock�Mock�handlerr	�
gen_authzrr�STATUS_PENDING�
CHALLENGES�authzr��selfr�r�A/usr/lib/python3/dist-packages/certbot/tests/auth_handler_test.py�setUps
�zChallengeFactoryTest.setUpcCs8|j�|jtdttj���}|�dd�|D�tj�dS)NrcSsg|]
}|j�qSr��chall��.0�achallrrr�
<listcomp>)sz1ChallengeFactoryTest.test_all.<locals>.<listcomp>)r�_challenge_factoryr�range�lenr	r�assertEqual�rZachallsrrr�test_all$s��zChallengeFactoryTest.test_allcCs0|j�|jdg�}|�dd�|D�tjg�dS)NrcSsg|]
}|j�qSrrr rrrr#/sz6ChallengeFactoryTest.test_one_http.<locals>.<listcomp>)rr$rr'r	�HTTP01r(rrr�
test_one_http+s
�z"ChallengeFactoryTest.test_one_httpcCs>t�tjdtjddd�gtjg�}|�tj|j	j
|dg�dS)NrrZunrecognized)r�typr)r	rrrrr�assertRaisesr�Errorrr$)rrrrr�test_unrecognized1s��z&ChallengeFactoryTest.test_unrecognizedN)�__name__�
__module__�__qualname__rr)r+r/rrrrr
s
r
c@s�eZdZdZdd�Zdd�Zdd�Zdd	�Zd
d�Zdd
�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd*d+�Zd,d-�Zd.d/�Zd0d1�Zd2d3�Zd4d5�Zd6d7�Zd8S)9�HandleAuthorizationsTestzmhandle_authorizations test.

    This tests everything except for all functions under _poll_challenges.

    cCs�ddlm}t��|_tj�|jtj	�tj�tjdd�tj
�tjdd�|_t
jg|jj_t|jj_tjt�dd�d	�|_tjtjd
�|_d|j_tjj|jj_||j|j|jg�|_t�tj�dS)NrrF�Zdebug_challengesZApacheConfigurator)�nameZ	file_pathZPEMr
)�spec�) rrrr�mock_display�zope�	component�provideUtilityrZIDisplay�IConfig�	MagicMock�	mock_authrr*�get_chall_pref�return_value�
gen_auth_resp�perform�side_effectrZKeyZmock_account�acme_clientZClient�mock_net�acme_versionZretry_afterr�logging�disableZCRITICALrrrrrBs0
�
�
�zHandleAuthorizationsTest.setUpcCst�tj�dS�N�rGrHZNOTSET�rrrr�tearDown[sz!HandleAuthorizationsTest.tearDownc	Cstdtj|d�}tj|gd�}tddd�|jj_t�	d���}|j
�|�}|�|jj
jd�|�|jjjd�|�|jjd�|�|jjdd	d	dk�|�|jjdd	d	d
k�|�|jjjd�|�|jjjd	d	d	jd�|�t|�d�W5QRXdS)N�0��domain�challs�combos�Zauthorizationsr7�)�retry�
wait_valuezcertbot.auth_handler.time�r��http-01)�gen_dom_authzrr	rrr=�_gen_mock_on_pollrE�pollrC�patchr�handle_authorizationsr'�answer_challenge�
call_count�sleep�
assertTrue�call_args_listr>�cleanup�	call_argsr,r&)rrQr�
mock_orderZ	mock_timerrr�_test_name1_http_01_1_common^s �z5HandleAuthorizationsTest._test_name1_http_01_1_commoncCs|jdd�dS�NT�rQ)rfrKrrr�test_name1_http_01_1_acme_1wsz4HandleAuthorizationsTest.test_name1_http_01_1_acme_1cCsd|j_|jdd�dS�NrVFrh)rErFrfrKrrr�test_name1_http_01_1_acme_2zsz4HandleAuthorizationsTest.test_name1_http_01_1_acme_2cCs�t�|jj_|jjj�tj	�t
dtjdd�}t
j|gd�}|j�|�}|�|jjjd�|�|jjjd�|�|jjjd�|jjjddD]}|�|jdk�q�|�t|�d�dS)	NrMFrNrRrVr7r)rXzdns-01)rZrEr[rCr>r?r@�appendr�DNS01rYr	rrr=rr]r'r^r_rcrdrar,r&)rrrer"rrr�!test_name1_http_01_1_dns_1_acme_1~sz:HandleAuthorizationsTest.test_name1_http_01_1_dns_1_acme_1cCs�d|j_t�|jj_|jjj�t	j
�tdtj
dd�}tj|gd�}|j�|�}|�|jjjd�|�|jjjd�|�|jjjd�|jjjdd}|�t|�d�|�|djd�|�t|�d�dS)	NrVrMFrNrRr7rrX)rErFrZr[rCr>r?r@rlrrmrYr	rrr=rr]r'r^r_rcrdr&r,)rrreZcleaned_up_achallsrrr�!test_name1_http_01_1_dns_1_acme_2�sz:HandleAuthorizationsTest.test_name1_http_01_1_dns_1_acme_2cCs�tjttj|d�|jj_tdtjd�tdtjd�tdtjd�g}tj	|d�}t
�|jj_|j�
|�}|�|jjjd�|�|jjjd�|�|jjjd�|�t|�d�dS)	N)rPrQrM�rOrP�1�2rRrWr7)�	functools�partialrYr	rrEZrequest_domain_challengesrCrr=rZr[rr]r'r^r_r>rcr&)rrQ�authzrsrerrrr�_test_name3_http_01_3_common�s ��z5HandleAuthorizationsTest._test_name3_http_01_3_commoncCs|jdd�dSrg)rvrKrrr�"test_name3_http_01_3_common_acme_1�sz;HandleAuthorizationsTest.test_name3_http_01_3_common_acme_1cCsd|j_|jdd�dSrj)rErFrvrKrrr�"test_name3_http_01_3_common_acme_2�sz;HandleAuthorizationsTest.test_name3_http_01_3_common_acme_2cCsttj�tjdd�tj�tdtj	d�g}tj
|d�}t�|jj
_|j�|�|�|jjjd�|�|jjjd�dS)NTr4rMrprRr7)r9r:r;rrrr<rYr	rr=rZrEr[rCrr]r'r^r_r8Znotification�rrurerrr�test_debug_challenges�s
�z.HandleAuthorizationsTest.test_debug_challengescCs@tdtjd�g}tj|d�}tj|jj_	|�
tj|jj|�dS�NrMrprR)
rYr	rrr=r�AuthorizationErrorr>rBrCr-rr]ryrrr�test_perform_failure�s�z-HandleAuthorizationsTest.test_perform_failurec	Csltdtjd�g}tj|d�}tdd�|jj_|�	t
j��}|j�
|dd�W5QRX|�dt|j�k�dS)	NrMrprRrV)rTFr7z0All authorizations were not finalized by the CA.)rYr	rrr=rZrEr[rCr-rr|rr]ra�str�	exception�rrure�errorrrr�test_max_retries_exceeded�sz2HandleAuthorizationsTest.test_max_retries_exceededcCs$tjgd�}|�tj|jj|�dS)NrR)rr=r-rr|rr])rrerrr�test_no_domains�sz(HandleAuthorizationsTest.test_no_domainscCs�tdtj|d�g}tj|d�}|jjj�t	j
�|jj�
t	j
jt	jjf�t�|jj_|j�|�|�|jjjd�|�|jjjdddjd�dS)NrMrNrRr7rrX)rYr	rrr=r>r?r@rlrr*r�pref_challs�extendr,rmrZrEr[rCr]r'rcr_rd�rrQrurerrr�'_test_preferred_challenge_choice_common�s��z@HandleAuthorizationsTest._test_preferred_challenge_choice_commoncCs|jdd�dSrg)r�rKrrr�-test_preferred_challenge_choice_common_acme_1�szFHandleAuthorizationsTest.test_preferred_challenge_choice_common_acme_1cCsd|j_|jdd�dSrj)rErFr�rKrrr�-test_preferred_challenge_choice_common_acme_2�szFHandleAuthorizationsTest.test_preferred_challenge_choice_common_acme_2cCsHtdtj|d�g}tj|d�}|jj�tj	j
�|�tj
|jj|�dS)NrMrNrR)rYr	rrr=rr�rlrrmr,r-rr|r]r�rrr�/_test_preferred_challenges_not_supported_commons�zHHandleAuthorizationsTest._test_preferred_challenges_not_supported_commoncCs|jdd�dSrg)r�rKrrr�.test_preferred_challenges_not_supported_acme_1szGHandleAuthorizationsTest.test_preferred_challenges_not_supported_acme_1cCsd|j_|jdd�dSrj)rErFr�rKrrr�.test_preferred_challenges_not_supported_acme_2
szGHandleAuthorizationsTest.test_preferred_challenges_not_supported_acme_2cCs6tdtjgd�g}tj|d�}|�tj|jj	|�dSr{)
rYr	rmrr=r-rr|rr]ryrrr�%test_dns_only_challenge_not_supporteds�z>HandleAuthorizationsTest.test_dns_only_challenge_not_supportedcCsttj|jj_tdtjdd�}tj	|gd�}|�
tj|jj|�|�
|jjjd�|�
|jjjdddjd�dS)NrMTrNrRr7rrX)rr|r>rBrCrYr	rrr=r-rr]r'rcr_rdr,�rrrerrr�test_perform_errors�z+HandleAuthorizationsTest.test_perform_errorcCsrtj|jj_tdtjd�g}tj	|d�}|�
tj|jj|�|�
|jjjd�|�
|jjjdddjd�dS)NrMrprRr7rrX)rr|rEr^rCrYr	rrr=r-rr]r'r>rcr_rdr,ryrrr�test_answer_errors��z*HandleAuthorizationsTest.test_answer_errorc
Cs�tdtjd�g}tj|d�}ttjd�|jj	_
t���,|�
tj��}|j�|d�W5QRXW5QRX|�dt|j�k�|�|jjjd�|�|jjjdddjd	�dS)
NrMrprR��statusFzSome challenges have failed.r7rrX)rYr	rrr=rZr�STATUS_INVALIDrEr[rC�	test_util�patch_get_utilityr-rr|rr]rar~rr'r>rcr_rdr,r�rrr�test_incomplete_authzr_error+s
"�z5HandleAuthorizationsTest.test_incomplete_authzr_errorc
Cs�dd�}tdtjd�tdtjd�g}||jj_tj|d�}t�d��}|j	�
|d�}W5QRX|�t|�d	�|�|j
d	�ttjd
�|jj_t���,|�tj��}|j	�
|d�W5QRXW5QRX|�dt|j�k�dS)NcSs2ttj�}ttj�}|jjjdkr*||�S||�S)zBThis mock will invalidate one authzr, and invalidate the other one�will-be-invalid)rZr�STATUS_VALIDr��body�
identifier�value)rZ
valid_mockZinvalid_mockrrr�_conditional_mock_on_poll9s


zLHandleAuthorizationsTest.test_best_effort.<locals>._conditional_mock_on_pollz
will-be-validrpr�rRz+certbot.auth_handler._report_failed_authzrsTr7r�zAll challenges have failed.)rYr	rrEr[rCrr=r\rr]r'r&r_rZrr�r�r�r-rr|rar~r)rr�rureZmock_reportZvalid_authzrr�rrr�test_best_effort8s
�

"z)HandleAuthorizationsTest.test_best_effortcCsxt�tjdtjgtjgd�}tj|gd�}|�tj	|j
j|�t�tjdtjgtjgd�}tj|gd�}|j
�|�dS)NrMFrR)
r	rrrrmrr=r-rr|rr]r�r�rrr�"test_validated_challenge_not_rerunYs,���z;HandleAuthorizationsTest.test_validated_challenge_not_reruncCs�dd�}dtjfdtjfdtjfg}dd�|D�}tj|d�}||jj_|j�	|�\}}|�
|jjjd	�|�
t|�d
�|�
t|�d
�|�
|dj
jjd�|�
|dj
jtj�|�
|dj
jjd�|�
|dj
jtj�dS)
z�When we deactivate valid authzrs in an orderr, we expect them to become deactivated
        and to receive a list of deactivated authzrs in return.cSsR|jjtjkrD|jjjdkr&t�d��|jjtj	d�}tj
|d�}n
t�d��|S)N�is_valid_but_will_failzMock deactivation ACME errorr�)r�z Can't deactivate non-valid authz)r�r�rr�r�r��acme_errorsr.�update�STATUS_DEACTIVATEDZAuthorizationResourcer)rZauthzbrrr�_mock_deactivateqs

zQHandleAuthorizationsTest.test_valid_authzrs_deactivated.<locals>._mock_deactivateZis_validZ
is_pendingr�c	Ss0g|](}t�|d|dtjg|ddg��qS)r7rF)r	rr*)r!�arrrr#s�
�zKHandleAuthorizationsTest.test_valid_authzrs_deactivated.<locals>.<listcomp>rRrVr7rN)rr�rrr=rEZdeactivate_authorizationrCrZdeactivate_valid_authorizationsr'r_r&r�r�r�r�r�)rr�Z
to_deactivateZorderrruZfailedrrr�test_valid_authzrs_deactivatedns$
��
z7HandleAuthorizationsTest.test_valid_authzrs_deactivatedN)r0r1r2�__doc__rrLrfrirkrnrorvrwrxrzr}r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrr3;s8
	
!r3r7csd|i����fdd�}|S)N�countcsv�dd�d<�ddkr �ntj}t�||jjjdd�|jjD�|gt|jj�|jj	�}|t
jdt��id�fS)Nr�r7rcSsg|]
}|j�qSrr)r!�challbrrrr#�sz4_gen_mock_on_poll.<locals>._mock.<locals>.<listcomp>zRetry-After)Zheaders)
rrr	rr�r�r�rr&�combinationsrr=r~)rZeffective_statusZupdated_azr��stater�rUrr�_mock�s�z _gen_mock_on_poll.<locals>._mockr)r�rTrUr�rr�rrZ�s
rZc@s eZdZdZdd�Zdd�ZdS)�ChallbToAchallTestz0Tests for certbot.auth_handler.challb_to_achall.cCsddlm}||dd�S)Nr)�challb_to_achall�account_keyrO)rr�)rr�r�rrr�_call�szChallbToAchallTest._callcCs&|�|�tj�tjtjddd��dS)Nr�rO)r�r�rO)r'r�r	�HTTP01_PrZ"KeyAuthorizationAnnotatedChallengerKrrr�test_it�s
��zChallbToAchallTest.test_itN)r0r1r2r�r�r�rrrrr��sr�c@s<eZdZdZdd�Zdd�Zedd��Zdd	�Zd
d�Z	dS)
�GenChallengePathTestz�Tests for certbot.auth_handler.gen_challenge_path.

    .. todo:: Add more tests for dumb_path... depending on what we want to do.

    cCst�tj�dSrI)rGrHZFATALrKrrrr�szGenChallengePathTest.setUpcCst�tj�dSrIrJrKrrrrL�szGenChallengePathTest.tearDowncCsddlm}||||�S)Nr)�gen_challenge_path)rr�)�cls�challbsZpreferencesr�r�rrrr��szGenChallengePathTest._callcCs�tjtjf}tjtjg}d}|�|�|||�d�|�|�||d��|�|�|ddd�||�d�|�|�|ddd�|d��dS)z/Given DNS01 and HTTP01 with appropriate combos.)�r�r7r�N���r�)	r	�DNS01_Pr�rrmr*r'r�ra�rr�ZprefsrQrrr�test_common_case�s z%GenChallengePathTest.test_common_casecCsHtjtjf}tjg}d}|�tj|j|||�|�tj|j||d�dS)N))rr7)	r	r�r�rr*r-rr|r�r�rrr�test_not_supported�s"��z'GenChallengePathTest.test_not_supportedN)
r0r1r2r�rrL�classmethodr�r�r�rrrrr��s

r�c@s8eZdZdZdd�Ze��dd��Ze��dd��ZdS)	�ReportFailedAuthzrsTestz6Tests for certbot.auth_handler._report_failed_authzrs.cCs�tjdtjtjjddd�d�}|�|djdk	�tjf|�}tj|d<tjf|�}t	�
�|_d|jjj
_||g|jj_tjd	dd
�|d<tjf|�}t	�
�|_d|jjj
_|g|jj_dS)N�uriZtls�detail)r�)rr�r�r�r�rzexample.comZdnssec)r,r�zfoo.bar)r	r*rr�r.Z	with_coderaZdescriptionZ
ChallengeBodyrr=�authzr1r�r�r�r�authzr2)r�kwargsZhttp_01Zhttp_01_diffrrrr�s"�


zReportFailedAuthzrsTest.setUpcCsVddlm}|�|jgd�|�jj}|�t|�dk�|�d|dddk�dS)Nr��auth_handlerrr7z.Domain: example.com
Type:   tls
Detail: detail)�certbotr��_report_failed_authzrsr��add_messagerbrar&)r�	mock_zoper�Z	call_listrrr�test_same_error_and_domain�s

z2ReportFailedAuthzrsTest.test_same_error_and_domaincCs8ddlm}|�|j|jgd�|�|�jjdk�dS)Nrr�rrV)r�r�r�r�r�rar�r_)rr�r�rrr�!test_different_errors_and_domainssz9ReportFailedAuthzrsTest.test_different_errors_and_domainsN)	r0r1r2r�rr�r�r�r�rrrrr��s
r�cCsdd�|D�S)z(Generate a dummy authorization response.cSsg|]}d|jj|jf�qS)z%s%s)�	__class__r0rO)r!rrrrr#
s�z!gen_auth_resp.<locals>.<listcomp>r)Z
chall_listrrrrAs�rATcCs t�tj||tjgt|�|�S)z!Generates new authzr for domains.)r	rrrr&rNrrrrYs�rY�__main__)T)!r�rsrGZunittestrZzope.componentr9ZacmerrrDrrr�r�rrrZ
certbot.testsr	r�ZTestCaser
r3r�rZr�r�r�rArYr0�mainrrrr�<module>s6$W+0