]>
git.ipfire.org Git - thirdparty/pdns.git/blob - regression-tests.api/test_TSIG.py
1 from __future__
import print_function
5 from copy
import deepcopy
6 from pprint
import pprint
7 from test_helper
import ApiTestCase
, unique_tsigkey_name
, is_auth
, is_recursor
, get_db_tsigkeys
9 class AuthTSIGHelperMixin(object):
10 def create_tsig_key(self
, name
=None, algorithm
='hmac-md5', key
=None):
12 name
= unique_tsigkey_name()
15 'algorithm': algorithm
,
18 payload
.update({'key': key
})
19 print("sending", payload
)
20 r
= self
.session
.post(
21 self
.url("/api/v1/servers/localhost/tsigkeys"),
22 data
=json
.dumps(payload
),
23 headers
={'content-type': 'application/json'})
24 self
.assert_success_json(r
)
25 self
.assertEquals(r
.status_code
, 201)
28 return name
, payload
, reply
31 @unittest.skipIf(not is_auth(), "Not applicable")
32 class AuthTSIG(ApiTestCase
, AuthTSIGHelperMixin
):
33 def test_create_key(self
):
35 Create a TSIG key that is generated by the server
37 name
, payload
, data
= self
.create_tsig_key()
38 for k
in ('id', 'name', 'algorithm', 'key', 'type'):
39 self
.assertIn(k
, data
)
41 self
.assertEquals(data
[k
], payload
[k
])
43 def test_create_key_with_key_data(self
):
45 Create a new key with the key data provided
47 key
= 'fn+BREHMDq0uWA1WbDwaoc2ne3rD973ySJ33ToJTfWY='
48 name
, payload
, data
= self
.create_tsig_key(key
=key
)
49 self
.assertEqual(data
['key'], key
)
51 def test_create_key_with_hmacsha512(self
):
53 Have the server generate a key with the provided algorithm
55 algorithm
= 'hmac-sha512'
56 name
, payload
, data
= self
.create_tsig_key(algorithm
=algorithm
)
57 self
.assertEqual(data
['algorithm'], algorithm
)
59 def test_get_non_existing_key(self
):
61 Try to get get a key that does not exist
64 r
= self
.session
.get(self
.url(
65 "/api/v1/servers/localhost/tsigkeys/" + name
+ '.'),
66 headers
={'accept': 'application/json'})
67 self
.assert_error_json(r
)
68 self
.assertEqual(r
.status_code
, 404)
70 self
.assertIn('TSIG key with name \'' + name
+ '\' not found', newdata
['error'])
72 def test_remove_key(self
):
74 Create a key and attempt to delete it
76 name
, payload
, data
= self
.create_tsig_key()
77 r
= self
.session
.delete(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']))
78 self
.assertEqual(r
.status_code
, 204)
79 keys_from_db
= get_db_tsigkeys(name
)
80 self
.assertListEqual(keys_from_db
, [])
82 def test_put_key_change_name(self
):
84 Rename a key by PUTing a json with "name" set
86 name
, payload
, data
= self
.create_tsig_key()
90 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
91 data
=json
.dumps(payload
))
92 self
.assertEqual(r
.status_code
, 200)
94 self
.assertEqual(newdata
['name'], 'mynewkey')
96 # Check if the old key is removed
97 r
= self
.session
.get(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']))
98 self
.assertEqual(r
.status_code
, 404, "Old key was not removed!")
100 def test_put_key_change_key(self
):
102 Change the key by PUTing it
104 name
, payload
, data
= self
.create_tsig_key()
105 newkey
= 'l36TAJalAys0HeEfSM1rFzSmz9kSwfiBo3HNkL62COs='
109 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
110 data
=json
.dumps(payload
))
111 self
.assertEqual(r
.status_code
, 200)
113 self
.assertEqual(data
['key'], newkey
)
115 def test_put_key_change_algo(self
):
116 name
, payload
, data
= self
.create_tsig_key()
117 newalgo
= 'hmac-sha256'
121 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
122 data
=json
.dumps(payload
))
123 self
.assertEqual(r
.status_code
, 200)
125 self
.assertEqual(data
['algorithm'], newalgo
)
127 def test_put_non_existing_algo(self
):
128 name
, payload
, data
= self
.create_tsig_key()
130 'algorithm': 'foobar'
132 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
133 data
=json
.dumps(payload
))
134 self
.assertEqual(r
.status_code
, 422)
136 self
.assertIn('Unknown TSIG algorithm: ', data
['error'])
138 def test_put_broken_key(self
):
139 name
, payload
, data
= self
.create_tsig_key()
141 'key': 'f\u0333oobar1======'
143 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
144 data
=json
.dumps(payload
))
146 self
.assertEqual(r
.status_code
, 422)
147 self
.assertIn('Can not base64 decode key content ', data
['error'])
149 def test_put_to_non_existing_key(self
):
150 name
= unique_tsigkey_name()
152 'algorithm': 'hmac-sha512'
154 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + name
+ '.'),
155 data
=json
.dumps(payload
),
156 headers
={'accept': 'application/json'})
157 self
.assertEqual(r
.status_code
, 404)
159 self
.assertIn('TSIG key with name \'' + name
+ '\' not found', data
['error'])
161 def test_post_existing_key_name(self
):
162 name
, payload
, data
= self
.create_tsig_key()
163 r
= self
.session
.post(self
.url("/api/v1/servers/localhost/tsigkeys"),
164 headers
={'accept': 'application/json'},
165 data
=json
.dumps(payload
))
166 self
.assertEqual(r
.status_code
, 409)
168 self
.assertIn('A TSIG key with the name ', data
['error'])
170 def test_post_broken_key_name(self
):
172 'name': unique_tsigkey_name(),
173 'key': 'f\u0333oobar1======',
174 'algorithm': 'hmac-md5'
176 r
= self
.session
.post(self
.url("/api/v1/servers/localhost/tsigkeys"),
177 headers
={'accept': 'application/json'},
178 data
=json
.dumps(payload
))
179 self
.assertEqual(r
.status_code
, 422)
181 self
.assertIn(' cannot be base64-decoded', data
['error'])
183 def test_post_wrong_algo(self
):
185 'name': unique_tsigkey_name(),
186 'algorithm': 'foobar'
188 r
= self
.session
.post(self
.url("/api/v1/servers/localhost/tsigkeys"),
189 headers
={'accept': 'application/json'},
190 data
=json
.dumps(payload
))
191 self
.assertEqual(r
.status_code
, 400)
193 self
.assertIn('Invalid TSIG algorithm: ', data
['error'])