]>
git.ipfire.org Git - thirdparty/pdns.git/blob - regression-tests.api/test_TSIG.py
4 from copy
import deepcopy
5 from pprint
import pprint
6 from test_helper
import ApiTestCase
, unique_tsigkey_name
, is_auth
, is_recursor
, get_db_tsigkeys
8 class AuthTSIGHelperMixin(object):
9 def create_tsig_key(self
, name
=None, algorithm
='hmac-md5', key
=None):
11 name
= unique_tsigkey_name()
14 'algorithm': algorithm
,
17 payload
.update({'key': key
})
18 print "sending", payload
19 r
= self
.session
.post(
20 self
.url("/api/v1/servers/localhost/tsigkeys"),
21 data
=json
.dumps(payload
),
22 headers
={'content-type': 'application/json'})
23 self
.assert_success_json(r
)
24 self
.assertEquals(r
.status_code
, 201)
27 return name
, payload
, reply
30 @unittest.skipIf(not is_auth(), "Not applicable")
31 class AuthTSIG(ApiTestCase
, AuthTSIGHelperMixin
):
32 def test_create_key(self
):
34 Create a TSIG key that is generated by the server
36 name
, payload
, data
= self
.create_tsig_key()
37 for k
in ('id', 'name', 'algorithm', 'key', 'type'):
38 self
.assertIn(k
, data
)
40 self
.assertEquals(data
[k
], payload
[k
])
42 def test_create_key_with_key_data(self
):
44 Create a new key with the key data provided
46 key
= 'fn+BREHMDq0uWA1WbDwaoc2ne3rD973ySJ33ToJTfWY='
47 name
, payload
, data
= self
.create_tsig_key(key
=key
)
48 self
.assertEqual(data
['key'], key
)
50 def test_create_key_with_hmacsha512(self
):
52 Have the server generate a key with the provided algorithm
54 algorithm
= 'hmac-sha512'
55 name
, payload
, data
= self
.create_tsig_key(algorithm
=algorithm
)
56 self
.assertEqual(data
['algorithm'], algorithm
)
58 def test_get_non_existing_key(self
):
60 Try to get get a key that does not exist
63 r
= self
.session
.get(self
.url(
64 "/api/v1/servers/localhost/tsigkeys/" + name
+ '.'),
65 headers
={'accept': 'application/json'})
66 self
.assert_error_json(r
)
67 self
.assertEqual(r
.status_code
, 404)
69 self
.assertIn('TSIG key with name \'' + name
+ '\' not found', newdata
['error'])
71 def test_remove_key(self
):
73 Create a key and attempt to delete it
75 name
, payload
, data
= self
.create_tsig_key()
76 r
= self
.session
.delete(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']))
77 self
.assertEqual(r
.status_code
, 204)
78 keys_from_db
= get_db_tsigkeys(name
)
79 self
.assertListEqual(keys_from_db
, [])
81 def test_put_key_change_name(self
):
83 Rename a key by PUTing a json with "name" set
85 name
, payload
, data
= self
.create_tsig_key()
89 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
90 data
=json
.dumps(payload
))
91 self
.assertEqual(r
.status_code
, 200)
93 self
.assertEqual(newdata
['name'], 'mynewkey')
95 # Check if the old key is removed
96 r
= self
.session
.get(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']))
97 self
.assertEqual(r
.status_code
, 404, "Old key was not removed!")
99 def test_put_key_change_key(self
):
101 Change the key by PUTing it
103 name
, payload
, data
= self
.create_tsig_key()
104 newkey
= 'l36TAJalAys0HeEfSM1rFzSmz9kSwfiBo3HNkL62COs='
108 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
109 data
=json
.dumps(payload
))
110 self
.assertEqual(r
.status_code
, 200)
112 self
.assertEqual(data
['key'], newkey
)
114 def test_put_key_change_algo(self
):
115 name
, payload
, data
= self
.create_tsig_key()
116 newalgo
= 'hmac-sha256'
120 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
121 data
=json
.dumps(payload
))
122 self
.assertEqual(r
.status_code
, 200)
124 self
.assertEqual(data
['algorithm'], newalgo
)
126 def test_put_non_existing_algo(self
):
127 name
, payload
, data
= self
.create_tsig_key()
129 'algorithm': 'foobar'
131 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
132 data
=json
.dumps(payload
))
133 self
.assertEqual(r
.status_code
, 422)
135 self
.assertIn('Unknown TSIG algorithm: ', data
['error'])
137 def test_put_broken_key(self
):
138 name
, payload
, data
= self
.create_tsig_key()
140 'key': 'f\u333oobar1======'
142 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + data
['id']),
143 data
=json
.dumps(payload
))
145 self
.assertEqual(r
.status_code
, 422)
146 self
.assertIn('Can not base64 decode key content ', data
['error'])
148 def test_put_to_non_existing_key(self
):
149 name
= unique_tsigkey_name()
151 'algorithm': 'hmac-sha512'
153 r
= self
.session
.put(self
.url("/api/v1/servers/localhost/tsigkeys/" + name
+ '.'),
154 data
=json
.dumps(payload
),
155 headers
={'accept': 'application/json'})
156 self
.assertEqual(r
.status_code
, 404)
158 self
.assertIn('TSIG key with name \'' + name
+ '\' not found', data
['error'])
160 def test_post_existing_key_name(self
):
161 name
, payload
, data
= self
.create_tsig_key()
162 r
= self
.session
.post(self
.url("/api/v1/servers/localhost/tsigkeys"),
163 headers
={'accept': 'application/json'},
164 data
=json
.dumps(payload
))
165 self
.assertEqual(r
.status_code
, 409)
167 self
.assertIn('A TSIG key with the name ', data
['error'])
169 def test_post_broken_key_name(self
):
171 'name': unique_tsigkey_name(),
172 'key': 'f\u333oobar1======',
173 'algorithm': 'hmac-md5'
175 r
= self
.session
.post(self
.url("/api/v1/servers/localhost/tsigkeys"),
176 headers
={'accept': 'application/json'},
177 data
=json
.dumps(payload
))
178 self
.assertEqual(r
.status_code
, 422)
180 self
.assertIn(' cannot be base64-decoded', data
['error'])
182 def test_post_wrong_algo(self
):
184 'name': unique_tsigkey_name(),
185 'algorithm': 'foobar'
187 r
= self
.session
.post(self
.url("/api/v1/servers/localhost/tsigkeys"),
188 headers
={'accept': 'application/json'},
189 data
=json
.dumps(payload
))
190 self
.assertEqual(r
.status_code
, 422)
192 self
.assertIn('Unknown TSIG algorithm: ', data
['error'])