diff options
| author | Ib Lundgren <ib.lundgren@gmail.com> | 2012-03-15 11:36:40 +0100 |
|---|---|---|
| committer | Ib Lundgren <ib.lundgren@gmail.com> | 2012-03-15 11:36:40 +0100 |
| commit | e89e18c784758988c858a87f5c19fb2bb6bbd771 (patch) | |
| tree | 8c9255ce3f6a326e9394d8838342dce6fc5d3ad4 | |
| parent | 6cc32aaae5c97e36e32c04232e1135e1e82a0177 (diff) | |
| download | oauthlib-e89e18c784758988c858a87f5c19fb2bb6bbd771.tar.gz | |
Updated HMAC test
| -rw-r--r-- | tests/test_signatures.py | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/tests/test_signatures.py b/tests/test_signatures.py index 74a927e..5ef51a7 100644 --- a/tests/test_signatures.py +++ b/tests/test_signatures.py @@ -163,17 +163,26 @@ class SignatureTests(TestCase): index = normalized.index(key) def test_sign_hmac_sha1(self): - """ TODO: Someone make a better test for this.""" + """ Verifying correct HMAC-SHA1 signature against one created by openssl.""" - # construct_base_string copied from the test_construct_base_string above - base_string = construct_base_string(unicode(self.http_method), unicode(self.base_string_url), unicode(self.normalized_encoded_request_parameters)) + # Remember to update hmac_key if the secrets are updated + client_secret = "ECrDNoq1VYzzzzzzzzzyAK7TwZNtPnkqatqZZZZ" + resource_owner_secret = "just-a-string asdasd" + hmac_key = "ECrDNoq1VYzzzzzzzzzyAK7TwZNtPnkqatqZZZZ&just-a-string%20%20%20%20asdasd" + base_string = "POST&http%253A%2F%2Fexample.com%2Frequest%253Fb5%253D%25253D%2525253D%2526a3%253Da%2526c%252540%253D%2526a2%253Dr%252520b&OAuth%2520realm%253D%2522Example%2522%252Coauth_consumer_key%253D%25229djdj82h48djs9d2%2522%252Coauth_token%253D%2522kkk9d7dh3k39sjv7%2522%252Coauth_signature_method%253D%2522HMAC-SHA1%2522%252Coauth_timestamp%253D%2522137131201%2522%252Coauth_nonce%253D%25227d8f3e4a%2522%252Coauth_signature%253D%2522bYT5CMsGcbgUdFHObYMEfcx6bsw%25253D%2522" + + # Base string saved in <message>, hmac_key in <key>. + # Control signature created using openssl: + # $ echo -n $(cat <message>) | openssl dgst -binary -hmac <key> | base64 + control_signature = "Uau4O9Kpd2k6rvh7UZN/RN+RG7Y=" # check for Unicode - self.assertRaises(ValueError, sign_hmac_sha1, base_string, self.client_secret, self.resource_owner_secret) + self.assertRaises(ValueError, sign_hmac_sha1, base_string, client_secret, resource_owner_secret) # Do the actual test - sign = sign_hmac_sha1(unicode(base_string), unicode(self.client_secret), unicode(self.resource_owner_secret)) + sign = sign_hmac_sha1(unicode(base_string), unicode(client_secret), unicode(resource_owner_secret)) self.assertEquals(len(sign), 28) + self.assertEquals(sign, control_signature) def test_sign_rsa_sha1(self): """ TODO: Someone figure a test for this.""" |