val/irctest
1
0
Fork 0
mirror of https://github.com/progval/irctest.git synced 2025-04-07 07:49:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add test for SASL PLAIN with no authzid.

Browse Source
This commit is contained in:
Valentin Lorentz
2015-12-24 22:35:15 +01:00
parent 1281901eb3
commit 6e50d100e9
1 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
irctest/server_tests/test_sasl.py
View File

@ -37,6 +37,55 @@ class SaslTestCase(cases.BaseServerTestCase, cases.OptionalityHelper):
fail_msg='900 should contain the account name as 3rd argument ' fail_msg='900 should contain the account name as 3rd argument '
'({expects}), not {got}: {msg}') '({expects}), not {got}: {msg}')
@cases.SpecificationSelector.requiredBySpecification('IRCv3.1')
@cases.OptionalityHelper.skipUnlessHasMechanism('PLAIN')
def testPlainNoAuthzid(self):
"""“message = [authzid] UTF8NUL authcid UTF8NUL passwd
[…]
Upon receipt of the message, the server will verify the presented (in
the message) authentication identity (authcid) and password (passwd)
with the system authentication database, and it will verify that the
authentication credentials permit the client to act as the (presented
or derived) authorization identity (authzid). If both steps succeed,
the user is authenticated.
[…]
When no authorization identity is provided, the server derives an
authorization identity from the prepared representation of the
provided authentication identity string. This ensures that the
derivation of different representations of the authentication
identity produces the same authorization identity.”
-- <https://tools.ietf.org/html/rfc4616#section-2>
"""
self.controller.registerUser(self, 'foo', 'sesame')
self.controller.registerUser(self, 'jilles', 'sesame')
self.controller.registerUser(self, 'bar', 'sesame')
self.addClient()
self.sendLine(1, 'CAP LS 302')
capabilities = self.getCapLs(1)
self.assertIn('sasl', capabilities,
fail_msg='Does not have SASL as the controller claims.')
if capabilities['sasl'] is not None:
self.assertIn('PLAIN', capabilities['sasl'],
fail_msg='Does not have PLAIN mechanism as the controller '
'claims')
self.sendLine(1, 'AUTHENTICATE PLAIN')
m = self.getMessage(1, filter_pred=lambda m:m.command != 'NOTICE')
self.assertMessageEqual(m, command='AUTHENTICATE', params=['+'],
fail_msg='Sent “AUTHENTICATE PLAIN”, server should have '
'replied with “AUTHENTICATE +”, but instead sent: {msg}')
self.sendLine(1, 'AUTHENTICATE AGppbGxlcwBzZXNhbWU=')
m = self.getMessage(1, filter_pred=lambda m:m.command != 'NOTICE')
self.assertMessageEqual(m, command='900',
fail_msg='Did not send 900 after correct SASL authentication.')
self.assertEqual(m.params[2], 'jilles', m,
fail_msg='900 should contain the account name as 3rd argument '
'({expects}), not {got}: {msg}')
@cases.SpecificationSelector.requiredBySpecification('IRCv3.1') @cases.SpecificationSelector.requiredBySpecification('IRCv3.1')
def testMechanismNotAvailable(self): def testMechanismNotAvailable(self):
"""“If authentication fails, a 904 or 905 numeric will be sent” """“If authentication fails, a 904 or 905 numeric will be sent”