Ticket #51: authkit-token-fix.patch

  • test/test.py

    old new  
    1111import os 
    1212import paste.lint 
    1313 
    14 from authkit.authenticate import middleware, sample_app 
     14from authkit.authenticate import middleware, sample_app, cookie 
    1515from paste.fixture import * 
    1616 
    1717sys.path.insert(0, os.getcwd()+'/examples/docs') 
     
    3131openid_app = paste.lint.middleware(openid_app) 
    3232redirect_app = paste.lint.middleware(redirect_app) 
    3333 
     34from Cookie import SimpleCookie 
     35from StringIO import StringIO 
     36 
    3437sys.path.insert(0, os.getcwd()+'/examples/config') 
    3538from digest import app as config_app 
    3639 
     
    6972            assertEqual(res.full_status, '200 OK') 
    7073            assert 'You Have Access To This Page.' in res 
    7174 
     75def test_cookie_setter(): 
     76    set_user_cookie = cookie.CookieUserSetter(basic_app, "<secret-token>", params={}) 
     77    def start_response(status, response_headers, exc_info=None): 
     78        pass 
     79         
     80    authcookie = SimpleCookie() 
     81    # replace with a generated object? 
     82    authcookie['authkit'] = "b1e992ae0f0510ff8a56674fa9270c5a48c6a998joeuser!" 
     83     
     84    environ = { 
     85        # mandatory CGI variables 
     86        'REQUEST_METHOD': 'GET',     # always mandatory 
     87        'SCRIPT_NAME': '',           # may be empty if app is at the root 
     88        'PATH_INFO': '',             # may be empty if at root of app 
     89        'SERVER_NAME': 'localhost',  # always mandatory 
     90        'SERVER_PORT': '80',         # always mandatory  
     91        'SERVER_PROTOCOL': 'HTTP/1.0', 
     92        # mandatory wsgi variables 
     93        'wsgi.version': (1, 0), 
     94        'wsgi.url_scheme': 'http', 
     95        'wsgi.input': StringIO(''), 
     96        'wsgi.errors': StringIO(), 
     97        'wsgi.multithread': False, 
     98        'wsgi.multiprocess': False, 
     99        'wsgi.run_once': False, 
     100        # cookie stuff 
     101        'HTTP_COOKIE': '<fake-header>',  
     102        'paste.cookies': [authcookie, '<fake-header>'] 
     103    } 
     104    set_user_cookie(environ, start_response) 
     105    raise ValueError("must set a proper cookie value for this test to do anything") 
     106 
    72107def test_intercept(): 
    73108    # XXX Note, these tests don't test when the inclusion of a username and only test form 
    74109    # should also test all the other methods too for correct behaviour 

  • authkit/authenticate/cookie.py

    old new  
    370370                    environ['paste.auth_tkt.timestamp'] = timestamp 
    371371            # End changes from the default 
    372372            environ['REMOTE_USER'] = userid 
     373            tokens = ','.join(tokens) 
    373374            if environ.get('REMOTE_USER_TOKENS'): 
    374375                # We want to add tokens/roles to what's there: 
    375376                tokens = environ['REMOTE_USER_TOKENS'] + ',' + tokens