1'''These tests rely on replies from public internet services 2 3TODO: reimplement with local stubs 4''' 5import httplib2 6import os 7import pytest 8import ssl 9import sys 10import tests 11 12 13def test_get_301_via_https(): 14 # Google always redirects to http://google.com 15 http = httplib2.Http() 16 response, content = http.request('https://code.google.com/apis/', 'GET') 17 assert response.status == 200 18 assert response.previous.status == 301 19 20 21def test_get_via_https(): 22 # Test that we can handle HTTPS 23 http = httplib2.Http() 24 response, content = http.request('https://google.com/adsense/', 'GET') 25 assert response.status == 200 26 27 28def test_get_via_https_spec_violation_on_location(): 29 # Test that we follow redirects through HTTPS 30 # even if they violate the spec by including 31 # a relative Location: header instead of an 32 # absolute one. 33 http = httplib2.Http() 34 response, content = http.request('https://google.com/adsense', 'GET') 35 assert response.status == 200 36 assert response.previous is not None 37 38 39def test_get_via_https_key_cert(): 40 # At this point I can only test 41 # that the key and cert files are passed in 42 # correctly to httplib. It would be nice to have 43 # a real https endpoint to test against. 44 http = httplib2.Http(timeout=2) 45 http.add_certificate('akeyfile', 'acertfile', 'bitworking.org') 46 try: 47 http.request('https://bitworking.org', 'GET') 48 except AttributeError: 49 assert http.connections['https:bitworking.org'].key_file == 'akeyfile' 50 assert http.connections['https:bitworking.org'].cert_file == 'acertfile' 51 except IOError: 52 # Skip on 3.2 53 pass 54 55 try: 56 http.request('https://notthere.bitworking.org', 'GET') 57 except httplib2.ServerNotFoundError: 58 assert http.connections['https:notthere.bitworking.org'].key_file is None 59 assert http.connections['https:notthere.bitworking.org'].cert_file is None 60 except IOError: 61 # Skip on 3.2 62 pass 63 64 65def test_ssl_invalid_ca_certs_path(): 66 # Test that we get an ssl.SSLError when specifying a non-existent CA 67 # certs file. 68 http = httplib2.Http(ca_certs='/nosuchfile') 69 with tests.assert_raises(IOError): 70 http.request('https://www.google.com/', 'GET') 71 72 73@pytest.mark.xfail( 74 sys.version_info <= (3,), 75 reason='FIXME: for unknown reason Python 2.7.10 validates www.google.com against dummy CA www.example.com', 76) 77def test_ssl_wrong_ca(): 78 # Test that we get a SSLHandshakeError if we try to access 79 # https://www.google.com, using a CA cert file that doesn't contain 80 # the CA Google uses (i.e., simulating a cert that's not signed by a 81 # trusted CA). 82 other_ca_certs = os.path.join( 83 os.path.dirname(os.path.abspath(httplib2.__file__)), 84 'test', 'other_cacerts.txt') 85 assert os.path.exists(other_ca_certs) 86 http = httplib2.Http(ca_certs=other_ca_certs) 87 http.follow_redirects = False 88 with tests.assert_raises(ssl.SSLError): 89 http.request('https://www.google.com/', 'GET') 90 91 92def test_sni_hostname_validation(): 93 # TODO: make explicit test server with SNI validation 94 http = httplib2.Http() 95 http.request('https://google.com/', method='GET') 96