webssh

Web based ssh client https://github.com/huashengdun/webssh webssh.huashengdun.org/
git clone http://git.hanabi.in/repos/webssh.git
Log | Files | Refs | README | LICENSE
commit e1fbc417fd349dc57ddefee7d5989ac4c8c3d656
parent 105c1f62ee7a5ea0436014949213fd2b7b603fa2
Author: Sheng <webmaster0115@gmail.com>
Date:   Sun, 26 Aug 2018 21:53:28 +0800

Added test for bad authentication type

Diffstat:

Mtests/sshserver.py | 4+++-


Mtests/test_app.py | 28++++++++++++++++++++++------


2 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/tests/sshserver.py b/tests/sshserver.py
@@ -72,11 +72,13 @@ class Server(paramiko.ServerInterface):
 
     def check_auth_publickey(self, username, key):
         print('Auth attempt with username: {!r} & key: {!r}'.format(username, u(hexlify(key.get_fingerprint())))) # noqa
-        if (username == 'robey') and (key == self.good_pub_key):
+        if (username in ['robey', 'keyonly']) and (key == self.good_pub_key):
             return paramiko.AUTH_SUCCESSFUL
         return paramiko.AUTH_FAILED
 
     def get_allowed_auths(self, username):
+        if username == 'keyonly':
+            return 'publickey'
         return 'password,publickey'
 
     def check_channel_exec_request(self, channel, command):
diff --git a/tests/test_app.py b/tests/test_app.py
@@ -28,14 +28,14 @@ class TestApp(AsyncHTTPTestCase):
     running = [True]
     sshserver_port = 2200
     body = 'hostname=127.0.0.1&port={}&username=robey&password=foo'.format(sshserver_port) # noqa
-    body_dict = {
-        'hostname': '127.0.0.1',
-        'port': str(sshserver_port),
-        'username': 'robey',
-        'password': ''
-    }
 
     def get_app(self):
+        self.body_dict = {
+            'hostname': '127.0.0.1',
+            'port': str(self.sshserver_port),
+            'username': 'robey',
+            'password': ''
+        }
         loop = self.io_loop
         options.debug = False
         options.policy = random.choice(['warning', 'autoadd'])
@@ -449,3 +449,19 @@ class TestApp(AsyncHTTPTestCase):
             yield client.fetch(url, method='POST', body=body)
         self.assertEqual(ctx.exception.code, 400)
         self.assertIn('Bad Request', ctx.exception.message)
+
+    @tornado.testing.gen_test
+    def test_app_with_user_keyonly_for_bad_authentication_type(self):
+        url = self.get_url('/')
+        client = self.get_http_client()
+        response = yield client.fetch(url)
+        self.assertEqual(response.code, 200)
+
+        self.body_dict.update(username='keyonly', password='foo')
+        body = urlencode(self.body_dict)
+        response = yield client.fetch(url, method='POST', body=body)
+        self.assertEqual(response.code, 200)
+        data = json.loads(to_str(response.body))
+        self.assertIsNone(data['id'])
+        self.assertIsNone(data['encoding'])
+        self.assertIn('Bad authentication type', data['status'])