• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1"""These tests rely on replies from public internet services
2
3TODO: reimplement with local stubs
4"""
5import httplib2
6import os
7import pytest
8import ssl
9import sys
10import tests
11
12
13def test_get_301_via_https():
14    # Google always redirects to http://google.com
15    http = httplib2.Http()
16    response, content = http.request("https://code.google.com/apis/", "GET")
17    assert response.status == 200
18    assert response.previous.status == 301
19
20
21def test_get_via_https():
22    # Test that we can handle HTTPS
23    http = httplib2.Http()
24    response, content = http.request("https://google.com/adsense/", "GET")
25    assert response.status == 200
26
27
28def test_get_via_https_spec_violation_on_location():
29    # Test that we follow redirects through HTTPS
30    # even if they violate the spec by including
31    # a relative Location: header instead of an
32    # absolute one.
33    http = httplib2.Http()
34    response, content = http.request("https://google.com/adsense", "GET")
35    assert response.status == 200
36    assert response.previous is not None
37
38
39def test_get_via_https_key_cert():
40    #  At this point I can only test
41    #  that the key and cert files are passed in
42    #  correctly to httplib. It would be nice to have
43    #  a real https endpoint to test against.
44    http = httplib2.Http(timeout=2)
45    http.add_certificate("akeyfile", "acertfile", "bitworking.org")
46    try:
47        http.request("https://bitworking.org", "GET")
48    except AttributeError:
49        assert http.connections["https:bitworking.org"].key_file == "akeyfile"
50        assert http.connections["https:bitworking.org"].cert_file == "acertfile"
51    except IOError:
52        # Skip on 3.2
53        pass
54
55    try:
56        http.request("https://notthere.bitworking.org", "GET")
57    except httplib2.ServerNotFoundError:
58        assert http.connections["https:notthere.bitworking.org"].key_file is None
59        assert http.connections["https:notthere.bitworking.org"].cert_file is None
60    except IOError:
61        # Skip on 3.2
62        pass
63
64
65def test_ssl_invalid_ca_certs_path():
66    # Test that we get an ssl.SSLError when specifying a non-existent CA
67    # certs file.
68    http = httplib2.Http(ca_certs="/nosuchfile")
69    with tests.assert_raises(IOError):
70        http.request("https://www.google.com/", "GET")
71
72
73@pytest.mark.xfail(
74    sys.version_info <= (3,),
75    reason=(
76        "FIXME: for unknown reason Python 2.7.10 validates www.google.com "
77        "against dummy CA www.example.com"
78    ),
79)
80def test_ssl_wrong_ca():
81    # Test that we get a SSLHandshakeError if we try to access
82    # https://www.google.com, using a CA cert file that doesn't contain
83    # the CA Google uses (i.e., simulating a cert that's not signed by a
84    # trusted CA).
85    other_ca_certs = os.path.join(
86        os.path.dirname(os.path.abspath(httplib2.__file__)), "test", "other_cacerts.txt"
87    )
88    assert os.path.exists(other_ca_certs)
89    http = httplib2.Http(ca_certs=other_ca_certs)
90    http.follow_redirects = False
91    with tests.assert_raises(ssl.SSLError):
92        http.request("https://www.google.com/", "GET")
93
94
95def test_sni_hostname_validation():
96    # TODO: make explicit test server with SNI validation
97    http = httplib2.Http()
98    http.request("https://google.com/", method="GET")
99