blob: 6fa6504c2f8192d17839965281037fca2d76e53b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
{-# LANGUAGE OverloadedStrings #-}
{-|
Copyright : (c) 2015 Julien Tanguy
License : BSD3
Maintainer : julien.tanguy@jhome.fr
This test suite is based on the pymacaroons test suite:
<https://github.com/ecordell/pymacaroons>
-}
module Crypto.Macaroon.Tests where
import Data.Byteable
import qualified Data.ByteString.Char8 as B8
import Data.Hex
import Test.Tasty
import Test.Tasty.HUnit
import Crypto.Macaroon
import Crypto.Macaroon.Serializer.Base64
tests :: TestTree
tests = testGroup "Crypto.Macaroon" [ basic
, minted
, minted2
, minted3
]
m :: Macaroon
m = create secret key loc
where
secret = B8.pack "this is our super secret key; only we should know it"
key = B8.pack "we used our secret key"
loc = B8.pack "http://mybank/"
basic :: TestTree
basic = testGroup "Basic macaroon" [ basicSignature
, basicSerialize
, basicDeserialize
]
basicSignature = testCase "Signature" $
"E3D9E02908526C4C0039AE15114115D97FDD68BF2BA379B342AAF0F617D0552F" @=? (hex . signature) m
basicSerialize = testCase "Serialization" $
"MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMjZpZGVudG\
\lmaWVyIHdlIHVzZWQgb3VyIHNlY3JldCBrZXkKMDAyZnNpZ25h\
\dHVyZSDj2eApCFJsTAA5rhURQRXZf91ovyujebNCqvD2F9BVLwo" @=? serialize m
basicDeserialize = testCase "Deserialization" $
Right m @=? (deserialize . serialize) m
m2 :: Macaroon
m2 = addFirstPartyCaveat "test = caveat" m
minted :: TestTree
minted = testGroup "Macaroon with first party caveat" [ mintInspect
, mintSerialize
, mintDeserialize
]
mintInspect = testCase "Inspect" $
"location http://mybank/\nidentifier we used\
\ our secret key\ncid test = caveat\nsignature\
\ 197BAC7A044AF33332865B9266E26D49\
\3BDD668A660E44D88CE1A998C23DBD67" @=? inspect m2
mintSerialize = testCase "Serialization" $
"MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMjZpZGVudGlmaWVyIHdlIHVzZ\
\WQgb3VyIHNlY3JldCBrZXkKMDAxNmNpZCB0ZXN0ID0gY2F2ZWF0CjAwMmZzaWduYXR1cmUgGXusegR\
\K8zMyhluSZuJtSTvdZopmDkTYjOGpmMI9vWcK" @=? serialize m2
mintDeserialize = testCase "Deserialization" $
Right m2 @=? (deserialize . serialize) m2
m3 :: Macaroon
m3 = addFirstPartyCaveat "test = acaveat" m
minted2 :: TestTree
minted2 = testGroup "Macaroon with first party caveats" [ mint2Trimmed
, mint2Des
]
mint2Trimmed = testCase "Serialization" $
"MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMjZpZGVudGlmaWVyIHdlIHVz\
\ZWQgb3VyIHNlY3JldCBrZXkKMDAxN2NpZCB0ZXN0ID0gYWNhdmVhdAowMDJmc2ln\
\bmF0dXJlIJRJ_V3WNJQnqlVq5eez7spnltwU_AXs8NIRY739sHooCg" @=? serialize m3
mint2Des = testCase "Deserialization" $
Right m3 @=? (deserialize . serialize) m3
m4 :: Macaroon
m4 = addThirdPartyCaveat caveat_key caveat_id caveat_loc n
where
n = addFirstPartyCaveat "account = 3735928559" $ create sec key loc
key = B8.pack "we used our other secret key"
loc = B8.pack "http://mybank/"
sec = B8.pack "this is a different super-secret key; never use the same secret twice"
caveat_key = B8.pack "4; guaranteed random by a fair toss of the dice"
caveat_id = B8.pack "this was how we remind auth of key/pred"
caveat_loc = B8.pack "http://auth.mybank/"
minted3 :: TestTree
minted3 = testGroup "Macaroon with first and third party caveats" [ mint3sig ]
mint3sig = testCase "Signature" $
"6B99EDB2EC6D7A4382071D7D41A0BF7DFA27D87D2F9FEA86E330D7850FFDA2B2" @=? (hex . signature) m4
|
