Commits

Jajcus committed 2a8f53d

pyxmpp2.cert: tests and fixes for .verify_client()

Comments (0)

Files changed (2)

     def verify_client(self, client_jid = None, domains = None):
         """Verify certificate for a client.
 
+        Please note that `client_jid` is only a hint to choose from the names,
+        other JID may be returned if `client_jid` is not included in the
+        certificate.
+
         :Parameters:
             - `client_jid`: client name requested. May be `None` to allow
               any name in one of the `domains`.
             - `domains`: `list` of `unicode`
 
         :Return: one of the jids in the certificate or `None` is no authorized
-        name is found.
+        name is found. 
         """
         jids = [jid for jid in self.get_jids() if jid.local]
         if not jids:
-            return False
+            return None
         if client_jid is not None and client_jid in jids:
             return client_jid
         if domains is None:

pyxmpp2/test/cert.py

         if not isinstance(cert, BasicCertificateData):
             self.assertEqual(cert.get_jids(), [JID("user@server.example.org")])
 
+
     def test_server1_cert_fields(self):
         cert = self.load_certificate("server1", True)
         self.assertEqual(cert.subject_name, (
         self.assertTrue(cert.verify_server(u"sub.wild.example.org"))
         self.assertTrue(cert.verify_server(u"somethinelse.wild.example.org"))
 
+    def test_verify_client(self):
+        cert = self.load_certificate("client", False)
+        self.assertEqual(cert.verify_client(), JID("user@server.example.org"))
+        self.assertEqual(cert.verify_client(JID("user@server.example.org")),
+                                               JID("user@server.example.org"))
+        self.assertEqual(cert.verify_client(JID("other@server.example.org")),
+                                               JID("user@server.example.org"))
+        self.assertEqual(cert.verify_client(domains = ["server.example.org"]),
+                                               JID("user@server.example.org"))
+        self.assertIsNone(cert.verify_client(domains = ["bad.example.org"]))
+        
+        cert = self.load_certificate("server", True)
+        self.assertIsNone(cert.verify_client())
+
+    def test_verify_client1(self):
+        cert = self.load_certificate("client1", False)
+        self.assertEqual(cert.verify_client(), JID("user1@server.example.org"))
+        self.assertEqual(cert.verify_client(JID("user1@server.example.org")),
+                                               JID("user1@server.example.org"))
+        self.assertEqual(cert.verify_client(JID("user2@server.example.org")),
+                                               JID("user2@server.example.org"))
+        self.assertEqual(cert.verify_client(JID("other@server.example.org")),
+                                               JID("user1@server.example.org"))
+        self.assertEqual(cert.verify_client(domains = ["server.example.org"]),
+                                               JID("user1@server.example.org"))
+        self.assertIsNone(cert.verify_client(domains = ["bad.example.org"]))
+        
+        cert = self.load_certificate("server1", True)
+        self.assertIsNone(cert.verify_client())
+
+
 # pylint: disable=W0611
 from pyxmpp2.test._support import load_tests, setup_logging