commit 0112effa2d2e2137b08b3c64dc47b4b7414fce9e
author Sergey Shepelev <temotor@gmail.com> Fri May 05 06:46:43 2017 +0300
committer Sergey Shepelev <temotor@gmail.com> Fri Mar 09 05:16:03 2018 +0300
tree db073780cea8a780d36f12fb5cfdf7f25ea2382f
parent e8ca24bd9177bfdceaad2f25a49cb241c5db13b7

tests: py2/3 unified, using pytest, automated on Travis

tests/test_external.py

diff --git a/tests/test_external.py b/tests/test_external.py
new file mode 100644
index 0000000..20652c9
--- /dev/null
+++ b/tests/test_external.py
@@ -0,0 +1,95 @@
+'''These tests rely on replies from public internet services
+
+TODO: reimplement with local stubs
+'''
+import httplib2
+import os
+import pytest
+import ssl
+import sys
+import tests
+
+
+def test_get_301_via_https():
+    # Google always redirects to http://google.com
+    http = httplib2.Http()
+    response, content = http.request('https://code.google.com/apis/', 'GET')
+    assert response.status == 200
+    assert response.previous.status == 301
+
+
+def test_get_via_https():
+    # Test that we can handle HTTPS
+    http = httplib2.Http()
+    response, content = http.request('https://google.com/adsense/', 'GET')
+    assert response.status == 200
+
+
+def test_get_via_https_spec_violation_on_location():
+    # Test that we follow redirects through HTTPS
+    # even if they violate the spec by including
+    # a relative Location: header instead of an
+    # absolute one.
+    http = httplib2.Http()
+    response, content = http.request('https://google.com/adsense', 'GET')
+    assert response.status == 200
+    assert response.previous is not None
+
+
+def test_get_via_https_key_cert():
+    #  At this point I can only test
+    #  that the key and cert files are passed in
+    #  correctly to httplib. It would be nice to have
+    #  a real https endpoint to test against.
+    http = httplib2.Http(timeout=2)
+    http.add_certificate('akeyfile', 'acertfile', 'bitworking.org')
+    try:
+        http.request('https://bitworking.org', 'GET')
+    except AttributeError:
+        assert http.connections['https:bitworking.org'].key_file == 'akeyfile'
+        assert http.connections['https:bitworking.org'].cert_file == 'acertfile'
+    except IOError:
+        # Skip on 3.2
+        pass
+
+    try:
+        http.request('https://notthere.bitworking.org', 'GET')
+    except httplib2.ServerNotFoundError:
+        assert http.connections['https:notthere.bitworking.org'].key_file is None
+        assert http.connections['https:notthere.bitworking.org'].cert_file is None
+    except IOError:
+        # Skip on 3.2
+        pass
+
+
+def test_ssl_invalid_ca_certs_path():
+    # Test that we get an ssl.SSLError when specifying a non-existent CA
+    # certs file.
+    http = httplib2.Http(ca_certs='/nosuchfile')
+    with tests.assert_raises(IOError):
+        http.request('https://www.google.com/', 'GET')
+
+
+@pytest.mark.xfail(
+    sys.version_info <= (3,),
+    reason='FIXME: for unknown reason Python 2.7.10 validates www.google.com against dummy CA www.example.com',
+)
+def test_ssl_wrong_ca():
+    # Test that we get a SSLHandshakeError if we try to access
+    # https://www.google.com, using a CA cert file that doesn't contain
+    # the CA Google uses (i.e., simulating a cert that's not signed by a
+    # trusted CA).
+    other_ca_certs = os.path.join(
+        os.path.dirname(os.path.abspath(httplib2.__file__)),
+        'test', 'other_cacerts.txt')
+    assert os.path.exists(other_ca_certs)
+    http = httplib2.Http(ca_certs=other_ca_certs)
+    http.follow_redirects = False
+    with tests.assert_raises(ssl.SSLError):
+        http.request('https://www.google.com/', 'GET')
+
+
+def test_sni_hostname_validation():
+    # TODO: make explicit test server with SNI validation
+    http = httplib2.Http()
+    http.request('https://google.com/', method='GET')