Test for Cookie Auth
====================

  >>> import base64
  >>> from Products.PluggableAuthService.utils import implementedBy
  >>> from Interface.Implements import flattenInterfaces
  >>> from Products.PloneTestCase.PloneTestCase import portal_name

User in Plone Site
------------------

Plone Site has PAS installed

  >>> print self.portal.acl_users.meta_type
  Pluggable Auth Service

User exists in the user folder inside the Plone Site.

  >>> uf = self.portal.acl_users
  >>> print uf.meta_type
  Pluggable Auth Service

  >>> user_name, user_password, user_role = ('foo', 'bar', 'Manager')
  >>> uf.userFolderAddUser(user_name, user_password, [user_role], [])

  >>> uf.getUserById(user_name)
  <PloneUser 'foo'>

Login to Plone Site using Basic Auth works.

  >>> print http(r"""
  ... GET /%s/manage HTTP/1.1
  ... Authorization: Basic %s:%s
  ... """ % (portal_name, user_name, user_password), handle_errors=False)
  HTTP/1.1 200 OK...

Make sure cookie plugin is installed and activated.

  >>> uf.objectIds('Extended Cookie Auth Helper')
  ['credentials_cookie_auth']

  >>> plugins = uf.plugins
  >>> cookie = uf['credentials_cookie_auth']

  >>> ifaces = flattenInterfaces(tuple(implementedBy(cookie.__class__)))

  >>> actives = []
  >>> for iface in ifaces:
  ...    try:
  ...       actives.append((plugins.listPlugins(iface), iface))
  ...    except KeyError:
  ...       pass

  >>> for active, iface in actives:
  ...     print iface,
  ...     for id, plugin in active:
  ...         if id == 'credentials_cookie_auth':
  ...            print True
  <...IExtractionPlugin...> True
  <...IChallengePlugin...> True
  <...ICredentialsUpdatePlugin...> True
  <...ICredentialsResetPlugin...> True

Login to Plone site using Cookie Auth should work too.

  >>> encoded = base64.encodestring('%s:%s' % (user_name, user_password))
  >>> print http(r"""
  ... GET /%s/manage HTTP/1.1
  ... Cookie: __ac=%s;
  ... """ % (portal_name, encoded), handle_errors=False)
  HTTP/1.1 200 OK...

User in parent folder
---------------------

User Exists on the folder containing the Plone Site, which should be a
Pluggable Auth Service too.

  >>> uf = self.portal.aq_parent.acl_users
  >>> print uf.meta_type
  Pluggable Auth Service

  >>> user_name, user_password, user_role = ('baz', 'bar', 'Manager')
  >>> uf.userFolderAddUser(user_name, user_password, [user_role], [])

  >>> uf.getUserById(user_name)
  <PropertiedUser 'baz'>

Login directly to containing folder using Basic Auth works.

  >>> print http(r"""
  ... GET /manage HTTP/1.1
  ... Authorization: Basic %s:%s
  ... """ % (user_name, user_password), handle_errors=False)
  HTTP/1.1 200 OK...

Login to Plone Site using Basic Auth works.

  >>> print http(r"""
  ... GET /%s/manage HTTP/1.1
  ... Authorization: Basic %s:%s
  ... """ % (portal_name, user_name, user_password), handle_errors=False)
  HTTP/1.1 200 OK...

Login to Plone site using Cookie Auth should work too.

  >>> encoded = base64.encodestring('%s:%s' % (user_name, user_password))
  >>> print http(r"""
  ... GET /%s/manage HTTP/1.1
  ... Cookie: __ac=%s;
  ... """ % (portal_name, encoded), handle_errors=False)
  HTTP/1.1 200 OK...
