Django|Python接口自动化测试系列[V1.0.0][加密接口]

PyCrypto PyCrypto是一个免费的加密算法库, 支持常见的DES、AES加密以及MD5、SHA等各种HASH运算
被测代码

"""AES加密算法"""BS = 16 unpad = lambda s : s[0: - ord(s[-1])]def decryptBase64(src): return base64.urlsafe_b64decode(src)def decryptAES(src): """ 解析AES密文 """ src = https://www.it610.com/article/decryptBase64(src) key = b'W7v4D60fds2Cmk2U' iv = b"1172311105789011" cryptor = AES.new(key, AES.MODE_CBC, iv) text = cryptor.decrypt(src).decode() return unpad(text)def aes_encryption(request): if request.method == 'POST': data = https://www.it610.com/article/request.POST.get("data", "") else: return "error"if data =https://www.it610.com/article/="": return "data null"# 解密 decode = decryptAES(data) # 转化为字典 dict_data = json.loads(decode) return dict_data# 嘉宾查询接口----AES算法 def get_guest_list(request): dict_data = aes_encryption(request)if dict_data =https://www.it610.com/article/="data null": return JsonResponse({'status':10010,'message':'data null'})if dict_data =https://www.it610.com/article/="error": return JsonResponse({'status':10011,'message':'request error'})# 取出对应的发布会id和手机号 try: eid = dict_data['eid'] phone = dict_data['phone'] except KeyError: return JsonResponse({'status':10012,'message':'parameter error'})if eid == '': return JsonResponse({'status':10021,'message':'eid cannot be empty'})if eid != '' and phone == '': datas = [] results = Guest.objects.filter(event_id=eid) if results: for r in results: guest = {} guest['realname'] = r.realname guest['phone'] = r.phone guest['email'] = r.email guest['sign'] = r.sign datas.append(guest) return JsonResponse({'status':200, 'message':'success', 'data':datas}) else: return JsonResponse({'status':10022, 'message':'query result is empty'})if eid != '' and phone != '': guest = {} try: result = Guest.objects.get(phone=phone,event_id=eid) except ObjectDoesNotExist: return JsonResponse({'status':10022, 'message':'query result is empty'}) else: guest['realname'] = result.realname guest['phone'] = result.phone guest['email'] = result.email guest['sign'] = result.sign return JsonResponse({'status':200, 'message':'success', 'data':guest})

接口文档 【Django|Python接口自动化测试系列[V1.0.0][加密接口]】Django|Python接口自动化测试系列[V1.0.0][加密接口]
文章图片

测试用例
from Crypto.Cipher import AES import base64 import requests import unittest import jsonclass AESTest(unittest.TestCase):def setUp(self): BS = 16 self.pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)self.base_url = "http://127.0.0.1:8000/api/sec_get_guest_list/" self.app_key = 'W7v4D60fds2Cmk2U'def encryptBase64(self,src): return base64.urlsafe_b64encode(src)def encryptAES(self,src, key): """ 生成AES密文 """ iv = b"1172311105789011" cryptor = AES.new(key, AES.MODE_CBC, iv) ciphertext = cryptor.encrypt(self.pad(src)) return self.encryptBase64(ciphertext)def test_aes_interface(self): '''test aes interface''' payload = {'eid': '1', 'phone': '13800138000'} # 加密 encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded}) result = r.json() self.assertEqual(result['status'], 200) self.assertEqual(result['message'], "success")def test_get_guest_list_eid_null(self): ''' eid 参数为空 ''' payload = {'eid': '','phone': ''} encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded}) result = r.json() self.assertEqual(result['status'], 10021) self.assertEqual(result['message'], 'eid cannot be empty')def test_get_event_list_eid_error(self): ''' 根据 eid 查询结果为空 ''' payload = {'eid': '901','phone': ''} encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded}) result = r.json() self.assertEqual(result['status'], 10022) self.assertEqual(result['message'], 'query result is empty')def test_get_event_list_eid_success(self): ''' 根据 eid 查询结果成功 ''' payload = {'eid': '1','phone': ''} encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded}) result = r.json() self.assertEqual(result['status'], 200) self.assertEqual(result['message'], 'success') self.assertEqual(result['data'][0]['realname'],'张三') self.assertEqual(result['data'][0]['phone'],'13800138000')def test_get_event_list_eid_phone_null(self): ''' 根据 eid 和phone 查询结果为空 ''' payload = {'eid':2,'phone':'10000000000'} encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded}) result = r.json() self.assertEqual(result['status'], 10022) self.assertEqual(result['message'], 'query result is empty')def test_get_event_list_eid_phone_success(self): ''' 根据 eid 和phone 查询结果成功 ''' payload = {'eid':1,'phone':'18633003301'} encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded}) result = r.json() self.assertEqual(result['status'], 200) self.assertEqual(result['message'], 'success') self.assertEqual(result['data']['realname'],'alen') self.assertEqual(result['data']['phone'],'18633003301')if __name__ == '__main__': unittest.main()

    推荐阅读