Prevent save_token() from being called twice within create_token_response(). We call save_token() after any token modifiers have run so we can tell the token_handler's create_token() method not to save the token and do that explicitly ourselves.

author: Joel Stevenson <jstevenson@bepress.com> 2016-04-29 09:29:22 -0700
committer: Joel Stevenson <jstevenson@bepress.com> 2016-04-29 09:29:22 -0700
commit: 2f7fd6cde2e10a9980ad4ef2e438d6b93769e613 (patch)
tree: f898092850c8d7a23a8037684b80443bb18cfa3f /tests/oauth2
parent: 0fee646124b4af3cdf16189c64ac64777bc1c919 (diff)
download: oauthlib-2f7fd6cde2e10a9980ad4ef2e438d6b93769e613.tar.gz
6 files changed, 27 insertions, 0 deletions
diff --git a/tests/oauth2/rfc6749/grant_types/test_authorization_code.py b/tests/oauth2/rfc6749/grant_types/test_authorization_code.py
index ec65b9b..18cd3f2 100644
--- a/tests/oauth2/rfc6749/grant_types/test_authorization_code.py
+++ b/tests/oauth2/rfc6749/grant_types/test_authorization_code.py
@@ -67,8 +67,10 @@ class AuthorizationCodeGrantTest(TestCase):
 
     def test_create_token_response(self):
         bearer = BearerToken(self.mock_validator)
+
         h, token, s = self.auth.create_token_response(self.request, bearer)
         token = json.loads(token)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('refresh_token', token)
         self.assertIn('expires_in', token)
@@ -86,6 +88,7 @@ class AuthorizationCodeGrantTest(TestCase):
         bearer = BearerToken(self.mock_validator)
         h, token, s = self.auth.create_token_response(self.request, bearer)
         token = json.loads(token)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertNotIn('refresh_token', token)
         self.assertIn('expires_in', token)
diff --git a/tests/oauth2/rfc6749/grant_types/test_client_credentials.py b/tests/oauth2/rfc6749/grant_types/test_client_credentials.py
index d7e50c3..0865c7e 100644
--- a/tests/oauth2/rfc6749/grant_types/test_client_credentials.py
+++ b/tests/oauth2/rfc6749/grant_types/test_client_credentials.py
@@ -27,6 +27,7 @@ class ClientCredentialsGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('token_type', token)
         self.assertIn('expires_in', token)
@@ -38,6 +39,7 @@ class ClientCredentialsGrantTest(TestCase):
         self.mock_validator.authenticate_client.return_value = False
         headers, body, status_code = self.auth.create_token_response(
             self.request, bearer)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
         error_msg = json.loads(body)
         self.assertIn('error', error_msg)
         self.assertEqual(error_msg['error'], 'invalid_client')
diff --git a/tests/oauth2/rfc6749/grant_types/test_implicit.py b/tests/oauth2/rfc6749/grant_types/test_implicit.py
index e89f2d2..cdeecb7 100644
--- a/tests/oauth2/rfc6749/grant_types/test_implicit.py
+++ b/tests/oauth2/rfc6749/grant_types/test_implicit.py
@@ -33,6 +33,7 @@ class ImplicitGrantTest(TestCase):
         correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
         self.assertEqual(s, 302)
         self.assertURLEqual(h['Location'], correct_uri, parse_fragment=True)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
 
         correct_uri = 'https://b.c/p?access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
         self.request.response_mode = 'query'
diff --git a/tests/oauth2/rfc6749/grant_types/test_openid_connect.py b/tests/oauth2/rfc6749/grant_types/test_openid_connect.py
index cdf4e43..7c807f8 100644
--- a/tests/oauth2/rfc6749/grant_types/test_openid_connect.py
+++ b/tests/oauth2/rfc6749/grant_types/test_openid_connect.py
@@ -138,6 +138,7 @@ class OpenIDAuthCodeTest(TestCase):
 
         h, token, s = self.auth.create_token_response(self.request, bearer)
         token = json.loads(token)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('refresh_token', token)
         self.assertIn('expires_in', token)
@@ -145,9 +146,12 @@ class OpenIDAuthCodeTest(TestCase):
         self.assertIn('id_token', token)
         self.assertIn('openid', token['scope'])
 
+        self.mock_validator.reset_mock()
+
         self.request.scopes = ('hello', 'world')
         h, token, s = self.auth.create_token_response(self.request, bearer)
         token = json.loads(token)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('refresh_token', token)
         self.assertIn('expires_in', token)
diff --git a/tests/oauth2/rfc6749/grant_types/test_refresh_token.py b/tests/oauth2/rfc6749/grant_types/test_refresh_token.py
index 4a6f7f7..125dc2b 100644
--- a/tests/oauth2/rfc6749/grant_types/test_refresh_token.py
+++ b/tests/oauth2/rfc6749/grant_types/test_refresh_token.py
@@ -30,6 +30,7 @@ class RefreshTokenGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('token_type', token)
         self.assertIn('expires_in', token)
@@ -42,6 +43,7 @@ class RefreshTokenGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('token_type', token)
         self.assertIn('expires_in', token)
@@ -54,6 +56,7 @@ class RefreshTokenGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('token_type', token)
         self.assertIn('expires_in', token)
@@ -66,6 +69,7 @@ class RefreshTokenGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
         self.assertEqual(token['error'], 'invalid_scope')
         self.assertEqual(status_code, 401)
 
@@ -75,6 +79,7 @@ class RefreshTokenGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
         self.assertEqual(token['error'], 'invalid_grant')
         self.assertEqual(status_code, 401)
 
@@ -84,6 +89,7 @@ class RefreshTokenGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
         self.assertEqual(token['error'], 'invalid_client')
         self.assertEqual(status_code, 401)
 
diff --git a/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py b/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py
index dad668b..c637753 100644
--- a/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py
+++ b/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py
@@ -35,6 +35,7 @@ class ResourceOwnerPasswordCredentialsGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('token_type', token)
         self.assertIn('expires_in', token)
@@ -42,15 +43,20 @@ class ResourceOwnerPasswordCredentialsGrantTest(TestCase):
         # ensure client_authentication_required() is properly called
         self.mock_validator.client_authentication_required.assert_called_once_with(self.request)
         # fail client authentication
+        self.mock_validator.reset_mock()
         self.mock_validator.validate_user.return_value = True
         self.mock_validator.authenticate_client.return_value = False
         status_code = self.auth.create_token_response(self.request, bearer)[2]
         self.assertEqual(status_code, 401)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
+
         # mock client_authentication_required() returning False then fail
+        self.mock_validator.reset_mock()
         self.mock_validator.client_authentication_required.return_value = False
         self.mock_validator.authenticate_client_id.return_value = False
         status_code = self.auth.create_token_response(self.request, bearer)[2]
         self.assertEqual(status_code, 401)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
 
     def test_create_token_response_without_refresh_token(self):
         # self.auth.refresh_token = False so we don't generate a refresh token
@@ -60,6 +66,7 @@ class ResourceOwnerPasswordCredentialsGrantTest(TestCase):
         headers, body, status_code = self.auth.create_token_response(
                 self.request, bearer)
         token = json.loads(body)
+        self.assertEqual(self.mock_validator.save_token.call_count, 1)
         self.assertIn('access_token', token)
         self.assertIn('token_type', token)
         self.assertIn('expires_in', token)
@@ -68,15 +75,19 @@ class ResourceOwnerPasswordCredentialsGrantTest(TestCase):
         # ensure client_authentication_required() is properly called
         self.mock_validator.client_authentication_required.assert_called_once_with(self.request)
         # fail client authentication
+        self.mock_validator.reset_mock()
         self.mock_validator.validate_user.return_value = True
         self.mock_validator.authenticate_client.return_value = False
         status_code = self.auth.create_token_response(self.request, bearer)[2]
         self.assertEqual(status_code, 401)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
         # mock client_authentication_required() returning False then fail
+        self.mock_validator.reset_mock()
         self.mock_validator.client_authentication_required.return_value = False
         self.mock_validator.authenticate_client_id.return_value = False
         status_code = self.auth.create_token_response(self.request, bearer)[2]
         self.assertEqual(status_code, 401)
+        self.assertEqual(self.mock_validator.save_token.call_count, 0)
 
     def test_error_response(self):
         pass
author	Joel Stevenson <jstevenson@bepress.com>	2016-04-29 09:29:22 -0700
committer	Joel Stevenson <jstevenson@bepress.com>	2016-04-29 09:29:22 -0700
commit	2f7fd6cde2e10a9980ad4ef2e438d6b93769e613 (patch)
tree	f898092850c8d7a23a8037684b80443bb18cfa3f /tests/oauth2
parent	0fee646124b4af3cdf16189c64ac64777bc1c919 (diff)
download	oauthlib-2f7fd6cde2e10a9980ad4ef2e438d6b93769e613.tar.gz