diff options
author | Massimiliano Pippi <masci@evonove.it> | 2013-09-21 01:06:02 +0200 |
---|---|---|
committer | Massimiliano Pippi <masci@evonove.it> | 2013-09-21 01:06:02 +0200 |
commit | 012fbbebcdafa28340ecaf5addb5c1b9da30057b (patch) | |
tree | 17872dc076665a974272cd9e2cc79a163ffb859a /tests/oauth2 | |
parent | c38dab51aec039ac3a89778233c190776b5d7e8c (diff) | |
download | oauthlib-012fbbebcdafa28340ecaf5addb5c1b9da30057b.tar.gz |
added test involving client_authentication_required method
Diffstat (limited to 'tests/oauth2')
3 files changed, 123 insertions, 1 deletions
diff --git a/tests/oauth2/rfc6749/grant_types/test_authorization_code.py b/tests/oauth2/rfc6749/grant_types/test_authorization_code.py index a9c3e51..3302231 100644 --- a/tests/oauth2/rfc6749/grant_types/test_authorization_code.py +++ b/tests/oauth2/rfc6749/grant_types/test_authorization_code.py @@ -11,6 +11,7 @@ from oauthlib.oauth2.rfc6749.errors import InvalidClientError from oauthlib.oauth2.rfc6749.errors import InvalidGrantError from oauthlib.oauth2.rfc6749.grant_types import AuthorizationCodeGrant from oauthlib.oauth2.rfc6749.tokens import BearerToken +from oauthlib.oauth2.rfc6749.request_validator import RequestValidator class AuthorizationCodeGrantTest(TestCase): @@ -55,7 +56,7 @@ class AuthorizationCodeGrantTest(TestCase): self.assertIn('scope', token) def test_validate_token_request(self): - mock_validator = mock.MagicMock() + mock_validator = mock.MagicMock(spec=RequestValidator) auth = AuthorizationCodeGrant(request_validator=mock_validator) request = Request('http://a.b/path') self.assertRaises(UnsupportedGrantTypeError, @@ -70,6 +71,8 @@ class AuthorizationCodeGrantTest(TestCase): request.code = 'waffles' self.assertRaises(InvalidClientError, auth.validate_token_request, request) + args, _ = mock_validator.client_authentication_required.call_args_list[0] + self.assertEqual(args, (request,)) request.client = 'batman' mock_validator.authenticate_client = self.set_client diff --git a/tests/oauth2/rfc6749/grant_types/test_refresh_token.py b/tests/oauth2/rfc6749/grant_types/test_refresh_token.py index 25c261c..6a89c54 100644 --- a/tests/oauth2/rfc6749/grant_types/test_refresh_token.py +++ b/tests/oauth2/rfc6749/grant_types/test_refresh_token.py @@ -7,6 +7,11 @@ import mock from oauthlib.common import Request from oauthlib.oauth2.rfc6749.grant_types import RefreshTokenGrant from oauthlib.oauth2.rfc6749.tokens import BearerToken +from oauthlib.oauth2.rfc6749.errors import (UnsupportedGrantTypeError, + InvalidClientError, + InvalidRequestError, + InvalidGrantError, + InvalidScopeError) class RefreshTokenGrantTest(TestCase): @@ -72,3 +77,47 @@ class RefreshTokenGrantTest(TestCase): token = json.loads(body) self.assertEqual(token['error'], 'invalid_client') self.assertEqual(status_code, 401) + + def test_validate_token_request(self): + # ensure client_authentication_required() is properly called + self.mock_validator.authenticate_client.return_value = False + self.mock_validator.authenticate_client_id.return_value = False + self.request.code = 'waffles' + self.assertRaises(InvalidClientError, self.auth.validate_token_request, + self.request) + args, _ = self.mock_validator.client_authentication_required.call_args_list[0] + self.assertEqual(args, (self.request,)) + # fail with wrong grant type + self.request.grant_type = 'wrong_type' + self.assertRaises(UnsupportedGrantTypeError, + self.auth.validate_token_request, self.request) + # fail for not providing a refresh token + self.request.grant_type = 'refresh_token' + del self.request.refresh_token + self.assertRaises(InvalidRequestError, + self.auth.validate_token_request, self.request) + # fail client_id authentication + self.mock_validator.client_authentication_required.return_value = False + self.request.refresh_token = mock.MagicMock() + self.mock_validator.authenticate_client_id.return_value = False + self.assertRaises(InvalidClientError, + self.auth.validate_token_request, self.request) + # invalid refresh token + self.mock_validator.authenticate_client_id.return_value = True + self.mock_validator.validate_refresh_token.return_value = False + self.assertRaises(InvalidGrantError, + self.auth.validate_token_request, self.request) + # fail scope error + self.mock_validator.validate_refresh_token.return_value = True + self.assertRaises(InvalidScopeError, + self.auth.validate_token_request, self.request) + # all ok + self.request.scope = 'foo bar' + self.mock_validator.get_original_scopes = mock.Mock() + self.mock_validator.get_original_scopes.return_value = 'foo bar baz' + self.auth.validate_token_request(self.request) + self.assertEqual(self.request.scopes, self.request.scope.split()) + # all ok but without request.scope + del self.request.scope + self.auth.validate_token_request(self.request) + self.assertEqual(self.request.scopes, 'foo bar baz'.split()) diff --git a/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py b/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py index aaea440..36cacd0 100644 --- a/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py +++ b/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py @@ -7,6 +7,11 @@ import mock from oauthlib.common import Request from oauthlib.oauth2.rfc6749.grant_types import ResourceOwnerPasswordCredentialsGrant from oauthlib.oauth2.rfc6749.tokens import BearerToken +from oauthlib.oauth2.rfc6749.request_validator import RequestValidator +from oauthlib.oauth2.rfc6749.errors import (InvalidRequestError, + UnsupportedGrantTypeError, + InvalidGrantError, + InvalidClientError) class ResourceOwnerPasswordCredentialsGrantTest(TestCase): @@ -24,6 +29,11 @@ class ResourceOwnerPasswordCredentialsGrantTest(TestCase): self.auth = ResourceOwnerPasswordCredentialsGrant( request_validator=self.mock_validator) + def set_client(self, request, *args, **kwargs): + request.client = mock.MagicMock() + request.client.client_id = 'mocked' + return True + def test_create_token_response(self): bearer = BearerToken(self.mock_validator) headers, body, status_code = self.auth.create_token_response( @@ -33,9 +43,69 @@ class ResourceOwnerPasswordCredentialsGrantTest(TestCase): self.assertIn('token_type', token) self.assertIn('expires_in', token) self.assertIn('refresh_token', token) + # ensure client_authentication_required() is properly called + args, _ = self.mock_validator.client_authentication_required.call_args_list[0] + self.assertEqual(args, (self.request,)) + # fail client authentication + self.mock_validator.validate_user = mock.Mock() + self.mock_validator.validate_user.return_value = True + self.mock_validator.authenticate_client = mock.Mock() + self.mock_validator.authenticate_client.return_value = False + status_code = self.auth.create_token_response(self.request, bearer)[2] + self.assertEqual(status_code, 400) + # mock client_authentication_required() returning False then fail + self.mock_validator.client_authentication_required = mock.Mock() + self.mock_validator.client_authentication_required.return_value = False + self.mock_validator.authenticate_client_id = mock.Mock() + self.mock_validator.authenticate_client_id.return_value = False + status_code = self.auth.create_token_response(self.request, bearer)[2] + self.assertEqual(status_code, 400) def test_error_response(self): pass def test_scopes(self): pass + + def test_validate_token_request(self): + mock_validator = mock.MagicMock(spec=RequestValidator) + mock_validator.validate_user = self.set_client + + auth = ResourceOwnerPasswordCredentialsGrant( + request_validator=mock_validator) + request = Request('http://a.b/path') + # no params + self.assertRaises(InvalidRequestError, auth.validate_token_request, + request) + # right params but with duplicates + request = Request('http://a.b/path/?scope=one', body='scope=another') + request.client_id = 'client_id' + request.username = 'user' + request.password = 'pass' + request.grant_type = 'password' + self.assertRaises(InvalidRequestError, auth.validate_token_request, + request) + # wrong grant type + request = Request('http://a.b/path') + request.client_id = 'client_id' + request.username = 'user' + request.password = 'pass' + request.grant_type = 'foo' + self.assertRaises(UnsupportedGrantTypeError, + auth.validate_token_request, request) + # wrong user + request.grant_type = 'password' + mock_validator.validate_user = mock.Mock() + mock_validator.validate_user.return_value = False + self.assertRaises(InvalidGrantError, auth.validate_token_request, + request) + # user ok but request.client.client_id missing + mock_validator.validate_user.return_value = True + request.client = mock.Mock() + del request.client.client_id + self.assertRaises(NotImplementedError, auth.validate_token_request, + request) + # everything fine + request.client = mock.Mock() + mock_validator.validate_grant_type.return_value = True + auth.validate_token_request(request) |