Fix 644, Add tests for BasicAuth credentials for all endpoints (#645)

Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth.
author: Jonathan Huot <JonathanHuot@users.noreply.github.com> 2019-01-11 10:02:55 +0100
committer: GitHub <noreply@github.com> 2019-01-11 10:02:55 +0100
commit: 7586b0b1f39b19d0779d9d7caa967a3f66c09702 (patch)
tree: 165979136d965e21b59ff8920387847543f68606 /tests
parent: 20d116c0db616285ca48ef1591a8a79796a76f5d (diff)
download: oauthlib-7586b0b1f39b19d0779d9d7caa967a3f66c09702.tar.gz
2 files changed, 57 insertions, 2 deletions
diff --git a/tests/oauth2/rfc6749/endpoints/test_client_authentication.py b/tests/oauth2/rfc6749/endpoints/test_client_authentication.py
index 48c5f5a..133da59 100644
--- a/tests/oauth2/rfc6749/endpoints/test_client_authentication.py
+++ b/tests/oauth2/rfc6749/endpoints/test_client_authentication.py
@@ -43,6 +43,11 @@ class ClientAuthenticationTest(TestCase):
                 token_generator=self.inspect_client)
         self.backend = BackendApplicationServer(self.validator,
                 token_generator=self.inspect_client)
+        self.token_uri = 'http://example.com/path'
+        self.auth_uri = 'http://example.com/path?client_id=abc&response_type=token'
+        # should be base64 but no added value in this unittest
+        self.basicauth_client_creds = {"Authorization": "john:doe"}
+        self.basicauth_client_id = {"Authorization": "john:"}
 
     def set_client(self, request):
         request.client = mock.MagicMock()
@@ -54,7 +59,9 @@ class ClientAuthenticationTest(TestCase):
         request.client.client_id = 'mocked'
         return True
 
-    def set_username(self, username, password, client, request):
+    def basicauth_authenticate_client(self, request):
+        assert "Authorization" in request.headers
+        assert "john:doe" in request.headers["Authorization"]
         request.client = mock.MagicMock()
         request.client.client_id = 'mocked'
         return True
@@ -86,6 +93,55 @@ class ClientAuthenticationTest(TestCase):
         self.assertIn('Location', h)
         self.assertIn('access_token', get_fragment_credentials(h['Location']))
 
+    def test_basicauth_web(self):
+        self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client
+        _, body, _ = self.web.create_token_response(
+            self.token_uri,
+            body='grant_type=authorization_code&code=mock',
+            headers=self.basicauth_client_creds
+        )
+        self.assertIn('access_token', json.loads(body))
+
+    def test_basicauth_legacy(self):
+        self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client
+        _, body, _ = self.legacy.create_token_response(
+            self.token_uri,
+            body='grant_type=password&username=abc&password=secret',
+            headers=self.basicauth_client_creds
+        )
+        self.assertIn('access_token', json.loads(body))
+
+    def test_basicauth_backend(self):
+        self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client
+        _, body, _ = self.backend.create_token_response(
+            self.token_uri,
+            body='grant_type=client_credentials',
+            headers=self.basicauth_client_creds
+        )
+        self.assertIn('access_token', json.loads(body))
+
+    def test_basicauth_revoke(self):
+        self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client
+
+        # legacy or any other uses the same RevocationEndpoint
+        _, body, status = self.legacy.create_revocation_response(
+            self.token_uri,
+            body='token=foobar',
+            headers=self.basicauth_client_creds
+        )
+        self.assertEqual(status, 200, body)
+
+    def test_basicauth_introspect(self):
+        self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client
+
+        # legacy or any other uses the same IntrospectEndpoint
+        _, body, status = self.legacy.create_introspect_response(
+            self.token_uri,
+            body='token=foobar',
+            headers=self.basicauth_client_creds
+        )
+        self.assertEqual(status, 200, body)
+
     def test_custom_authentication(self):
         token_uri = 'http://example.com/path'
 
diff --git a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
index f92652b..b9bf76a 100644
--- a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
+++ b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
@@ -123,7 +123,6 @@ class IntrospectEndpointTest(TestCase):
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
 
-
     def test_introspect_unsupported_token(self):
         endpoint = IntrospectEndpoint(self.validator,
                                       supported_token_types=['access_token'])
author	Jonathan Huot <JonathanHuot@users.noreply.github.com>	2019-01-11 10:02:55 +0100
committer	GitHub <noreply@github.com>	2019-01-11 10:02:55 +0100
commit	7586b0b1f39b19d0779d9d7caa967a3f66c09702 (patch)
tree	165979136d965e21b59ff8920387847543f68606 /tests
parent	20d116c0db616285ca48ef1591a8a79796a76f5d (diff)
download	oauthlib-7586b0b1f39b19d0779d9d7caa967a3f66c09702.tar.gz