diff options
author | Jonathan Huot <JonathanHuot@users.noreply.github.com> | 2019-01-11 10:02:55 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-11 10:02:55 +0100 |
commit | 7586b0b1f39b19d0779d9d7caa967a3f66c09702 (patch) | |
tree | 165979136d965e21b59ff8920387847543f68606 /tests | |
parent | 20d116c0db616285ca48ef1591a8a79796a76f5d (diff) | |
download | oauthlib-7586b0b1f39b19d0779d9d7caa967a3f66c09702.tar.gz |
Fix 644, Add tests for BasicAuth credentials for all endpoints (#645)
Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/oauth2/rfc6749/endpoints/test_client_authentication.py | 58 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py | 1 |
2 files changed, 57 insertions, 2 deletions
diff --git a/tests/oauth2/rfc6749/endpoints/test_client_authentication.py b/tests/oauth2/rfc6749/endpoints/test_client_authentication.py index 48c5f5a..133da59 100644 --- a/tests/oauth2/rfc6749/endpoints/test_client_authentication.py +++ b/tests/oauth2/rfc6749/endpoints/test_client_authentication.py @@ -43,6 +43,11 @@ class ClientAuthenticationTest(TestCase): token_generator=self.inspect_client) self.backend = BackendApplicationServer(self.validator, token_generator=self.inspect_client) + self.token_uri = 'http://example.com/path' + self.auth_uri = 'http://example.com/path?client_id=abc&response_type=token' + # should be base64 but no added value in this unittest + self.basicauth_client_creds = {"Authorization": "john:doe"} + self.basicauth_client_id = {"Authorization": "john:"} def set_client(self, request): request.client = mock.MagicMock() @@ -54,7 +59,9 @@ class ClientAuthenticationTest(TestCase): request.client.client_id = 'mocked' return True - def set_username(self, username, password, client, request): + def basicauth_authenticate_client(self, request): + assert "Authorization" in request.headers + assert "john:doe" in request.headers["Authorization"] request.client = mock.MagicMock() request.client.client_id = 'mocked' return True @@ -86,6 +93,55 @@ class ClientAuthenticationTest(TestCase): self.assertIn('Location', h) self.assertIn('access_token', get_fragment_credentials(h['Location'])) + def test_basicauth_web(self): + self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client + _, body, _ = self.web.create_token_response( + self.token_uri, + body='grant_type=authorization_code&code=mock', + headers=self.basicauth_client_creds + ) + self.assertIn('access_token', json.loads(body)) + + def test_basicauth_legacy(self): + self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client + _, body, _ = self.legacy.create_token_response( + self.token_uri, + body='grant_type=password&username=abc&password=secret', + headers=self.basicauth_client_creds + ) + self.assertIn('access_token', json.loads(body)) + + def test_basicauth_backend(self): + self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client + _, body, _ = self.backend.create_token_response( + self.token_uri, + body='grant_type=client_credentials', + headers=self.basicauth_client_creds + ) + self.assertIn('access_token', json.loads(body)) + + def test_basicauth_revoke(self): + self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client + + # legacy or any other uses the same RevocationEndpoint + _, body, status = self.legacy.create_revocation_response( + self.token_uri, + body='token=foobar', + headers=self.basicauth_client_creds + ) + self.assertEqual(status, 200, body) + + def test_basicauth_introspect(self): + self.validator.authenticate_client.side_effect = self.basicauth_authenticate_client + + # legacy or any other uses the same IntrospectEndpoint + _, body, status = self.legacy.create_introspect_response( + self.token_uri, + body='token=foobar', + headers=self.basicauth_client_creds + ) + self.assertEqual(status, 200, body) + def test_custom_authentication(self): token_uri = 'http://example.com/path' diff --git a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py index f92652b..b9bf76a 100644 --- a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py +++ b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py @@ -123,7 +123,6 @@ class IntrospectEndpointTest(TestCase): self.assertEqual(loads(b)['error'], 'invalid_client') self.assertEqual(s, 401) - def test_introspect_unsupported_token(self): endpoint = IntrospectEndpoint(self.validator, supported_token_types=['access_token']) |