async def test_cred_refresh_upgrade_default_client(drive: DriveSource,
server: SimulationServer,
time: FakeTime,
config: Config):
return
# TODO: Enable this when we start removing the default client_secret
config.override(Setting.DEFAULT_DRIVE_CLIENT_ID,
server.getSetting("drive_client_id"))
creds = server.getCurrentCreds()
creds_with_secret = server.getCurrentCreds()
creds_with_secret._secret = server.getSetting("drive_client_secret")
with open(config.get(Setting.CREDENTIALS_FILE_PATH), "w") as f:
json.dump(creds_with_secret.serialize(), f)
# reload the creds
drive.drivebackend.tryLoadCredentials()
# Verify the "client secret" was removed
with open(config.get(Setting.CREDENTIALS_FILE_PATH)) as f:
saved_creds = json.load(f)
assert saved_creds == creds.serialize()
await drive.get()
old_creds = drive.drivebackend.cred_bearer
await drive.get()
assert old_creds == drive.drivebackend.cred_bearer
time.advanceDay()
await drive.get()
assert old_creds != drive.drivebackend.cred_bearer
async def test_cred_refresh_no_secret(drive: DriveSource, server: SimulationServer, time: FakeTime, config: Config):
drive.saveCreds(server.getCurrentCreds())
await drive.get()
old_creds = drive.drivebackend.creds
await drive.get()
assert old_creds.access_token == drive.drivebackend.creds.access_token
time.advanceDay()
await drive.get()
assert old_creds.access_token != drive.drivebackend.creds.access_token
with open(config.get(Setting.CREDENTIALS_FILE_PATH)) as f:
assert "client_secret" not in json.load(f)
async def test_cred_refresh_with_secret(drive: DriveSource, server: SimulationServer, time: FakeTime, config: Config):
server.resetDriveAuth()
with open(config.get(Setting.CREDENTIALS_FILE_PATH), "w") as f:
creds = server.getCurrentCreds()
creds._secret = config.get(Setting.DEFAULT_DRIVE_CLIENT_SECRET)
json.dump(creds.serialize(), f)
drive.drivebackend.tryLoadCredentials()
await drive.get()
old_creds = drive.drivebackend.creds
# valid creds should be reused
await drive.get()
assert old_creds.access_token == drive.drivebackend.creds.access_token
# then refreshed when they expire
time.advanceDay()
await drive.get()
assert old_creds.access_token != drive.drivebackend.creds.access_token
# verify the client_secret is kept
with open(config.get(Setting.CREDENTIALS_FILE_PATH)) as f:
assert "client_secret" in json.load(f)