def test_challenge_with_no_error(self):
authenticator = oauth1.TwoLeggedOauth1()
response = authenticator.challenge()
self.assertIsInstance(response, django.http.HttpResponse)
self.assertEqual(response.status_code, http.HTTPStatus.UNAUTHORIZED)
self.assertEqual(response["www-authenticate"], "None")
def test_validate_missing_parameters(self):
request = self.request_factory.get("/")
authenticator = oauth1.TwoLeggedOauth1()
authenticator.validate_missing_parameters(request)
self.assertEqual(
request.auth_header,
'OAuth realm="API",oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key,oauth_nonce,'
"oauth_signature,oauth_signature_method,oauth_timestamp",
)
def test_authenticate_header(self):
request = self.request_factory.get("/")
authenticator = oauth1.TwoLeggedOauth1()
result = authenticator.authenticate_header(request)
self.assertEqual(result, "Unknown OAuth Error")
request.auth_header = "foo"
result = authenticator.authenticate_header(request)
self.assertEqual(result, "foo")
def test_challenge_with_error(self):
authenticator = oauth1.TwoLeggedOauth1()
response = authenticator.challenge(oauth_errors.OAuthTimestampError())
self.assertEqual(response.status_code, http.HTTPStatus.UNAUTHORIZED)
self.assertTrue("timestamp_refused" in response["www-authenticate"])
data = json.loads(response.getvalue().decode("utf8"))
self.assertEqual(data["error_code"], http.HTTPStatus.UNAUTHORIZED)
self.assertTrue(data["error_message"],
"There was a problem with your timestamp.")
def test_is_authenticated_django_header_sillyness_and_auth_failure(self):
request = self.request_factory.get("/")
request.META["HTTP_AUTHORIZATION"] = "OAuth foo=bar"
testutils.OAuthClientHandler._build_request(request)
authenticator = oauth1.TwoLeggedOauth1()
result = authenticator.is_authenticated(request)
self.assertIsInstance(result, oauth_errors.OAuthMissingParameterError)
self.assertEqual(
result.detail,
"Parameters missing: oauth_consumer_key,oauth_nonce,oauth_signature,oauth_signature_method,oauth_timestamp",
)
def test_is_authenticated_invalid_signature_error(self):
request = self.request_factory.get("/")
request.META["consumer"] = self.consumer
testutils.OAuthClientHandler._build_request(request)
params = request.GET.copy()
params["oauth_signature"] = "bad"
request.GET = params
authenticator = oauth1.TwoLeggedOauth1()
result = authenticator.is_authenticated(request)
self.assertIsInstance(result, oauth_errors.OAuthInvalidSignatureError)
self.assertTrue(result.detail.startswith("Invalid signature."))
def test_is_authenticated_validation_error_handled(self, mocked_log):
class ExceptionWithMessage(Exception):
def __init__(self, msg):
self.message = msg
request = self.request_factory.get("/")
request.META["consumer"] = self.consumer
testutils.OAuthClientHandler._build_request(request)
authenticator = oauth1.TwoLeggedOauth1()
with mock.patch(
"django_declarative_apis.authentication.oauthlib.oauth1.TweakedSignatureOnlyEndpoint"
) as mocked_obj:
mocked_obj.side_effect = ExceptionWithMessage(
msg="something bad happened")
result = authenticator.is_authenticated(request)
self.assertIsInstance(result, authentication.AuthenticationFailure)
mocked_log.assert_called_with(
"Invalid oauthlib request: something bad happened")
