def test_validate_user_missingusername(self):
        '''This test case ensures an exception is raised if username is attribute is not sent.'''

        for resource in [
                User(),
                User(username=None),
                User(username=""),
                User(username="******")
        ]:
            with self.assertRaises(FantasticoRoaError) as ctx:
                self._validator.validate(resource, Mock())

            self.assertTrue(
                str(ctx.exception).find("username") > -1,
                "Username not found in exception text.")
Beispiel #2
0
    def test_authenticate_different_passwords(self):
        '''This test case ensures an exception is raised when passwords do not match.'''

        creation_time, expiration_time = self._mock_creationexpiration_time()

        user = User(username="******", password="******")
        user.session = Mock()

        return_url = "/test/url"

        token = Token({
            "client_id": self._IDP_CLIENTID,
            "type": "login",
            "user_id": user.user_id,
            "creation_time": creation_time,
            "expiration_time": expiration_time
        })

        request, user_repo_cls, user_repo, tokens_service_cls, \
            tokens_service, clienturl_facade = self._mock_authenticate_dependencies(token, user, return_url)

        with self.assertRaises(OAuth2AuthenticationError):
            self._idp_controller.authenticate(
                request,
                tokens_service_cls=tokens_service_cls,
                user_repo_cls=user_repo_cls)
Beispiel #3
0
    def _test_authenticate_encrypt_ex(self, ex):
        '''This method provides a template test case which allows token encrypt method to raise various exceptions.'''

        creation_time, expiration_time = self._mock_creationexpiration_time()

        user = User(username="******", password="******")
        user.session = Mock()

        return_url = "/test/url"

        token = Token({
            "client_id": self._IDP_CLIENTID,
            "type": "login",
            "user_id": user.user_id,
            "creation_time": creation_time,
            "expiration_time": expiration_time
        })

        request, user_repo_cls, user_repo, tokens_service_cls, \
            tokens_service, clienturl_facade = self._mock_authenticate_dependencies(token, user, return_url)

        tokens_service.encrypt = Mock(side_effect=ex)

        self._idp_controller.authenticate(
            request,
            tokens_service_cls=tokens_service_cls,
            user_repo_cls=user_repo_cls)
Beispiel #4
0
    def test_authenticate_missing_redirecturi(self):
        '''This test case ensures an exception is raised when the return url query parameter is missing.'''

        user = User(username="******", password="******")

        self._test_authenticate_missing_param(
            user, None, self._idp_controller.REDIRECT_PARAM)
Beispiel #5
0
    def test_init_noargs(self):
        '''This test case ensures an user can be instantiated without arguments.'''

        user = User()

        self.assertIsNone(user.username)
        self.assertIsNone(user.password)
        self.assertIsNone(user.person_id)
    def test_validate_user_missingpasswd_update(self):
        '''This test case ensures an exception is raised if passowrd is not present in dictionary when trying to update
        an existing user.'''

        request = Request.blank("/test", {})
        request.method = "PUT"

        for resource in [
                User(username="******"),
                User(username="******", password="******")
        ]:
            with self.assertRaises(FantasticoRoaError) as ctx:
                self._validator.validate(resource, request)

            self.assertTrue(
                str(ctx.exception).find("password") > -1,
                "Password not found in exception text.")
    def test_validate_user_new(self):
        '''This test case ensures validation works correctly when the user is new (user_id is not known) - POST.'''

        request = Request.blank("/test", {})
        request.method = 'POST'

        resource = User(username="******", password="******")

        self._test_validate_user_template(resource, request)
    def test_validate_user_update(self):
        '''This test case ensures validation works correctly for existing users.'''

        request = Request.blank("/test", {})
        request.method = 'PUT'

        resource = User(username="******", password="******")
        resource.user_id = 55

        self._test_validate_user_template(resource, request)
Beispiel #9
0
    def test_init_with_args(self):
        '''This test case ensures an user can be instantiated with arguments.'''

        username = "******"
        password = "******"
        person_id = 1

        user = User(username, password, person_id)

        self.assertEqual(username, user.username)
        self.assertEqual(password, user.password)
        self.assertEqual(person_id, user.person_id)
    def test_validate_user_usernamenotemail(self):
        '''This test case ensures an exception is raised if username attribute is not a valid email address.'''

        resource = User(username="******")

        with self.assertRaises(FantasticoRoaError) as ctx:
            self._validator.validate(resource, Mock())

        msg = str(ctx.exception)

        self.assertTrue(
            msg.find("username") > -1, "Username not found in exception text.")
        self.assertTrue(
            msg.find("email") > -1, "Email not found in exception text.")
    def test_validate_personid_error(self):
        '''This test case ensures that an exception is raised if for create / update operations body contains person id.'''

        request = Request.blank("/test", {})

        for method in ["POST", "PUT"]:
            resource = User(username="******",
                            password="******",
                            person_id=5)

            request.method = method

            with self.assertRaises(FantasticoRoaError) as ctx:
                self._validator.validate(resource, request)

            self.assertTrue(str(ctx.exception).find("person_id") > -1)
Beispiel #12
0
    def _test_authenticate_ok(self, return_url, expected_url):
        '''This method provides a template test case for ensuring authenticate succeeds for various return_url values.'''

        user = User(username="******",
                    password="******",
                    person_id=1)
        user.user_id = 123

        creation_time, expiration_time = self._mock_creationexpiration_time()

        token = Token({
            "client_id": self._IDP_CLIENTID,
            "type": "login",
            "user_id": user.user_id,
            "creation_time": creation_time,
            "expiration_time": expiration_time
        })

        request, user_repo_cls, user_repo, tokens_service_cls, \
            tokens_service, clienturl_facade = self._mock_authenticate_dependencies(token, user, return_url)

        response = self._idp_controller.authenticate(
            request,
            tokens_service_cls=tokens_service_cls,
            user_repo_cls=user_repo_cls)

        self.assertIsNotNone(response)
        self.assertEqual(302, response.status_code)

        location = response.headers.get("Location")

        self.assertEqual(expected_url, location)

        user_repo.load_by_username.assert_called_once_with(user.username)
        self._hasher.hash_password.assert_called_once_with(
            user.password, DictionaryObject({"salt": user.user_id}))

        tokens_service_cls.assert_called_once_with(clienturl_facade.session)
        tokens_service.generate.assert_called_once_with(
            {
                "client_id": self._IDP_CLIENTID,
                "user_id": user.user_id,
                "expires_in": self._EXPIRES_IN
            }, TokenGeneratorFactory.LOGIN_TOKEN)
        tokens_service.encrypt.assert_called_once_with(token, token.client_id)
    def test_load_by_username(self):
        '''This test case ensures a user can be loaded by username.'''

        user = User(username="******",
                    password="******",
                    person_id=1)

        self._user_facade.get_records_paged = Mock(return_value=[user])

        result = self._repo.load_by_username(user.username)

        self.assertEqual(user, result)

        self._user_facade.get_records_paged.assert_called_once_with(
            start_record=0,
            end_record=1,
            filter_expr=ModelFilter(User.username, user.username,
                                    ModelFilter.EQ))
Beispiel #14
0
    def _test_validate_owned_by_user(self, resource, user_id, person_id):
        '''This method provides a template for testing validation for scenarios where resource belongs / does not belong to
        expected user.'''

        token = Token({"user_id": user_id, "scopes": []})

        request = Mock()
        request.request_id = 1
        request.context = Mock()
        request.context.security = SecurityContext(token)

        self._model_facade.find_by_pk = Mock(return_value=User(person_id=1))

        self._validator.validate(resource, request, person_id)

        self._conn_manager.get_connection.assert_called_once_with(
            request.request_id)
        self._model_facade_cls.assert_called_once_with(User, self._db_conn)
        self._model_facade.find_by_pk.assert_called_once_with(
            {User.user_id: token.user_id})
Beispiel #15
0
    def test_authenticate_invalid_redirecturi(self):
        '''This test case ensures an exception is raised when the return url query parameter is not accepted by idp.'''

        creation_time, expiration_time = self._mock_creationexpiration_time()

        user = User(username="******", password="******")
        user.session = Mock()

        return_url = "/test/url?state=xyz"

        token = Token({
            "client_id": self._IDP_CLIENTID,
            "type": "login",
            "user_id": user.user_id,
            "creation_time": creation_time,
            "expiration_time": expiration_time
        })

        request, user_repo_cls, user_repo, tokens_service_cls, \
            tokens_service, clienturl_facade = self._mock_authenticate_dependencies(token, user, return_url)

        clienturl_facade.get_records_paged = Mock(return_value=[])

        with self.assertRaises(OAuth2MissingQueryParamError):
            self._idp_controller.authenticate(
                request,
                tokens_service_cls=tokens_service_cls,
                user_repo_cls=user_repo_cls)

        return_url = return_url[:return_url.find("?")]
        clienturl_facade.get_records_paged.assert_called_once_with(
            start_record=0,
            end_record=1,
            filter_expr=ModelFilterAnd(
                ModelFilter(ClientReturnUrl.client_id, self._IDP_CLIENTID,
                            ModelFilter.EQ),
                ModelFilter(ClientReturnUrl.return_url, return_url,
                            ModelFilter.EQ)))
Beispiel #16
0
    def test_authenticate_missing_password(self):
        '''This test case ensures an exception is raised when the password is not posted.'''

        user = User(username="******")

        self._test_authenticate_missing_param(user, None, "password")
Beispiel #17
0
    def test_authenticate_missing_username(self):
        '''This test case ensures an exception is raised when the username is not posted.'''

        user = User()

        self._test_authenticate_missing_param(user, None, "username")