def test_signal_oauth_error_login(request):
responses.add(
responses.POST,
"https://example.com/oauth/request_token",
body="oauth_problem=nonce_used",
status=401,
)
app, bp = make_app()
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
resp = client.get("/login/test-service", base_url="https://a.b.c")
assert len(calls) == 1
assert calls[0][0] == (bp,)
assert (
calls[0][1]["message"]
== "Token request failed with code 401, response was 'oauth_problem=nonce_used'."
)
assert resp.status_code == 302
location = resp.headers["Location"]
assert location == "https://a.b.c/"
def test_signal_oauth_error_authorized(request):
responses.add(
responses.POST,
"https://example.com/oauth/access_token",
body="Invalid request token.",
status=401,
)
app, bp = make_app()
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
resp = client.get(
"/login/test-service/authorized?"
"oauth_token=faketoken&"
"oauth_token_secret=fakesecret&"
"oauth_verifier=fakeverifier",
base_url="https://a.b.c",
)
assert len(calls) == 1
assert calls[0][0] == (bp,)
assert (
calls[0][1]["message"]
== "Token request failed with code 401, response was 'Invalid request token.'."
)
assert resp.status_code == 302
def test_signal_oauth_error(request):
app, bp = make_app()
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
resp = client.get(
"/login/test-service/authorized?"
"error=unauthorized_client&"
"error_description=Invalid+redirect+URI&"
"error_uri=https%3a%2f%2fexample.com%2fdocs%2fhelp",
base_url="https://a.b.c",
)
assert len(calls) == 1
assert calls[0][0] == (bp,)
assert calls[0][1] == {
"error": "unauthorized_client",
"error_description": "Invalid redirect URI",
"error_uri": "https://example.com/docs/help",
}
assert resp.status_code == 302
def test_signal_oauth_error(request):
app, bp = make_app()
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
resp = client.get(
"/login/test-service/authorized?"
"error=unauthorized_client&"
"error_description=Invalid+redirect+URI&"
"error_uri=https%3a%2f%2fexample.com%2fdocs%2fhelp",
base_url="https://a.b.c",
)
assert len(calls) == 1
assert calls[0][0] == (bp, )
assert calls[0][1] == {
"error": "unauthorized_client",
"error_description": "Invalid redirect URI",
"error_uri": "https://example.com/docs/help",
}
assert resp.status_code == 302
def test_signal_oauth_notoken_authorized(request):
app, bp = make_app()
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
resp = client.get(
"/login/test-service/authorized?"
"denied=faketoken",
base_url="https://a.b.c",
)
assert len(calls) == 1
assert calls[0][0] == (bp, )
assert "Response does not contain a token" in calls[0][1]["message"]
assert calls[0][1]["response"] == {'denied': 'faketoken'}
assert resp.status_code == 302
location = resp.headers["Location"]
assert location == "https://a.b.c/"
def test_sqla_flask_login_misconfigured(app, db, blueprint, request):
login_manager = LoginManager(app)
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(80))
class OAuth(OAuthConsumerMixin, db.Model):
user_id = db.Column(db.Integer, db.ForeignKey(User.id))
user = db.relationship(User)
blueprint.storage = SQLAlchemyStorage(OAuth, db.session, user=current_user)
db.create_all()
def done():
db.session.remove()
db.drop_all()
request.addfinalizer(done)
# configure login manager
@login_manager.user_loader
def load_user(userid):
return User.query.get(userid)
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
# reset the session before the request
with client.session_transaction() as sess:
sess["test-service_oauth_state"] = "random-string"
# make the request
resp = client.get(
"/login/test-service/authorized?code=secret-code&state=random-string",
base_url="https://a.b.c",
)
# check that we redirected the client
assert resp.status_code == 302
assert resp.headers["Location"] in ("https://a.b.c/oauth_done",
"/oauth_done")
assert len(calls) == 1
assert calls[0][0] == (blueprint, )
error = calls[0][1]["error"]
assert isinstance(error, ValueError)
assert str(error) == "Cannot set OAuth token without an associated user"
def test_sqla_flask_login_misconfigured(app, db, blueprint, request):
login_manager = LoginManager(app)
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(80))
class OAuth(OAuthConsumerMixin, db.Model):
user_id = db.Column(db.Integer, db.ForeignKey(User.id))
user = db.relationship(User)
blueprint.storage = SQLAlchemyStorage(OAuth, db.session, user=current_user)
db.create_all()
def done():
db.session.remove()
db.drop_all()
request.addfinalizer(done)
# configure login manager
@login_manager.user_loader
def load_user(userid):
return User.query.get(userid)
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
# reset the session before the request
with client.session_transaction() as sess:
sess["test-service_oauth_state"] = "random-string"
# make the request
resp = client.get(
"/login/test-service/authorized?code=secret-code&state=random-string",
base_url="https://a.b.c",
)
# check that we redirected the client
assert resp.status_code == 302
assert resp.headers["Location"] == "https://a.b.c/oauth_done"
assert len(calls) == 1
assert calls[0][0] == (blueprint,)
error = calls[0][1]["error"]
assert isinstance(error, ValueError)
assert str(error) == "Cannot set OAuth token without an associated user"
def test_signal_oauth_notoken_authorized(request):
app, bp = make_app()
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_error.connect(callback)
request.addfinalizer(lambda: oauth_error.disconnect(callback))
with app.test_client() as client:
resp = client.get(
"/login/test-service/authorized?" "denied=faketoken",
base_url="https://a.b.c",
)
assert len(calls) == 1
assert calls[0][0] == (bp,)
assert "Response does not contain a token" in calls[0][1]["message"]
assert calls[0][1]["response"] == {"denied": "faketoken"}
assert resp.status_code == 302
location = resp.headers["Location"]
assert location == "https://a.b.c/"
