Beispiel #1
0
def test_get_tokens_deleted_resource():
    resource_id_1 = set_policy()
    resource_id_2 = set_policy()

    body = {}
    body['request'] = [resource_id_1, resource_id_2]
    r = consumer.get_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    token = r['response']['token']
    s = token.split("/")
    uuid = s[3]

    body['request'] = [{'token': uuid, 'resources': [resource_id_2]}]
    r = consumer.update_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    r = consumer.view_tokens()
    resources = []

    check = False
    for tokens in r['response']:
        if uuid == tokens['uuid']:
            resources = tokens['request']

    for i in resources:
        if i['cat_id'] == resource_id_1:
            assert i['status'] == 'deleted'
            check = True

    assert check is True
Beispiel #2
0
def test_update_token_revoked_resource():
    resource_id_1 = set_policy()

    body = {}
    body['request'] = [resource_id_1]
    r = consumer.get_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    token = r['response']['token']
    s = token.split("/")
    uuid = s[3]

    access_id = -1
    # find access ID and delete it
    r = provider.get_provider_access()
    assert r['success'] == True
    assert r['status_code'] == 200
    rules = r['response']
    for r in rules:
        if resource_id_1 == r['item']['cat_id']:
            access_id = r['id']
            break

    assert access_id != -1
    r = provider.delete_rule([{'id': access_id}])
    assert r['success'] == True
    assert r['status_code'] == 200

    body['request'] = [{'token': uuid, 'resources': [resource_id_1]}]
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 403

    # add another resource
    resource_id_2 = set_policy()

    body['request'] = [{'token': uuid, 'resources': [resource_id_2]}]
    r = consumer.update_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    # resource_id is not deleted, since it was already revoked by provider
    assert len(r['response'][0]['deleted_resources']) == 0
Beispiel #3
0
def test_update_token_add_resource():
    resource_id_1 = set_policy()
    resource_id_2 = set_policy()

    body = {}
    body['request'] = [resource_id_1]
    r = consumer.get_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    token = r['response']['token']
    s = token.split("/")
    uuid = s[3]

    resources = []

    r = consumer.view_tokens()
    for tokens in r['response']:
        if tokens['uuid'] == uuid:
            resources = tokens['request']

    for resource in resources:
        assert resource_id_1 == resource['cat_id']
        assert resource['status'] == 'active'

    assert len(resources) == 1

    body['request'] = [{
        'token': uuid,
        'resources': [resource_id_1, resource_id_2]
    }]

    r = consumer.update_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    resources = []

    r = consumer.view_tokens()
    for tokens in r['response']:
        if tokens['uuid'] == uuid:
            resources = tokens['request']
    check = 0
    for i in resources:
        if i['cat_id'] == resource_id_1 and i['status'] == 'active':
            check = check + 1
        if i['cat_id'] == resource_id_2 and i['status'] == 'active':
            check = check + 1

    assert check == 2
Beispiel #4
0
def test_update_token_invalid_request():
    body = {'request': []}
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400

    body = {'request': 'token'}
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400

    body = {'request': ['token']}
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400

    body = {'request': [{'token': '1234'}]}
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400

    body = {
        'request': [{
            'token': 'ba2efb08-896a-4f0a-abe9-486fe40651dc ',
            'resources': ['hello']
        }]
    }
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400

    body = {
        'request': [{
            'token': 'ba2efb08-896a-4f0a-abe9-486fe40651dc ',
            'resources': []
        }]
    }
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400

    body = {
        'request': [{
            'token': 'ba2efb08-896a-4f0a-abe9-486fe40651dc ',
            'resources': 'hello'
        }]
    }
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400
Beispiel #5
0
def test_update_token_different_resource_server():
    resource_id = set_policy()

    body = {}
    body['request'] = [resource_id]
    r = consumer.get_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    token = r['response']['token']
    s = token.split("/")
    uuid = s[3]

    bad_resource_id = "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs.iudx.org.in/" + rand_rsg(
    )

    body['request'] = [{
        'token': uuid,
        'resources': [bad_resource_id, resource_id]
    }]

    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400
Beispiel #6
0
def test_update_token_delete_and_undelete_resource():
    resource_id_1 = set_policy()
    resource_id_2 = set_policy()

    body = {}
    body['request'] = [resource_id_1, resource_id_2]
    r = consumer.get_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200

    token = r['response']['token']
    s = token.split("/")
    uuid = s[3]

    resources = []

    r = consumer.view_tokens()
    for tokens in r['response']:
        if tokens['uuid'] == uuid:
            resources = tokens['request']

    assert len(resources) == 2
    for i in resources:
        assert i['status'] == 'active'

    body['request'] = [{'token': uuid, 'resources': [resource_id_2]}]

    r = consumer.update_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200
    assert resource_id_1 in r['response'][0]['deleted_resources']
    assert resource_id_2 in r['response'][0]['active_resources']

    resources = []

    r = consumer.view_tokens()
    for tokens in r['response']:
        if tokens['uuid'] == uuid:
            resources = tokens['request']
    check = 0
    for i in resources:
        if i['cat_id'] == resource_id_1:
            assert i['status'] == 'deleted'
            check = check + 1
        if i['cat_id'] == resource_id_2:
            assert i['status'] == 'active'
            check = check + 1

    assert check == 2

    # undelete the resource/add it again
    body['request'] = [{
        'token': uuid,
        'resources': [resource_id_1, resource_id_2]
    }]

    r = consumer.update_token(body)
    assert r['success'] is True
    assert r['status_code'] == 200
    assert len(r['response'][0]['deleted_resources']) == 0

    resources = []

    r = consumer.view_tokens()
    for tokens in r['response']:
        if tokens['uuid'] == uuid:
            resources = tokens['request']
    check = 0
    for i in resources:
        assert i['status'] == 'active'
Beispiel #7
0
def test_update_token_empty_body():
    body = {}
    r = consumer.update_token(body)
    assert r['success'] is False
    assert r['status_code'] == 400