def test_oauth2_token_is_reused_if_not_expired(self):
auth1 = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_token_as_token',
token_reception_timeout=TIMEOUT)
token1 = get_header(auth1).get('Bearer')
self.assertIsNotNone(token1)
oauth2 = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_token_as_token',
token_reception_timeout=TIMEOUT)
token2 = get_header(oauth2).get('Bearer')
self.assertIsNotNone(token2)
# As the token should not be expired, this call should use the same token
self.assertEqual(token1, token2)
def test_oauth2_failure_if_token_is_not_provided(self):
with self.assertRaises(Exception) as cm:
call(
authentication.OAuth2(TEST_SERVICE_HOST +
'/do_not_provide_token',
token_reception_timeout=TIMEOUT))
self.assertEqual('token not provided within {}.', str(cm.exception))
def test_oauth2_can_send_a_custom_response_type_and_expects_token_to_be_received_with_this_name(
self):
auth = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_token_as_custom_token',
token_reception_timeout=TIMEOUT,
response_type='custom_token')
self.assertIsNotNone(get_header(auth).get('Bearer'))
def test_oauth2_token_can_be_requested_on_a_custom_server_port(self):
auth = authentication.OAuth2(
TEST_SERVICE_HOST + '/provide_token_as_token',
# TODO Should use a method to retrieve a free port instead
redirect_uri_port=5002,
token_reception_timeout=TIMEOUT)
self.assertIsNotNone(get_header(auth).get('Bearer'))
def test_oauth2_failure_if_token_is_not_received_within_the_timeout_interval(
self):
with self.assertRaises(Exception) as cm:
call(
authentication.OAuth2(TEST_SERVICE_HOST + '/do_not_redirect',
token_reception_timeout=TIMEOUT))
self.assertEqual(
'User authentication was not received within 5 seconds.',
str(cm.exception))
def test_oauth2_failure_if_state_is_not_provided(self):
with self.assertRaises(Exception) as cm:
call(
authentication.OAuth2(
TEST_SERVICE_HOST +
'/provide_token_as_token_but_without_providing_state',
token_reception_timeout=TIMEOUT), )
self.assertRegex(str(cm.exception),
"state not provided within {'token': \['.*'\]}.")
def test_oauth2_token_is_reused_if_only_nonce_differs(self):
auth1 = authentication.OAuth2(
TEST_SERVICE_HOST +
'/provide_token_as_custom_token?response_type=custom_token'
'&nonce=1',
token_reception_timeout=TIMEOUT)
token_on_auth1 = get_header(auth1).get('Bearer')
self.assertIsNotNone(token_on_auth1)
auth2 = authentication.OAuth2(
TEST_SERVICE_HOST +
'/provide_token_as_custom_token?response_type=custom_token'
'&nonce=2',
token_reception_timeout=TIMEOUT)
token_on_auth2 = get_header(auth2).get('Bearer')
self.assertIsNotNone(token_on_auth2)
self.assertEqual(token_on_auth1, token_on_auth2)
def test_oauth2_token_is_requested_again_if_expired(self):
# This token will expires in 1 seconds
auth1 = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_a_token_expiring_in_1_second',
token_reception_timeout=TIMEOUT)
token1 = get_header(auth1).get('Bearer')
self.assertIsNotNone(token1)
# Wait for 2 seconds to ensure that the token expiring in 1 seconds will be considered as expired
time.sleep(2)
# Token should now be expired, a new one should be requested
auth2 = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_a_token_expiring_in_1_second',
token_reception_timeout=TIMEOUT)
token2 = get_header(auth2).get('Bearer')
self.assertIsNotNone(token2)
self.assertNotEqual(token1, token2)
def test_oauth2_token_is_not_reused_if_a_url_parameter_is_changing(self):
auth1 = authentication.OAuth2(
TEST_SERVICE_HOST +
'/provide_token_as_custom_token?response_type=custom_token'
'&fake_param=1',
token_reception_timeout=TIMEOUT)
token_on_auth1 = get_header(auth1).get('Bearer')
self.assertIsNotNone(token_on_auth1)
# Ensure that the new generated token will be different than previous one
time.sleep(1)
logger.info(
'Requesting a custom token with a different parameter in URL.')
auth2 = authentication.OAuth2(
TEST_SERVICE_HOST +
'/provide_token_as_custom_token?response_type=custom_token'
'&fake_param=2',
token_reception_timeout=TIMEOUT)
token_on_auth2 = get_header(auth2).get('Bearer')
self.assertIsNotNone(token_on_auth2)
self.assertNotEqual(token_on_auth1, token_on_auth2)
def test_oauth2_expects_token_to_be_stored_in_token_by_default(self):
auth = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_token_as_token',
token_reception_timeout=TIMEOUT)
self.assertIsNotNone(get_header(auth).get('Bearer'))
def test_oauth2_token_is_sent_in_bearer(self):
auth = authentication.OAuth2(TEST_SERVICE_HOST +
'/provide_token_as_token',
token_reception_timeout=TIMEOUT)
self.assertIsNotNone(get_header(auth).get('Bearer'))
def test_oauth2_url_is_mandatory(self):
with self.assertRaises(Exception) as cm:
authentication.OAuth2(None)
self.assertEqual(str(cm.exception), 'Authorization URL is mandatory.')