Beispiel #1
0
async def test_fetch_token_post():
    url = 'https://example.com/token'

    async def assert_func(request):
        content = await request.body()
        content = content.decode()
        assert 'code=v' in content
        assert 'client_id=' in content
        assert 'grant_type=authorization_code' in content

    mock_response = AsyncMockDispatch(default_token, assert_func=assert_func)
    async with AsyncOAuth2Client('foo', app=mock_response) as client:
        token = await client.fetch_token(
            url, authorization_response='https://i.b/?code=v')
        assert token == default_token

    async with AsyncOAuth2Client('foo',
                                 token_endpoint_auth_method='none',
                                 app=mock_response) as client:
        token = await client.fetch_token(url, code='v')
        assert token == default_token

    mock_response = AsyncMockDispatch({'error': 'invalid_request'})
    async with AsyncOAuth2Client('foo', app=mock_response) as client:
        with pytest.raises(OAuthError):
            await client.fetch_token(url)
async def test_refresh_token():
    async def verifier(request):
        content = await request.body()
        if str(request.url) == 'https://i.b/token':
            assert b'assertion=' in content

    async with AsyncAssertionClient(
            'https://i.b/token',
            grant_type=AsyncAssertionClient.JWT_BEARER_GRANT_TYPE,
            issuer='foo',
            subject='foo',
            audience='foo',
            alg='HS256',
            key='secret',
            app=AsyncMockDispatch(default_token,
                                  assert_func=verifier)) as client:
        await client.get('https://i.b')

    # trigger more case
    now = int(time.time())
    async with AsyncAssertionClient(
            'https://i.b/token',
            issuer='foo',
            subject=None,
            audience='foo',
            issued_at=now,
            expires_at=now + 3600,
            header={'alg': 'HS256'},
            key='secret',
            scope='email',
            claims={'test_mode': 'true'},
            app=AsyncMockDispatch(default_token,
                                  assert_func=verifier)) as client:
        await client.get('https://i.b')
        await client.get('https://i.b')
Beispiel #3
0
async def test_auto_refresh_token():
    async def _update_token(token, refresh_token=None, access_token=None):
        assert refresh_token == 'b'
        assert token == default_token

    update_token = mock.Mock(side_effect=_update_token)

    old_token = dict(access_token='a',
                     refresh_token='b',
                     token_type='bearer',
                     expires_at=100)

    app = AsyncMockDispatch(default_token)
    async with AsyncOAuth2Client('foo',
                                 token=old_token,
                                 token_endpoint='https://i.b/token',
                                 update_token=update_token,
                                 app=app) as sess:
        await sess.get('https://i.b/user')
        assert update_token.called is True

    old_token = dict(access_token='a', token_type='bearer', expires_at=100)
    async with AsyncOAuth2Client('foo',
                                 token=old_token,
                                 token_endpoint='https://i.b/token',
                                 update_token=update_token,
                                 app=app) as sess:
        with pytest.raises(OAuthError):
            await sess.get('https://i.b/user')
Beispiel #4
0
async def test_auto_refresh_token2():
    async def _update_token(token, refresh_token=None, access_token=None):
        assert access_token == 'a'
        assert token == default_token

    update_token = mock.Mock(side_effect=_update_token)

    old_token = dict(access_token='a', token_type='bearer', expires_at=100)

    app = AsyncMockDispatch(default_token)

    async with AsyncOAuth2Client(
            'foo',
            token=old_token,
            token_endpoint='https://i.b/token',
            grant_type='client_credentials',
            app=app,
    ) as client:
        await client.get('https://i.b/user')
        assert update_token.called is False

    async with AsyncOAuth2Client(
            'foo',
            token=old_token,
            token_endpoint='https://i.b/token',
            update_token=update_token,
            grant_type='client_credentials',
            app=app,
    ) as client:
        await client.get('https://i.b/user')
        assert update_token.called is True
async def test_without_alg():
    async with AsyncAssertionClient('https://i.b/token',
                                    issuer='foo',
                                    subject='foo',
                                    audience='foo',
                                    key='secret',
                                    app=AsyncMockDispatch()) as client:
        with pytest.raises(ValueError):
            await client.get('https://i.b')
Beispiel #6
0
async def test_revoke_token():
    answer = {'status': 'ok'}
    app = AsyncMockDispatch(answer)

    async with AsyncOAuth2Client('a', app=app) as sess:
        resp = await sess.revoke_token('https://i.b/token', 'hi')
        assert resp.json() == answer

        resp = await sess.revoke_token('https://i.b/token',
                                       'hi',
                                       token_type_hint='access_token')
        assert resp.json() == answer
async def test_fetch_request_token_via_header():
    request_token = {'oauth_token': '1', 'oauth_token_secret': '2'}

    async def assert_func(request):
        auth_header = request.headers.get('authorization')
        assert 'oauth_consumer_key="id"' in auth_header
        assert 'oauth_signature=' in auth_header

    app = AsyncMockDispatch(request_token, assert_func=assert_func)
    async with AsyncOAuth1Client('id', 'secret', app=app) as client:
        response = await client.fetch_request_token(oauth_url)

    assert response == request_token
Beispiel #8
0
async def test_add_token_to_uri():
    async def assert_func(request):
        assert default_token['access_token'] in str(request.url)

    mock_response = AsyncMockDispatch({'a': 'a'}, assert_func=assert_func)
    async with AsyncOAuth2Client('foo',
                                 token=default_token,
                                 token_placement='uri',
                                 app=mock_response) as client:
        resp = await client.get('https://i.b')

    data = resp.json()
    assert data['a'] == 'a'
Beispiel #9
0
async def test_cleans_previous_token_before_fetching_new_one():
    now = int(time.time())
    new_token = deepcopy(default_token)
    past = now - 7200
    default_token['expires_at'] = past
    new_token['expires_at'] = now + 3600
    url = 'https://example.com/token'

    app = AsyncMockDispatch(new_token)
    with mock.patch('time.time', lambda: now):
        async with AsyncOAuth2Client('foo', token=default_token,
                                     app=app) as sess:
            assert await sess.fetch_token(url) == new_token
Beispiel #10
0
async def test_add_token_to_header():
    async def assert_func(request):
        token = 'Bearer ' + default_token['access_token']
        auth_header = request.headers.get('authorization')
        assert auth_header == token

    mock_response = AsyncMockDispatch({'a': 'a'}, assert_func=assert_func)
    async with AsyncOAuth2Client('foo', token=default_token,
                                 app=mock_response) as client:
        resp = await client.get('https://i.b')

    data = resp.json()
    assert data['a'] == 'a'
Beispiel #11
0
async def test_access_token_response_hook():
    url = 'https://example.com/token'

    def _access_token_response_hook(resp):
        assert resp.json() == default_token
        return resp

    access_token_response_hook = mock.Mock(
        side_effect=_access_token_response_hook)
    app = AsyncMockDispatch(default_token)
    async with AsyncOAuth2Client('foo', token=default_token, app=app) as sess:
        sess.register_compliance_hook('access_token_response',
                                      access_token_response_hook)
        assert await sess.fetch_token(url) == default_token
        assert access_token_response_hook.called is True
Beispiel #12
0
async def test_client_credentials_type():
    url = 'https://example.com/token'

    async def assert_func(request):
        content = await request.body()
        content = content.decode()
        assert 'scope=profile' in content
        assert 'grant_type=client_credentials' in content

    app = AsyncMockDispatch(default_token, assert_func=assert_func)
    async with AsyncOAuth2Client('foo', scope='profile', app=app) as sess:
        token = await sess.fetch_token(url)
        assert token == default_token

        token = await sess.fetch_token(url, grant_type='client_credentials')
        assert token == default_token
async def test_get_via_header():
    mock_response = AsyncMockDispatch(b'hello')
    async with AsyncOAuth1Client(
            'id',
            'secret',
            token='foo',
            token_secret='bar',
            app=mock_response,
    ) as client:
        response = await client.get('https://example.com/')

    assert response.content == b'hello'
    request = response.request
    auth_header = request.headers.get('authorization')
    assert 'oauth_token="foo"' in auth_header
    assert 'oauth_consumer_key="id"' in auth_header
    assert 'oauth_signature=' in auth_header
Beispiel #14
0
async def test_password_grant_type():
    url = 'https://example.com/token'

    async def assert_func(request):
        content = await request.body()
        content = content.decode()
        assert 'username=v' in content
        assert 'scope=profile' in content
        assert 'grant_type=password' in content

    app = AsyncMockDispatch(default_token, assert_func=assert_func)
    async with AsyncOAuth2Client('foo', scope='profile', app=app) as sess:
        token = await sess.fetch_token(url, username='******', password='******')
        assert token == default_token

        token = await sess.fetch_token(url,
                                       username='******',
                                       password='******',
                                       grant_type='password')
        assert token == default_token
Beispiel #15
0
async def test_token_auth_method_client_secret_post():
    url = 'https://example.com/token'

    async def assert_func(request):
        content = await request.body()
        content = content.decode()
        assert 'code=v' in content
        assert 'client_id=' in content
        assert 'client_secret=bar' in content
        assert 'grant_type=authorization_code' in content

    mock_response = AsyncMockDispatch(default_token, assert_func=assert_func)
    async with AsyncOAuth2Client(
            'foo',
            'bar',
            token_endpoint_auth_method='client_secret_post',
            app=mock_response) as client:
        token = await client.fetch_token(url, code='v')

    assert token == default_token
async def test_get_via_query():
    mock_response = AsyncMockDispatch(b'hello')
    async with AsyncOAuth1Client(
            'id',
            'secret',
            token='foo',
            token_secret='bar',
            signature_type=SIGNATURE_TYPE_QUERY,
            app=mock_response,
    ) as client:
        response = await client.get('https://example.com/')

    assert response.content == b'hello'
    request = response.request
    auth_header = request.headers.get('authorization')
    assert auth_header is None

    url = str(request.url)
    assert 'oauth_token=foo' in url
    assert 'oauth_consumer_key=id' in url
    assert 'oauth_signature=' in url
Beispiel #17
0
async def test_auto_refresh_token4():
    async def _update_token(token, refresh_token=None, access_token=None):
        await asyncio.sleep(
            0.1)  # artificial sleep to force other coroutines to wake

    update_token = mock.Mock(side_effect=_update_token)

    old_token = dict(access_token='a', token_type='bearer', expires_at=100)

    app = AsyncMockDispatch(default_token)

    async with AsyncOAuth2Client(
            'foo',
            token=old_token,
            token_endpoint='https://i.b/token',
            update_token=update_token,
            grant_type='client_credentials',
            app=app,
    ) as client:
        coroutines = [client.get('https://i.b/user') for x in range(10)]
        await asyncio.gather(*coroutines)
        update_token.assert_called_once()
async def test_fetch_request_token_via_query():
    request_token = {'oauth_token': '1', 'oauth_token_secret': '2'}

    async def assert_func(request):
        auth_header = request.headers.get('authorization')
        assert auth_header is None

        url = str(request.url)
        assert 'oauth_consumer_key=id' in url
        assert '&oauth_signature=' in url

    mock_response = AsyncMockDispatch(request_token, assert_func=assert_func)

    async with AsyncOAuth1Client(
            'id',
            'secret',
            signature_type=SIGNATURE_TYPE_QUERY,
            app=mock_response,
    ) as client:
        response = await client.fetch_request_token(oauth_url)

    assert response == request_token
async def test_get_via_body():
    async def assert_func(request):
        content = await request.body()
        assert b'oauth_token=foo' in content
        assert b'oauth_consumer_key=id' in content
        assert b'oauth_signature=' in content

    mock_response = AsyncMockDispatch(b'hello', assert_func=assert_func)
    async with AsyncOAuth1Client(
            'id',
            'secret',
            token='foo',
            token_secret='bar',
            signature_type=SIGNATURE_TYPE_BODY,
            app=mock_response,
    ) as client:
        response = await client.post('https://example.com/')

    assert response.content == b'hello'

    request = response.request
    auth_header = request.headers.get('authorization')
    assert auth_header is None
Beispiel #20
0
async def test_fetch_token_get():
    url = 'https://example.com/token'

    async def assert_func(request):
        url = str(request.url)
        assert 'code=v' in url
        assert 'client_id=' in url
        assert 'grant_type=authorization_code' in url

    mock_response = AsyncMockDispatch(default_token, assert_func=assert_func)
    async with AsyncOAuth2Client('foo', app=mock_response) as client:
        authorization_response = 'https://i.b/?code=v'
        token = await client.fetch_token(
            url, authorization_response=authorization_response, method='GET')
        assert token == default_token

    async with AsyncOAuth2Client('foo',
                                 token_endpoint_auth_method='none',
                                 app=mock_response) as client:
        token = await client.fetch_token(url, code='v', method='GET')
        assert token == default_token

        token = await client.fetch_token(url + '?q=a', code='v', method='GET')
        assert token == default_token
async def test_fetch_access_token():
    request_token = {'oauth_token': '1', 'oauth_token_secret': '2'}

    async def assert_func(request):
        auth_header = request.headers.get('authorization')
        assert 'oauth_verifier="d"' in auth_header
        assert 'oauth_token="foo"' in auth_header
        assert 'oauth_consumer_key="id"' in auth_header
        assert 'oauth_signature=' in auth_header

    mock_response = AsyncMockDispatch(request_token, assert_func=assert_func)
    async with AsyncOAuth1Client(
            'id',
            'secret',
            token='foo',
            token_secret='bar',
            app=mock_response,
    ) as client:
        with pytest.raises(OAuthError):
            await client.fetch_access_token(oauth_url)

        response = await client.fetch_access_token(oauth_url, verifier='d')

    assert response == request_token
Beispiel #22
0
async def test_request_without_token():
    async with AsyncOAuth2Client('a', app=AsyncMockDispatch()) as client:
        with pytest.raises(OAuthError):
            await client.get('https://i.b/token')