def create_oauth2_client_stub(self, authority, token_response, err):
authorityObject = Authority(authority, False)
authorityObject.token_endpoint = AADConstants.TOKEN_ENDPOINT_PATH
authorityObject.device_code_endpoint = AADConstants.DEVICE_ENDPOINT_PATH
client = OAuth2Client(cp['callContext'], authorityObject)
def side_effect (oauth):
return token_response
client.get_token = mock.MagicMock(side_effect=side_effect)
return client
def create_oauth2_client_stub(self, authority, token_response, err):
authorityObject = Authority(authority, False)
authorityObject.token_endpoint = AADConstants.TOKEN_ENDPOINT_PATH
authorityObject.device_code_endpoint = AADConstants.DEVICE_ENDPOINT_PATH
client = OAuth2Client(cp['callContext'], authorityObject)
def side_effect (oauth):
return token_response
client.get_token = mock.MagicMock(side_effect=side_effect)
return client
def test_url_extra_slashes(self):
util.setup_expected_instance_discovery_request(
200, cp['authorityHosts']['global'],
{'tenant_discovery_endpoint': 'http://foobar'},
self.nonHardCodedAuthorizeEndpoint)
authority_url = self.nonHardCodedAuthority + '/' # This should pass for one or more than one slashes
authority = Authority(authority_url, True)
obj = util.create_empty_adal_object()
authority.validate(obj['call_context'])
req = httpretty.last_request()
util.match_standard_request_headers(req)
def test_url_extra_path_elements(self):
util.setup_expected_instance_discovery_request(
200,
cp["authorityHosts"]["global"],
{"tenant_discovery_endpoint": "http://foobar"},
self.nonHardCodedAuthorizeEndpoint,
)
authority_url = self.nonHardCodedAuthority + "/extra/path"
authority = Authority(authority_url, True)
obj = util.create_empty_adal_object()
authority.validate(obj["call_context"])
req = httpretty.last_request()
util.match_standard_request_headers(req)
class TestSelfSignedJwt(unittest.TestCase):
testNowDate = cp['nowDate']
testJwtId = cp['jwtId']
expectedJwt = cp['expectedJwt']
unexpectedJwt = 'unexpectedJwt'
testAuthority = Authority('https://login.windows.net/naturalcauses.com', False)
testClientId = 'd6835713-b745-48d1-bb62-7a8248477d35'
testCert = cp['cert']
def _create_jwt(self, cert, thumbprint, encodeError = None):
ssjwt = SelfSignedJwt(cp['callContext'], self.testAuthority, self.testClientId)
self_signed_jwt._get_date_now = mock.MagicMock(return_value = self.testNowDate)
self_signed_jwt._get_new_jwt_id = mock.MagicMock(return_value = self.testJwtId)
if encodeError:
self_signed_jwt._encode_jwt = mock.MagicMock(return_value = self.unexpectedJwt)
else:
self_signed_jwt._encode_jwt = mock.MagicMock(return_value = self.expectedJwt)
jwt = ssjwt.create(cert, thumbprint)
return jwt
def _create_jwt_and_match_expected_err(self, testCert, thumbprint, encodeError = None):
with self.assertRaises(Exception):
self._create_jwt(testCert, thumbprint, encodeError)
def _create_jwt_and_match_expected_jwt(self, cert, thumbprint):
jwt = self._create_jwt(cert, thumbprint)
self.assertTrue(jwt, 'No JWT generated')
self.assertTrue(jwt == self.expectedJwt, 'Generated JWT does not match expected:{}'.format(jwt))
def test_create_jwt_hash_colons(self):
self._create_jwt_and_match_expected_jwt(self.testCert, cp['certHash'])
def test_create_jwt_hash_spaces(self):
thumbprint = cp['certHash'].replace(':', ' ')
self._create_jwt_and_match_expected_jwt(self.testCert, thumbprint)
def test_create_jwt_hash_straight_hex(self):
thumbprint = cp['certHash'].replace(':', '')
self._create_jwt_and_match_expected_jwt(self.testCert, thumbprint)
def test_create_jwt_invalid_cert(self):
self._create_jwt_and_match_expected_err('foobar', cp['certHash'], True)
def test_create_jwt_invalid_thumbprint_1(self):
self._create_jwt_and_match_expected_err(self.testCert, 'zzzz')
def test_create_jwt_invalid_thumbprint_wrong_size(self):
thumbprint = 'C1:5D:EA:86:56:AD:DF:67:BE:80:31:D8:5E:BD:DC:5A:D6:C4:36:E7:AA'
self._create_jwt_and_match_expected_err(self.testCert, thumbprint)
def test_create_jwt_invalid_thumbprint_invalid_char(self):
thumbprint = 'C1:5D:EA:86:56:AD:DF:67:BE:80:31:D8:5E:BD:DC:5A:D6:C4:36:Ez'
self._create_jwt_and_match_expected_err(self.testCert, thumbprint)
def test_url_extra_path_elements(self):
util.setup_expected_instance_discovery_request(200,
cp['authorityHosts']['global'],
{
'tenant_discovery_endpoint' : 'http://foobar'
},
self.nonHardCodedAuthorizeEndpoint)
authority_url = self.nonHardCodedAuthority + '/extra/path'
authority = Authority(authority_url, True)
obj = util.create_empty_adal_object()
def callback(err):
if err:
self.assertFalse(err, 'Received unexpected error: ' + err.args[0])
req = httpretty.last_request()
util.match_standard_request_headers(req)
authority.validate(obj['call_context'], callback)
def test_url_extra_slashes_change_authority_url(self):
authority_url = self.nonHardCodedAuthority + '/' # This should pass for one or more than one slashes
authority = Authority(authority_url, True)
self.assertTrue(authority._url.geturl(), self.nonHardCodedAuthority)
