def test_to_json_contains_all_required_fields(self): creds = oauth.Credentials(token=self.fake_token, refresh_token=self.fake_refresh_token, id_token=self.fake_id_token, id_token_data=self.fake_token_data, token_uri=self.fake_token_uri, client_id=self.fake_client_id, client_secret=self.fake_client_secret, scopes=self.fake_scopes, quota_project_id=self.fake_quota_project_id, expiry=self.fake_token_expiry) json_string = creds.to_json() json_data = json.loads(json_string) keys = json_data.keys() self.assertIn('token', keys) self.assertEqual(self.fake_token, json_data['token']) self.assertIn('refresh_token', keys) self.assertEqual(self.fake_refresh_token, json_data['refresh_token']) self.assertIn('id_token', keys) self.assertEqual(self.fake_id_token, json_data['id_token']) self.assertIn('token_uri', keys) self.assertEqual(self.fake_token_uri, json_data['token_uri']) self.assertIn('client_id', keys) self.assertEqual(self.fake_client_id, json_data['client_id']) self.assertIn('client_secret', keys) self.assertEqual(self.fake_client_secret, json_data['client_secret']) self.assertNotIn('scopes', keys) # Scopes are not currently saved self.assertIn('token_expiry', keys) self.assertEqual( self.fake_token_expiry.strftime(oauth.Credentials.DATETIME_FORMAT), json_data['token_expiry']) self.assertIn('decoded_id_token', keys) self.assertEqual(self.fake_token_data, json_data['decoded_id_token'])
def test_credentials_to_json_and_back(self): original_creds = oauth.Credentials( token=self.fake_token, refresh_token=self.fake_refresh_token, id_token=self.fake_id_token, id_token_data=self.fake_token_data, token_uri=self.fake_token_uri, client_id=self.fake_client_id, client_secret=self.fake_client_secret, scopes=self.fake_scopes, quota_project_id=self.fake_quota_project_id, expiry=self.fake_token_expiry) pickled_creds = original_creds.to_json() serialized_json = json.loads(pickled_creds) unpickled_creds = oauth.Credentials.from_authorized_user_info( serialized_json) self.assertEqual(original_creds.token, unpickled_creds.token) self.assertEqual(original_creds.refresh_token, unpickled_creds.refresh_token) self.assertEqual(original_creds.id_token, unpickled_creds.id_token) self.assertEqual(original_creds.token_uri, unpickled_creds.token_uri) self.assertEqual(original_creds.client_id, unpickled_creds.client_id) self.assertEqual(original_creds.client_secret, unpickled_creds.client_secret) self.assertEqual(original_creds.expiry, unpickled_creds.expiry)
def test_delete_is_noop_when_not_using_filelock(self): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret) self.assertIsNone(creds.filename) creds.delete() # This should not raise an exception.
def test_get_token_value_known_token_field(self): token_data = {'known-field': 'known-value'} creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, id_token_data=token_data) self.assertEqual('known-value', creds.get_token_value('known-field'))
def test_credentials_uses_thread_lock_when_filename_not_provided(self): creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=None) self.assertIsInstance(creds._lock, oauth._FileLikeThreadLock) self.assertIsNone(creds.filename)
def test_credentials_uses_file_lock_when_filename_provided(self): creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=self.fake_filename) self.assertIsInstance(creds._lock, oauth.FileLock) self.assertEqual(creds._lock.lock_file, '%s.lock' % creds.filename)
def test_write_raises_error_when_no_credentials_file_is_set(self): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret) self.assertIsNone(creds.filename) with self.assertRaises(oauth.CredentialsError): creds.write()
def test_write_writes_credentials_to_disk(self): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=self.fake_filename) self.assertFalse(os.path.exists(self.fake_filename)) creds.write() self.assertTrue(os.path.exists(self.fake_filename))
def test_refresh_calls_super_refresh(self, mock_super_refresh): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret) request = MagicMock() creds.refresh(request) self.assertTrue(mock_super_refresh.called) self.assertEqual(request, mock_super_refresh.call_args[0][0])
def test_init_loads_decoded_id_token_data(self, mock_verify_token): creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, id_token=self.fake_id_token, id_token_data=self.fake_token_data) self.assertEqual(self.fake_token_data.get('field'), creds.get_token_value('field')) # Verify the fetching method was not called, since the token # data was supposed to be loaded from the passed in info. self.assertEqual(mock_verify_token.call_count, 0)
def test_delete_removes_lock_file(self): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=self.fake_filename) lock_file = '%s.lock' % creds.filename creds.write() self.assertTrue(os.path.exists(lock_file)) creds.delete() self.assertFalse(os.path.exists(lock_file))
def test_revoke_requests_credential_revoke(self): creds = oauth.Credentials(token=self.fake_token, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret) mock_http = MagicMock() creds.revoke(http=mock_http) uri = mock_http.request.call_args[0][0] self.assertRegex(uri, '^%s' % oauth.Credentials._REVOKE_TOKEN_BASE_URI) params = uri[uri.index('?'):] self.assertIn('token=%s' % creds.refresh_token, params) self.assertEqual('GET', mock_http.request.call_args[0][1])
def test_write_locks_resource_during_write(self, mock_write_file, unused_mock_super_refresh): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=self.fake_filename) lock = creds._lock def check_lock_is_locked(*unused_args, **unused_kwargs): self.assertTrue(creds._lock.is_locked) mock_write_file.side_effect = check_lock_is_locked self.assertFalse(lock.is_locked) creds.refresh(request=MagicMock()) self.assertFalse(lock.is_locked) self.assertTrue(mock_write_file.called)
def test_get_token_value_credentials_expired(self, mock_verify_oauth2_token): mock_verify_oauth2_token.return_value = { 'fetched-field': 'fetched-value' } time_earlier_than_now = datetime.datetime.now() - datetime.timedelta( minutes=5) creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, expiry=time_earlier_than_now, id_token=self.fake_id_token, id_token_data=None) self.assertTrue(creds.expired) creds.refresh = MagicMock() token_value = creds.get_token_value('fetched-field') self.assertEqual('fetched-value', token_value) self.assertTrue(creds.refresh.called)
def test_refresh_locks_resource_during_refresh(self): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret) lock = creds._lock def check_lock_is_locked(*unused_args, **unused_kwargs): self.assertTrue(lock.is_locked) # We need to mock the superclass refresh so it doesn't actually try to # refresh our fake token. # At the same time, we'll make sure the lock is held during the refresh. with patch.object(oauth.google.oauth2.credentials.Credentials, 'refresh') as mock_refresh: mock_refresh.side_effect = check_lock_is_locked creds.refresh(request=MagicMock()) # Make sure our side effect was actually performed. self.assertTrue(mock_refresh.called) # The lock should be released after refresh self.assertFalse(lock.is_locked)
def test_refresh_writes_new_credentials_to_disk_after_refresh( self, mock_write_file, mock_super_refresh): creds = oauth.Credentials(token=None, refresh_token=self.fake_refresh_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=self.fake_filename) def update_access_token(unused_request): creds.token = 'refreshed_access_token' mock_super_refresh.side_effect = update_access_token self.assertIsNone(creds.token) creds.refresh(request=MagicMock()) self.assertEqual('refreshed_access_token', creds.token, 'Access token was not refreshed') text_written_to_file = mock_write_file.call_args[0][1] self.assertIsNotNone(text_written_to_file, 'Nothing was written to file') saved_json = json.loads(text_written_to_file) self.assertEqual('refreshed_access_token', saved_json['token'], 'Refreshed access token was not saved to disk')
def test_init_saves_filename(self): creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, filename=self.fake_filename) self.assertEqual(os.path.abspath(self.fake_filename), creds.filename)
def test_get_token_value_unknown_field_returns_unknown(self): creds = oauth.Credentials(token=self.fake_token, client_id=self.fake_client_id, client_secret=self.fake_client_secret, id_token_data=self.fake_token_data) self.assertEqual('Unknown', creds.get_token_value('unknown-field'))