def setUp(self):
self.store = Store()
self.client = self.make_client()
self.store.persist_client(self.client)
self.owner = Owner(str(uuid.uuid4()))
self.access_token = self.store.issue_access_token(self.client,
self.owner,
{'view', 'write'})
class TestBase(unittest.TestCase):
def setUp(self):
self.store = Store()
self.owner = Owner(str(uuid.uuid4()))
def make_client(self, id=lambda: str(uuid.uuid4()),
redirect_uri='https://example.com/cb',
type=ClientType.CONFIDENTIAL):
if callable(id):
id = id()
client = Client(id, redirect_uri, type)
self.store.persist_client(client)
return client
def make_authcode(self, client, owner, scope='view'):
return self.store.issue_authorization_code(
client, owner, AuthorizationProvider.normalize_scope(scope))
def make_owner(self):
return Owner(str(uuid.uuid4()))
class TestRefreshTokenRequest(TestBase):
def setUp(self):
self.store = Store()
self.client = self.make_client()
self.store.persist_client(self.client)
self.owner = Owner(str(uuid.uuid4()))
self.access_token = self.store.issue_access_token(self.client,
self.owner,
{'view', 'write'})
def test_answer_access_denied(self):
from py3oauth2.errors import AccessDenied
req = RefreshTokenRequest()
req.update({
'grant_type': 'refresh_token',
'refresh_token': 'unknown_refresh_token',
})
provider = BlindAuthorizationProvider(self.store)
with self.assertRaises(AccessDenied):
req.answer(provider, self.owner)
def test_answer_unauthorized_client(self):
from py3oauth2.errors import UnauthorizedClient
from py3oauth2.provider import AuthorizationProvider
req = RefreshTokenRequest()
req.update({
'grant_type': 'refresh_token',
'refresh_token': self.access_token.get_refresh_token(),
})
provider = AuthorizationProvider(self.store)
with contextlib.ExitStack() as stack:
stack.enter_context(mock.patch.object(provider, 'authorize_client',
return_value=False))
stack.enter_context(self.assertRaises(UnauthorizedClient))
req.answer(provider, self.owner)
def test_answer_store_raises_error_exception(self):
from py3oauth2.errors import AccessDenied
req = RefreshTokenRequest()
req.update({
'grant_type': 'refresh_token',
'refresh_token': self.access_token.get_refresh_token(),
})
self.store.issue_access_token = mock.Mock(side_effect=AccessDenied())
provider = BlindAuthorizationProvider(self.store)
try:
req.answer(provider, self.owner)
except AccessDenied as why:
self.assertIs(why.request, req)
else:
self.fail()
def test_answer(self):
req = RefreshTokenRequest()
req.update({
'grant_type': 'refresh_token',
'refresh_token': self.access_token.get_refresh_token(),
})
provider = BlindAuthorizationProvider(self.store)
resp = req.answer(provider, self.owner)
self.assertIsInstance(resp, req.response)
token = self.store.get_access_token(resp.access_token)
self.assertIsNotNone(token)
self.assertEqual(resp.token_type, token.get_type())
self.assertEqual(resp.expires_in, token.get_expires_in())
self.assertEqual(provider.normalize_scope(resp.scope),
token.get_scope())
def test_answer_invalid_scope_1(self):
from py3oauth2.errors import InvalidScope
provider = BlindAuthorizationProvider(self.store)
req = RefreshTokenRequest()
req.update({
'grant_type': 'refresh_token',
'refresh_token': self.access_token.get_refresh_token(),
'scope': 'view write admin',
})
with self.assertRaises(InvalidScope):
req.answer(provider, self.owner)
def test_answer_invalid_scope_2(self):
from py3oauth2.errors import InvalidScope
access_token = self.store.issue_access_token(self.client,
self.owner,
{'write'})
provider = BlindAuthorizationProvider(self.store)
req = RefreshTokenRequest()
req.update({
'grant_type': 'refresh_token',
'refresh_token': access_token.get_refresh_token(),
'scope': 'view',
})
with self.assertRaises(InvalidScope):
req.answer(provider, self.owner)
def setUp(self):
self.store = Store()
self.owner = Owner(str(uuid.uuid4()))