Ejemplo n.º 1
0
def test_delete_author_app(test_client):
    _, u_infos = setUp()

    _, access_token = login(test_client)
    response = test_client.post(
        '/oauth/clients/{}/author/{}'.format(
            '5e59557579da4ec3ff04a682',
            str(u_infos['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 200

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/clients/users/{}'.format(str(u_infos['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token))
    )
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert len(r_json['clients']) == 2

    response = test_client.delete(
        '/oauth/clients/{}/author/{}'.format(
            '5e59557579da4ec3ff04a682',
            str(u_infos['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 200

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/clients/users/{}'.format(str(u_infos['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token))
    )
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert len(r_json['clients']) == 1
Ejemplo n.º 2
0
def test_get_apps_401_invalid_token(test_client):
    _, _ = setUp()

    response = test_client.get('/oauth/users/', headers=dict(
        Authorization='Bearer asdf'
    ))
    assert response.status_code == 401
Ejemplo n.º 3
0
def test_revoke_scope(test_client):
    user_admin_info, _ = setUp()

    create_app(user_admin_info['_id'])
    _, access_token = login(test_client)
    response = test_client.post(
        '/oauth/auth/authorize/{}/{}'.format(
            user_admin_info['_id'], ObjectId('5e59557579da4ec3ff04a683')),
        json=dict(scope=['app:action:POST', 'app:action:GET']),
        headers=dict(Authorization='Bearer {}'.format(access_token)))

    response = test_client.post(
        '/oauth/auth/revoke/{}/{}'.format(
            user_admin_info['_id'], ObjectId('5e59557579da4ec3ff04a683')),
        json=dict(scope=['app:action:GET']),
        headers=dict(Authorization='Bearer {}'.format(access_token)))

    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert 'message' in r_json

    response_client = test_client.get(
        '/oauth/users/{}'.format(user_admin_info['_id']),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_c_json = json.loads(response_client.data)
    authorization = r_c_json['clients_authorized'][0]
    assert authorization['id'] == str(ObjectId('5e59557579da4ec3ff04a683'))
    assert authorization['scope'] == "['app:action:POST']"
Ejemplo n.º 4
0
def test_get_users_403(test_client):
    _, _ = setUp()

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/users/',
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 403
Ejemplo n.º 5
0
def test_get_app_403_no_author(test_client):
    _, u_info = setUp()

    _, access_token = login(test_client)
    response = test_client.get(
        '/oauth/clients/{}'.format('5e59557579da4ec3ff04a683'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 403
Ejemplo n.º 6
0
def test_get_user_not_found(test_client):
    _, _ = setUp()

    _, access_token = login(test_client)
    response = test_client.get(
        '/oauth/clients/123',
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 404
Ejemplo n.º 7
0
def test_get_user_403(test_client):
    u_admin_info, _ = setUp()

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/users/{}'.format(str(u_admin_info['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 403
Ejemplo n.º 8
0
def test_get_user_my_token(test_client):
    _, u_info = setUp()

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/users/{}'.format(str(u_info['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert r_json['_id'] == str(u_info['_id'])
Ejemplo n.º 9
0
def test_get_users(test_client):
    _, _ = setUp()

    _, access_token = login(test_client)
    response = test_client.get(
        '/oauth/users/',
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert len(r_json['users']) == 2
Ejemplo n.º 10
0
def test_get_app_only_author(test_client):
    u_admin_info, _ = setUp()

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/clients/{}'.format('5e59557579da4ec3ff04a683'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert 'client_secret' in r_json
Ejemplo n.º 11
0
def test_list_authors_403(test_client):
    u_admin_info, u_info = setUp()

    create_cliente(test_client,
                   user_id_1=u_admin_info['_id'],
                   user_id_2=u_info['_id'])

    _, access_token = login(test_client)
    response = test_client.get(
        '/oauth/users/client/5e59557579da4ec3ff04a683',
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 403
Ejemplo n.º 12
0
def test_delete_user_404(test_client):
    u_admin_info, u_info = setUp()

    create_cliente(test_client,
                   user_id_1=u_admin_info['_id'],
                   user_id_2=u_info['_id'])

    _, access_token = login(test_client)
    response = test_client.get(
        '/oauth/users/client/abc',
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 404
Ejemplo n.º 13
0
def test_delete_app(test_client):
    _, _ = setUp()

    _, access_token = login(test_client)
    response = test_client.delete(
        '/oauth/clients/{}'.format('5e59557579da4ec3ff04a682'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 200

    response = test_client.get(
        '/oauth/clients/{}'.format('5e59557579da4ec3ff04a682'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    assert response.status_code == 404
Ejemplo n.º 14
0
def test_get_apps_by_author(test_client):
    u_admin_info, _ = setUp()

    _, access_token = login(test_client)
    response = test_client.get(
        '/oauth/clients/users/{}'.format(str(u_admin_info['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token))
    )
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert len(r_json['clients']) == 1
    assert str(r_json['clients'][0]['_id']) == '5e59557579da4ec3ff04a682'
    assert 'client_secret' in r_json['clients'][0]
Ejemplo n.º 15
0
def test_list_authors_by_user_2(test_client):
    u_admin_info, u_info = setUp()

    create_cliente(test_client,
                   user_id_1=u_admin_info['_id'],
                   user_id_2=u_info['_id'])

    _, access_token = login(test_client, username='******')
    response = test_client.get(
        '/oauth/users/client/5e59557579da4ec3ff04a683',
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert len(r_json['users']) == 1
Ejemplo n.º 16
0
def test_generate_token_403_without_auth(test_client):
    user_admin_info, _ = setUp()

    create_app(user_admin_info['_id'])
    _, access_token = login(test_client)
    _ = test_client.post(
        '/oauth/auth/authorize/{}/{}'.format(
            user_admin_info['_id'], ObjectId('5e59557579da4ec3ff04a683')),
        json=dict(scope=['registry:repository:*']),
        headers=dict(Authorization='Bearer {}'.format(access_token)))

    response = test_client.get('/oauth/auth/token?service={}&scope={}'.format(
        'registry', 'registry:repository:*'))
    assert response.status_code == 403
Ejemplo n.º 17
0
def test_update_user_admin_token(test_client):
    _, u_info = setUp()

    _, access_token = login(test_client)
    response = test_client.put(
        '/oauth/users/{}'.format(str(u_info['_id'])),
        json=dict(institution='INPE BR1', occupation='-'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert 'message' in r_json

    response = test_client.get(
        '/oauth/users/{}'.format(str(u_info['_id'])),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert r_json['institution'] == 'INPE BR1'
Ejemplo n.º 18
0
def test_generate_token_insensitive(test_client):
    user_admin_info, _ = setUp()

    create_app(user_admin_info['_id'])
    _, access_token = login(test_client)
    _ = test_client.post(
        '/oauth/auth/authorize/{}/{}'.format(
            user_admin_info['_id'], ObjectId('5e59557579da4ec3ff04a683')),
        json=dict(scope=['registry:repository:POST']),
        headers=dict(Authorization='Bearer {}'.format(access_token)))

    response = test_client.get(
        '/oauth/auth/token?service={}&scope={}'.format(
            'registry', 'REGISTRY:repository:post'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert 'token' in r_json
Ejemplo n.º 19
0
def test_update_app(test_client):
    _, _ = setUp()

    _, access_token = login(test_client)
    client_updated = dict(
        client_name='app-test-2',
        client_uri='http://localhost:8080/app-test',
        redirect_uri='http://localhost:8080/app-test/redirect',
        type_secret='string',
        client_secret='abc-key'
    )
    response = test_client.put(
        '/oauth/clients/{}'.format('5e59557579da4ec3ff04a682'),
        json=client_updated,
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200

    response = test_client.get(
        '/oauth/clients/{}'.format('5e59557579da4ec3ff04a682'),
        headers=dict(Authorization='Bearer {}'.format(access_token)))
    r_json = json.loads(response.data)
    assert response.status_code == 200
    assert r_json['client_name'] == 'app-test-2'
Ejemplo n.º 20
0
def test_get_user_403_without_token(test_client):
    u_admin_info, _ = setUp()

    response = test_client.get('/oauth/users/{}'.format(
        str(u_admin_info['_id'])))
    assert response.status_code == 403
Ejemplo n.º 21
0
def test_get_apps_403_without_token(test_client):
    _, _ = setUp()

    response = test_client.get('/oauth/clients/')
    assert response.status_code == 403
Ejemplo n.º 22
0
def test_get_apps_by_author_403(test_client):
    u_admin_info, _ = setUp()

    response = test_client.get(
        '/oauth/clients/users/{}'.format(str(u_admin_info['_id'])))
    assert response.status_code == 403
Ejemplo n.º 23
0
def test_get_app_403_without_token(test_client):
    u_admin_info, _ = setUp()

    response = test_client.get('/oauth/clients/{}'.format('5e59557579da4ec3ff04a682'))
    assert response.status_code == 403
Ejemplo n.º 24
0
def test_status_page(test_client):
    response = test_client.get('/oauth/')
    assert response.status_code == 200
    r_json = json.loads(response.data)
    assert 'description' in r_json
    assert r_json['version'] == '0.4.0'