def test_create_proxy(self):
"""
Tests that when the proxy is instantiated a token is created.
"""
with patch('hgw_common.models.OAuth2Session', new_callable=MockOAuth2Session) as mock:
m = mock(200)
OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret)
# The datetime object has a precision to 10e-6 seconds while the timestamp 10e-7.
# This precision is irrelevant in this case but we need to modify the original value
m.token['expires_at'] = datetime.fromtimestamp(m.token['expires_at']).timestamp()
mock.assert_called()
self.assertEqual(AccessToken.objects.count(), 1)
self.assertDictEqual(AccessToken.objects.first().to_python(), mock().token)
def list(self, request):
try:
oauth_backend_session = OAuth2SessionProxy('{}/oauth2/token/'.format(HGW_BACKEND_URI),
HGW_BACKEND_CLIENT_ID,
HGW_BACKEND_CLIENT_SECRET)
except InvalidClientError:
return Response({'errors': [ERRORS_MESSAGE['INVALID_BACKEND_CLIENT']]},
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
except requests.exceptions.ConnectionError:
return Response({'errors': [ERRORS_MESSAGE['BACKEND_CONNECTION_ERROR']]},
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
res = oauth_backend_session.get('{}/v1/profiles/'.format(HGW_BACKEND_URI))
return Response(res.json(), content_type='application/json')
def test_access_token_refreshed_for_401_response(self):
"""
Tests that, when the response is 401 (Unauthorized), another token is created and the call is perfomed again
"""
with patch('hgw_common.models.OAuth2Session', MockOAuth2Session):
MockOAuth2Session.RESPONSES = [401]
proxy = OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret)
m = proxy._session
first_token = m.token['access_token']
proxy.get("/fake_url/1/")
second_token = m.token['access_token']
self.assertEqual(len(m.get.call_args_list), 2) # Number of calls
self.assertEqual(len(m.fetch_token.call_args_list), 2) # Number of calls
m.get.assert_has_calls([call('/fake_url/1/'), call('/fake_url/1/')])
self.assertEqual(AccessToken.objects.count(), 1)
self.assertNotEquals(first_token, second_token)
def test_access_token_reused(self):
"""
Tests that, if the token has already been created and two subsequent calls returns 200, it is used the same token
"""
with patch('hgw_common.models.OAuth2Session', MockOAuth2Session):
MockOAuth2Session.RESPONSES = [200, 200]
proxy = OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret)
m = proxy._session
first_token = m.token['access_token']
proxy.get("/fake_url/1/")
second_token = m.token['access_token']
proxy.get("/fake_url/2/")
third_token = m.token['access_token']
self.assertEqual(len(m.get.call_args_list), 2) # Number of calls
m.get.assert_has_calls([call('/fake_url/1/'), call('/fake_url/2/')])
m.fetch_token.assert_called_once()
self.assertEqual(AccessToken.objects.count(), 1)
self.assertEqual(first_token, second_token, third_token)
def test_access_token_from_db(self):
"""
Tests that, when the proxy is instantiated and an access token is found in the db, the db token is used
:return:
"""
token_data = {'access_token': 'OUfprCnmdJbhYAIk8rGMex4UBLXyf3',
'token_type': 'Bearer',
'expires_in': 36000,
'expires_at': (datetime.now() + timedelta(hours=10)).isoformat(),
'scope': 'read write'}
AccessToken.objects.create(token_url=self.service_url, **token_data)
with patch('hgw_common.models.OAuth2Session', new_callable=MockOAuth2Session) as mock:
mock(200)
OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret)
# The datetime object has a precision to 10e-6 seconds while the timestamp 10e-7.
# This precision is irrelevant in this case but we need to modify the original value
# m.token['expires_at'] = datetime.fromtimestamp(m.token['expires_at']).timestamp()
mock.assert_called()
self.assertEqual(AccessToken.objects.count(), 1)
self.assertEqual(AccessToken.objects.first().access_token, token_data['access_token'])
def _get_consent_session():
return OAuth2SessionProxy('{}/oauth2/token/'.format(CONSENT_MANAGER_URI),
CONSENT_MANAGER_CLIENT_ID,
CONSENT_MANAGER_CLIENT_SECRET)
def _get_backend_session():
return OAuth2SessionProxy('{}/oauth2/token/'.format(HGW_BACKEND_URI),
HGW_BACKEND_CLIENT_ID, HGW_BACKEND_CLIENT_SECRET)