def test_init_login_result_for_not_authorized_user(
self,
mock_request,
mock_redirect_arg,
mock_safe_url,
mock_g,
mock_make_response,
mock_jsonify,
mock_jwt
):
"""
Test that checks if the correct response for a not authorized user is returned.
"""
oauth_view = AuthOAuthView()
oauth_view.appbuilder = MagicMock()
provider = "OPENLMIS"
redirect_url = "/superset/dashboard/3"
state = '12345'
with patch('superset_patchup.oauth.g.user.is_authenticated', False):
with patch("superset_patchup.oauth.session", dict()) as session:
mock_redirect_arg.return_value = redirect_url
mock_jwt.encode.return_value = state
oauth_view.login_init(provider=provider)
mock_make_response.assert_called()
assert call(isAuthorized=False, state=state) in mock_jsonify.call_args_list
assert session.get('%s_oauthredir' % provider) == redirect_url
def test_oauth_authorized(
self,
mock_request,
mock_login,
mock_request_redirect,
mock_safe_url,
mock_redirect,
):
"""
This test checks that
1. The access token is used when passed in the request header
2. Redirect is called with the url passed in the request args
"""
# Sample authorized response
mock_authorized_response = {
"access_token": "cZpwCzYjpzuSqzekM",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "Sui6j4nQtbmU9P",
"scope": "read write",
}
# Sample user info from onadata
mock_user_info = {
"name": "test auth",
"email": "*****@*****.**",
"id": 58863,
"username": "******",
"first_name": "test",
"last_name": "auth",
"is_active": True,
}
oauth_view = AuthOAuthView()
oauth_view.appbuilder = MagicMock()
oauth_view.appbuilder.sm.oauth_remotes[
"onadata"].authorized_response = MagicMock(
return_value=mock_authorized_response)
mock_request.headers = {"Custom-Api-Token": "cZpwCzYjpzuSqzekM"}
auth_session_mock = MagicMock()
oauth_view.appbuilder.sm.set_oauth_session = auth_session_mock
oauth_view.appbuilder.sm.oauth_user_info = MagicMock(
return_value=mock_user_info)
oauth_view.appbuilder.sm.oauth_whitelists = MagicMock()
oauth_view.appbuilder.sm.auth_user_oauth = MagicMock(
return_value=mock_user_info)
oauth_view.appbuilder.sm.get_oauth_redirect_url = MagicMock()
mock_request_redirect.return_value = "http://example.com"
mock_safe_url.return_value = True
oauth_view.oauth_authorized(provider="onadata")
auth_session_mock.assert_called_with(
"onadata", {"access_token": "cZpwCzYjpzuSqzekM"})
assert mock_login.call_count == 1
mock_redirect.assert_called_once_with("http://example.com")
def test_login_redirect(self, mock_request, mock_redirect_arg,
mock_safe_url, mock_g, mock_redirect): # pylint: disable=R0201,R0913,W0613
"""
Test that we are redirected to the redirect url when it is passed
as an argument to /login
"""
oauth_view = AuthOAuthView()
oauth_view.appbuilder = MagicMock()
mock_redirect_arg.return_value = "/superset/dashboard/3"
mock_safe_url.return_value = True
mock_g.user.is_authenticated.return_value = True
oauth_view.login(provider="onadata")
mock_redirect.assert_called_once_with("/superset/dashboard/3")
def test_generate_state_result(self, mock_request): # pylint: disable=R0201
"""
Test that checks if a valid state is returned.
"""
oauth_view = AuthOAuthView()
oauth_view.appbuilder = MagicMock()
app_config = dict(SECRET_KEY="secret_key")
request_args = dict(dummy_parameter="dummy_parameter_value")
type(oauth_view.appbuilder.app).config = PropertyMock(
return_value=app_config)
mock_request.args.to_dict.return_value = request_args
state = oauth_view.generate_state()
assert len(state) > 0
def test_login(self):
"""Test /login/<provider>"""
self.appbuilder.add_view(AuthOAuthView(), 'KetchupAuthOAuthView')
client = self.app.test_client()
response = client.get('/login/onadata')
self.assertEqual(response.status_code, 302)
# Confirm Redirect URL has https
self.assertIn('redirect_uri=https%3A', response.headers['Location'])
def test_init_login_result_for_already_authorized_user(
self, mock_g, mock_make_response, mock_jsonify): # pylint: disable=R0201,W0613
"""
Test that checks if the correct response for an already authorized
user is returned.
"""
oauth_view = AuthOAuthView()
oauth_view.appbuilder = MagicMock()
provider = "OPENLMIS"
with patch("superset_patchup.oauth.g.user.is_authenticated", True):
with patch("superset_patchup.oauth.session", dict()) as session:
oauth_view.login_init(provider=provider)
mock_make_response.assert_called()
assert call(isAuthorized=True) in mock_jsonify.call_args_list
assert (("%s_oauthredir" % provider) in session) is False