def test_oAuthenticator2_check_prefixes(self):
""" Asserts that OAuth and Bearer tokens are valid perfixes as part of
the Authenticator header """
oauth_token = {"email": "*****@*****.**"}
# Check Bearer prefix
with patch.object(Authenticator, '_verify_access_token',
return_value=oauth_token):
request = MagicMock()
request.get_header = MagicMock(return_value="Bearer 12345")
user = Authenticator.authenticate(request=request)
Authenticator.\
_verify_access_token.assert_called_once_with("12345")
self.assertEqual(user.name, oauth_token["email"])
# Check OAuth prefix
with patch.object(Authenticator, '_verify_access_token',
return_value=oauth_token):
request = MagicMock()
request.get_header = MagicMock(return_value="OAuth 45678")
user = Authenticator.authenticate(request=request)
Authenticator.\
_verify_access_token.assert_called_once_with("45678")
self.assertEqual('*****@*****.**', user.name)
# patch _validate_token and verify since _verify_access_token's purpose
# is to add error mgmt. to _validate_token's result
with patch.object(Authenticator, '_validate_token',
return_value=oauth_token):
request = MagicMock()
request.get_header = MagicMock(return_value="Bearer 12345")
user = Authenticator.authenticate(request=request)
Authenticator. \
_validate_token.assert_called_once_with("12345")
self.assertEqual('*****@*****.**', user.name)
def test_oAuthenticator2_invalid_prefix(self):
""" Asserts that when header's prefix is not Bearer nor OAuth,
Unauthorized is raised """
# Check Bearer prefix
request = MagicMock()
request.get_header = MagicMock(return_value="NonBearer 12345")
with self.assertRaises(Unauthorized):
Authenticator.authenticate(request=request)
def test_request_access_failure(self):
""" Asserts exception from _validate_token propagates to Authenticate
"""
with patch.object(Authenticator, '_validate_token',
side_effect=RuntimeError):
request = MagicMock()
request.get_header = MagicMock(return_value="OAuth 45678")
with self.assertRaises(Unauthorized):
Authenticator.authenticate(request=request)
def test_verify_access_token_error(self):
""" Asserts that when token returns an 'error_description' field,
Unauthorized is raised """
oauth_token = {"error_description": "Invalid Scope"}
with patch.object(Authenticator, '_validate_token',
return_value=oauth_token):
request = MagicMock()
request.get_header = MagicMock(return_value="OAuth 45678")
with self.assertRaises(Unauthorized):
Authenticator.authenticate(request=request)
