def test_should_redirect_with_invalid_scope_error():
    url = build_authorize_url({'client_id': 'invalid_scope',
                               'response_type': 'code',
                               'redirect_uri': 'http://callback'})
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(resp, 'http://callback',
                                 'invalid_scope',
                                 'The requested scope is invalid, unknown, or malformed')
def test_should_redirect_with_temporarily_unavailable_error():
    url = build_authorize_url({'client_id': 'temporarily_unavailable',
                               'response_type': 'code',
                               'redirect_uri': 'http://callback'})
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(resp, 'http://callback',
                                 'temporarily_unavailable',
                                 'The authorization server is currently unable to handle the request')
def test_should_redirect_with_server_error_error():
    url = build_authorize_url({'client_id': 'server_error',
                               'response_type': 'code',
                               'redirect_uri': 'http://callback'})
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(resp, 'http://callback',
                                 'server_error',
                                 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request')
def test_should_redirect_with_unauthorized_client_error_if_client_id_cant_request_authorization():
    url = build_authorize_url({'client_id': 'unauthorized-client',
                               'response_type': 'code',
                               'redirect_uri': 'http://callback'})
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(resp, 'http://callback',
                                 'unauthorized_client',
                                 'The client is not authorized to request an authorization code using this method')
Example #5
0
def test_should_redirect_with_invalid_scope_error():
    url = build_authorize_url({
        'client_id': 'invalid_scope',
        'response_type': 'code',
        'redirect_uri': 'http://callback'
    })
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(
        resp, 'http://callback', 'invalid_scope',
        'The requested scope is invalid, unknown, or malformed')
Example #6
0
def test_should_redirect_with_temporarily_unavailable_error():
    url = build_authorize_url({
        'client_id': 'temporarily_unavailable',
        'response_type': 'code',
        'redirect_uri': 'http://callback'
    })
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(
        resp, 'http://callback', 'temporarily_unavailable',
        'The authorization server is currently unable to handle the request')
Example #7
0
def test_should_redirect_with_server_error_error():
    url = build_authorize_url({
        'client_id': 'server_error',
        'response_type': 'code',
        'redirect_uri': 'http://callback'
    })
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(
        resp, 'http://callback', 'server_error',
        'The authorization server encountered an unexpected condition which prevented it from fulfilling the request'
    )
Example #8
0
def test_should_redirect_with_unauthorized_client_error_if_client_id_cant_request_authorization(
):
    url = build_authorize_url({
        'client_id': 'unauthorized-client',
        'response_type': 'code',
        'redirect_uri': 'http://callback'
    })
    resp = requests.get(url, allow_redirects=False)
    assert_error_redirect_params(
        resp, 'http://callback', 'unauthorized_client',
        'The client is not authorized to request an authorization code using this method'
    )
def test_should_redirect_to_redirect_uri_with_access_denied_from_plugin():
    # there is a plugin on 'authorization-GET' to ask for user permission
    # and a plugin on 'authorization-POST' to simulate a redirect to 
    # success or error, if user allowed of denied
    # in this test, the user will be denied (see client_id)

    http = requests.session()
    url = build_authorize_url({'client_id': 'client-id-verify-access',
                               'response_type': 'code',
                               'redirect_uri': 'http://callback'})
    resp = http.get(url)

    # make sure GET plugin overrides default redirect
    assert 200 == resp.status_code
    assert 'Hello resource owner, do you allow this client to access your resources?' in resp.content

    # simulares a POST denying access from user
    resp = http.post(url, data={'allow': 'no'})
    assert_error_redirect_params(resp, 'http://callback',
                                 'access_denied',
                                 'The resource owner or authorization server denied the request')
Example #10
0
def test_should_redirect_to_redirect_uri_with_access_denied_from_plugin():
    # there is a plugin on 'authorization-GET' to ask for user permission
    # and a plugin on 'authorization-POST' to simulate a redirect to
    # success or error, if user allowed of denied
    # in this test, the user will be denied (see client_id)

    http = requests.session()
    url = build_authorize_url({
        'client_id': 'client-id-verify-access',
        'response_type': 'code',
        'redirect_uri': 'http://callback'
    })
    resp = http.get(url)

    # make sure GET plugin overrides default redirect
    assert 200 == resp.status_code
    assert 'Hello resource owner, do you allow this client to access your resources?' in resp.content

    # simulares a POST denying access from user
    resp = http.post(url, data={'allow': 'no'})
    assert_error_redirect_params(
        resp, 'http://callback', 'access_denied',
        'The resource owner or authorization server denied the request')