class SettingsIntegration(FantasticoIntegrationTestCase): '''Test suite that ensures current settings for various environments remain stable.''' def init(self): self._settings_facade = None def test_settings_ok(self): '''Test case that ensures settings are functional for each environment available.''' self._settings_facade = SettingsFacade() self.assertEqual(["fantastico.middleware.request_middleware.RequestMiddleware", "fantastico.middleware.model_session_middleware.ModelSessionMiddleware", "fantastico.middleware.routing_middleware.RoutingMiddleware", "fantastico.oauth2.middleware.exceptions_middleware.OAuth2ExceptionsMiddleware", "fantastico.oauth2.middleware.tokens_middleware.OAuth2TokensMiddleware"], self._settings_facade.get("installed_middleware")) self.assertEqual(["en_us"], self._settings_facade.get("supported_languages")) def test_routes_loaders_ok(self): '''This test case makes sure routes loaders are configured correctly for each configuration.''' self._settings_facade = SettingsFacade() self.assertTrue("fantastico.routing_engine.dummy_routeloader.DummyRouteLoader" in \ self._settings_facade.get("routes_loaders")) self.assertTrue("fantastico.mvc.controller_registrator.ControllerRouteLoader" in \ self._settings_facade.get("routes_loaders")) def test_database_config_ok(self): '''This test case ensures we have a database configured for fantastico framework.''' self._settings_facade = SettingsFacade() expected_config = {"drivername": "mysql+mysqlconnector", "username": "******", "password": "******", "port": 3306, "database": "fantastico"} config = self._settings_facade.get("database_config") self.assertEqual(expected_config["drivername"], config["drivername"]) self.assertEqual(expected_config["username"], config["username"]) self.assertEqual(expected_config["password"], config["password"]) self.assertEqual(expected_config["port"], config["port"]) self.assertEqual(expected_config["database"], config["database"]) self.assertEqual("utf8", config["additional_params"]["charset"])
def _get_db_conn(self): '''This method opens a db connection and returns it to for usage.''' settings = SettingsFacade() db_config = settings.get("database_config") conn_manager = mvc.init_dm_db_engine(db_config) db_conn = conn_manager.get_connection(-50) return (conn_manager, -50, db_conn)
def _build_context(self, request): '''Method used to build the context object starting for a request.''' client_langs = request.accept_language settings_facade = SettingsFacade(request.environ) supported_langs = settings_facade.get("supported_languages") if hasattr(client_langs, "_parsed"): client_langs = client_langs._parsed # pylint: disable=W0212 else: client_langs = [] context = RequestContext(settings_facade, self._get_supported_lang(supported_langs, client_langs)) request.context = context
class BaseModelIntegration(FantasticoIntegrationTestCase): '''This class provides the test cases that ensures sql alchemy configuration works as expected.''' def init(self): self._settings_facade = SettingsFacade() def test_connection_ok(self): '''This test case execute a simple sanity check against database configuration.''' db_config = self._settings_facade.get("database_config") from fantastico import mvc mvc.CONN_MANAGER = mvc.init_dm_db_engine(db_config) self.assertIsNotNone(mvc.BASEMODEL) self.assertIsNotNone(mvc.CONN_MANAGER) session = mvc.CONN_MANAGER.get_connection(uuid.uuid4()) session.execute("SELECT 1")
class OAuth2ControllerIntegrationTests(DevServerIntegration): '''This class provides the integration tests suite for ensuring oauth2 controller works as expected.''' DEFAULT_CLIENT_ID = None DEFAULT_USER_ID = 1 DEFAULT_SCOPES = "user.profile.read user.profile.update user.profile.delete" TOKEN_VALIDITY = None _settings_facade = None def init(self): '''This method is invoked in order to set all common dependencies for test cases.''' self._settings_facade = SettingsFacade() self.DEFAULT_CLIENT_ID = self._settings_facade.get("oauth2_idp")["client_id"] self.TOKEN_VALIDITY = self._settings_facade.get("access_token_validity") def test_implicit_grant(self): '''This test case ensures implicit grant type success scenario works as expected.''' state = "abcd xyz&abc" redirect_uri = "/oauth/idp/ui/cb" login_token = self._get_oauth2_logintoken(self.DEFAULT_CLIENT_ID, self.DEFAULT_USER_ID) endpoint = "/oauth/authorize?response_type=token&client_id=%s&login_token=%s&state=%s&scope=%s&redirect_uri=%s" % \ (self.DEFAULT_CLIENT_ID, login_token, urllib.parse.quote(state), urllib.parse.quote(self.DEFAULT_SCOPES), urllib.parse.quote(redirect_uri)) results = {} def trigger_implicit_flow(server): http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request("GET", endpoint) results["response"] = http_conn.getresponse() http_conn.close() def assert_success(server): '''This method ensures the flow completed successfully by checking the location and hash part of the location.''' response = results["response"] self.assertIsNotNone(response) self.assertEqual(302, response.status) location = response.headers["Location"] self.assertIsNotNone(location) self.assertTrue(location.startswith("%s#access_token=" % redirect_uri)) self.assertTrue(location.find("&expires_in=%s" % self.TOKEN_VALIDITY) > -1) self.assertTrue(location.find("&state=%s" % urllib.parse.quote(state)) > -1) self.assertTrue(location.find("&scope=%s" % urllib.parse.quote(self.DEFAULT_SCOPES)) > -1) location = location.replace("%s#access_token=" % redirect_uri, "") access_token = location[:location.find("&")] self.assertGreater(len(access_token), 400) self._run_test_against_dev_server(trigger_implicit_flow, assert_success) def test_authorize_implicit_missing_param_form(self): '''This test case ensures error, error_uri and error_description query parameters are appended to redirect_uri passed for implicit grant type.''' self._test_error_handling_implicit_graceful("form", "?") def test_authorize_implicit_missing_param_hash(self): '''This test case ensures error, error_uri and error_description query parameters are appended to redirect_uri passed for implicit grant type (into hash section).''' self._test_error_handling_implicit_graceful("hash", "#") def _test_error_handling_implicit_graceful(self, format, delimiter): '''This method provides a template for ensuring error handling method types which describe error through redirect and query or hash strings work as expected.''' endpoint = "/oauth/authorize?error_format=%s&redirect_uri=/example/cb" % format results = {} def invoke_implicit(server): '''This method tries to retrieve login screen.''' http_conn = http.client.HTTPConnection(server.hostname, server.port) http_conn.request("GET", endpoint) results["response"] = http_conn.getresponse() http_conn.close() def assert_error_graceful(server): '''This method asserts that error was gracefully handled by OAuth2 exceptions middleware.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(302, response.status) location = response.headers.get("Location") self.assertIsNotNone(location) self.assertTrue(location.startswith("/example/cb%s" % delimiter)) self.assertTrue(location.find("error=invalid_request") > -1, "%s does not contain error query param." % location) result = re.findall(r"error_description=(.*)&", location) self.assertEqual(1, len(result), "%s does not contain error_description query param." % location) result = re.findall(r"error_uri=(.*)", location) self.assertEqual(1, len(result), "%s does not contain error_uri query param." % location) self._run_test_against_dev_server(invoke_implicit, assert_error_graceful)
class TestSettingsFacadeSuite(FantasticoUnitTestsCase): '''Test suite for settings facade functionality.''' def init(self): self._environ = {} self._settings = SettingsFacade(self._environ) def test_get_config_noenv(self): '''Test case that checks a settings class can be obtained even if FANTASTICO_ACTIVE_CONFIG environment variable is not found.''' self.assertIsInstance(self._settings.get_config(), BasicSettings) def test_get_config_env_notfound(self): '''Test case that checks an exception is thrown when the specified class config can not be resolved.''' self._environ["FANTASTICO_ACTIVE_CONFIG"] = "not.found.class" self.assertRaises(FantasticoClassNotFoundError, self._settings.get_config) def test_get_config_env_found(self): '''Test case that checks that a custom configuration is instantiated correctly.''' self._environ["FANTASTICO_ACTIVE_CONFIG"] = "fantastico.tests.test_settings.SampleSettings" self.assertIsInstance(self._settings.get_config(), SampleSettings) def test_get_setting(self): '''Test case that checks settings are correctly retrieved from the active configuration. In addition it ensures the configuration contains the minimum amount of information for installed_middleware.''' installed_middleware = self._settings.get("installed_middleware") self.assertGreaterEqual(len(installed_middleware), 3) self.assertEqual(["fantastico.middleware.request_middleware.RequestMiddleware", "fantastico.middleware.model_session_middleware.ModelSessionMiddleware", "fantastico.middleware.routing_middleware.RoutingMiddleware", "fantastico.oauth2.middleware.exceptions_middleware.OAuth2ExceptionsMiddleware", "fantastico.oauth2.middleware.tokens_middleware.OAuth2TokensMiddleware"], installed_middleware) def test_get_setting_unavailable(self): '''Test case that ensures an exception is thrown whenever we try to get a setting that is not available.''' self.assertRaises(FantasticoSettingNotFoundError, self._settings.get, *["setting_not_found"]) def test_get_setting_internal_error(self): '''Test case that ensures properties internal server errors are handled gracefully.''' self._environ["FANTASTICO_ACTIVE_CONFIG"] = "fantastico.tests.test_settings.SampleSettings" self.assertRaises(FantasticoSettingNotFoundError, self._settings.get, *["installed_middleware"]) def test_get_root_folder(self): '''Test case that ensures get root folder works correctly.''' self._environ["FANTASTICO_ACTIVE_CONFIG"] = "fantastico.settings.BasicSettings" expected_root = self._get_root_folder() root_folder = self._settings.get_root_folder() self.assertEqual(expected_root, root_folder)
class TestSettingsFacadeSuite(FantasticoUnitTestsCase): '''Test suite for settings facade functionality.''' def init(self): self._environ = {} self._settings = SettingsFacade(self._environ) def test_get_config_noenv(self): '''Test case that checks a settings class can be obtained even if FANTASTICO_ACTIVE_CONFIG environment variable is not found.''' self.assertIsInstance(self._settings.get_config(), BasicSettings) def test_get_config_env_notfound(self): '''Test case that checks an exception is thrown when the specified class config can not be resolved.''' self._environ["FANTASTICO_ACTIVE_CONFIG"] = "not.found.class" self.assertRaises(FantasticoClassNotFoundError, self._settings.get_config) def test_get_config_env_found(self): '''Test case that checks that a custom configuration is instantiated correctly.''' self._environ[ "FANTASTICO_ACTIVE_CONFIG"] = "fantastico.tests.test_settings.SampleSettings" self.assertIsInstance(self._settings.get_config(), SampleSettings) def test_get_setting(self): '''Test case that checks settings are correctly retrieved from the active configuration. In addition it ensures the configuration contains the minimum amount of information for installed_middleware.''' installed_middleware = self._settings.get("installed_middleware") self.assertGreaterEqual(len(installed_middleware), 3) self.assertEqual([ "fantastico.middleware.request_middleware.RequestMiddleware", "fantastico.middleware.model_session_middleware.ModelSessionMiddleware", "fantastico.middleware.routing_middleware.RoutingMiddleware", "fantastico.oauth2.middleware.exceptions_middleware.OAuth2ExceptionsMiddleware", "fantastico.oauth2.middleware.tokens_middleware.OAuth2TokensMiddleware" ], installed_middleware) def test_get_setting_unavailable(self): '''Test case that ensures an exception is thrown whenever we try to get a setting that is not available.''' self.assertRaises(FantasticoSettingNotFoundError, self._settings.get, *["setting_not_found"]) def test_get_setting_internal_error(self): '''Test case that ensures properties internal server errors are handled gracefully.''' self._environ[ "FANTASTICO_ACTIVE_CONFIG"] = "fantastico.tests.test_settings.SampleSettings" self.assertRaises(FantasticoSettingNotFoundError, self._settings.get, *["installed_middleware"]) def test_get_root_folder(self): '''Test case that ensures get root folder works correctly.''' self._environ[ "FANTASTICO_ACTIVE_CONFIG"] = "fantastico.settings.BasicSettings" expected_root = self._get_root_folder() root_folder = self._settings.get_root_folder() self.assertEqual(expected_root, root_folder)
class UserResourceIntegrationTests(DevServerIntegration): '''This class provides the integration tests which ensures that CRUD operations work as expected on user resource. We do this because we also want to validate oauth2 roa validation.''' DEFAULT_CLIENT_ID = None DEFAULT_USER_ID = 1 SCOPES = "user.profile.read user.profile.update user.profile.delete" _access_token = None _settings_facade = None def init(self): '''This method is invoked before executing each test case. It generates an access_token which is authorized to access user api.''' self._settings_facade = SettingsFacade() self.DEFAULT_CLIENT_ID = self._settings_facade.get( "oauth2_idp")["client_id"] self._access_token = self._get_oauth2_token(self.DEFAULT_CLIENT_ID, self.DEFAULT_USER_ID, self.SCOPES) def cleanup(self): self._invalidate_oauth2_token(self._access_token) self._access_token = None def _create_user(self, hostname, port): '''This method simply creates a new user using the api and returns the new user username.''' username = "******" endpoint = "/api/latest/oauth-idp-profile" user = {"username": username, "password": "******"} http_conn = http.client.HTTPConnection(hostname, port) http_conn.request("POST", endpoint, json.dumps(user)) response = http_conn.getresponse() self.assertIsNotNone(response) self.assertEqual(201, response.status) location = response.headers.get("Location") self.assertIsNotNone(location) http_conn.close() return location.split("/")[-1] def _delete_user(self, user_id, token, hostname, port): '''This method removes the requested user_id.''' db_conn = None conn_manager = None request_id = None person_facade = None person = None try: conn_manager, request_id, db_conn = self._get_db_conn() person_facade = ModelFacade(Person, db_conn) user = ModelFacade(User, db_conn).find_by_pk({User.user_id: user_id}) person = person_facade.find_by_pk( {Person.person_id: user.person_id}) endpoint = "/api/latest/oauth-idp-profile/%s?token=%s" % (user_id, token) http_conn = http.client.HTTPConnection(hostname, port) http_conn.request("DELETE", endpoint) response = http_conn.getresponse() http_conn.close() self.assertIsNotNone(response) self.assertEqual(204, response.status) finally: if person: person_facade.delete(person) if db_conn: conn_manager.close_connection(request_id) def test_retrieve_user_ok(self): '''This test case ensures default user used in tests can be retrieved correctly.''' results = {"user_id": None, "token": None} def get_new_user(server): '''This method triggers an http get on default user.''' results["user_id"] = user_id = int( self._create_user(server.hostname, server.port)) results["token"] = access_token = self._get_oauth2_token( self.DEFAULT_CLIENT_ID, user_id, self.SCOPES) http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request( "GET", "/api/latest/oauth-idp-profile/%s" % user_id, headers={"Authorization": "Bearer %s" % access_token}) results["response"] = http_conn.getresponse() http_conn.close() self._delete_user(user_id, access_token, server.hostname, server.port) def assert_user(server): '''This method assert the user response against expected results.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(200, response.status) body = response.read() self.assertIsNotNone(body) body = json.loads(body.decode()) self.assertNotIn("password", body) self.assertEqual("*****@*****.**", body["username"]) self.assertEqual(results.get("user_id"), body["user_id"]) self.assertGreater(body["person_id"], 1) self._run_test_against_dev_server(get_new_user, assert_user) def test_retrieve_users_ok(self): '''This test case ensures users can be retrieved .''' results = {} def get_default_user(server): '''This method triggers an http get on default users collection endpoint.''' http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request( "GET", "/api/latest/oauth-idp-profile?token=%s" % self._access_token) results["response"] = http_conn.getresponse() http_conn.close() def assert_user(server): '''This method assert the user response against expected results.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(200, response.status) body = response.read() self.assertIsNotNone(body) body = json.loads(body.decode()) items = body.get("items") self.assertNotIn("password", items[0]) self.assertEqual("*****@*****.**", items[0]["username"]) self.assertEqual(1, items[0]["user_id"]) self.assertEqual(1, items[0]["person_id"]) self._run_test_against_dev_server(get_default_user, assert_user) def test_get_users_unauthorized(self): '''This method ensures users collection can not be accessed without an access token sent.''' results = {} def get_users(server): '''This method triggers an http get on default user.''' http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request("GET", "/api/latest/oauth-idp-profile") results["response"] = http_conn.getresponse() http_conn.close() def assert_unauthorized(server): '''This method assert the user response against expected results.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(401, response.status) self._run_test_against_dev_server(get_users, assert_unauthorized)
class OAuth2ControllerIntegrationTests(DevServerIntegration): '''This class provides the integration tests suite for ensuring oauth2 controller works as expected.''' DEFAULT_CLIENT_ID = None DEFAULT_USER_ID = 1 DEFAULT_SCOPES = "user.profile.read user.profile.update user.profile.delete" TOKEN_VALIDITY = None _settings_facade = None def init(self): '''This method is invoked in order to set all common dependencies for test cases.''' self._settings_facade = SettingsFacade() self.DEFAULT_CLIENT_ID = self._settings_facade.get( "oauth2_idp")["client_id"] self.TOKEN_VALIDITY = self._settings_facade.get( "access_token_validity") def test_implicit_grant(self): '''This test case ensures implicit grant type success scenario works as expected.''' state = "abcd xyz&abc" redirect_uri = "/oauth/idp/ui/cb" login_token = self._get_oauth2_logintoken(self.DEFAULT_CLIENT_ID, self.DEFAULT_USER_ID) endpoint = "/oauth/authorize?response_type=token&client_id=%s&login_token=%s&state=%s&scope=%s&redirect_uri=%s" % \ (self.DEFAULT_CLIENT_ID, login_token, urllib.parse.quote(state), urllib.parse.quote(self.DEFAULT_SCOPES), urllib.parse.quote(redirect_uri)) results = {} def trigger_implicit_flow(server): http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request("GET", endpoint) results["response"] = http_conn.getresponse() http_conn.close() def assert_success(server): '''This method ensures the flow completed successfully by checking the location and hash part of the location.''' response = results["response"] self.assertIsNotNone(response) self.assertEqual(302, response.status) location = response.headers["Location"] self.assertIsNotNone(location) self.assertTrue( location.startswith("%s#access_token=" % redirect_uri)) self.assertTrue( location.find("&expires_in=%s" % self.TOKEN_VALIDITY) > -1) self.assertTrue( location.find("&state=%s" % urllib.parse.quote(state)) > -1) self.assertTrue( location.find("&scope=%s" % urllib.parse.quote(self.DEFAULT_SCOPES)) > -1) location = location.replace("%s#access_token=" % redirect_uri, "") access_token = location[:location.find("&")] self.assertGreater(len(access_token), 400) self._run_test_against_dev_server(trigger_implicit_flow, assert_success) def test_authorize_implicit_missing_param_form(self): '''This test case ensures error, error_uri and error_description query parameters are appended to redirect_uri passed for implicit grant type.''' self._test_error_handling_implicit_graceful("form", "?") def test_authorize_implicit_missing_param_hash(self): '''This test case ensures error, error_uri and error_description query parameters are appended to redirect_uri passed for implicit grant type (into hash section).''' self._test_error_handling_implicit_graceful("hash", "#") def _test_error_handling_implicit_graceful(self, format, delimiter): '''This method provides a template for ensuring error handling method types which describe error through redirect and query or hash strings work as expected.''' endpoint = "/oauth/authorize?error_format=%s&redirect_uri=/example/cb" % format results = {} def invoke_implicit(server): '''This method tries to retrieve login screen.''' http_conn = http.client.HTTPConnection(server.hostname, server.port) http_conn.request("GET", endpoint) results["response"] = http_conn.getresponse() http_conn.close() def assert_error_graceful(server): '''This method asserts that error was gracefully handled by OAuth2 exceptions middleware.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(302, response.status) location = response.headers.get("Location") self.assertIsNotNone(location) self.assertTrue(location.startswith("/example/cb%s" % delimiter)) self.assertTrue( location.find("error=invalid_request") > -1, "%s does not contain error query param." % location) result = re.findall(r"error_description=(.*)&", location) self.assertEqual( 1, len(result), "%s does not contain error_description query param." % location) result = re.findall(r"error_uri=(.*)", location) self.assertEqual( 1, len(result), "%s does not contain error_uri query param." % location) self._run_test_against_dev_server(invoke_implicit, assert_error_graceful)
class UserResourceIntegrationTests(DevServerIntegration): '''This class provides the integration tests which ensures that CRUD operations work as expected on user resource. We do this because we also want to validate oauth2 roa validation.''' DEFAULT_CLIENT_ID = None DEFAULT_USER_ID = 1 SCOPES = "user.profile.read user.profile.update user.profile.delete" _access_token = None _settings_facade = None def init(self): '''This method is invoked before executing each test case. It generates an access_token which is authorized to access user api.''' self._settings_facade = SettingsFacade() self.DEFAULT_CLIENT_ID = self._settings_facade.get("oauth2_idp")["client_id"] self._access_token = self._get_oauth2_token(self.DEFAULT_CLIENT_ID, self.DEFAULT_USER_ID, self.SCOPES) def cleanup(self): self._invalidate_oauth2_token(self._access_token) self._access_token = None def _create_user(self, hostname, port): '''This method simply creates a new user using the api and returns the new user username.''' username = "******" endpoint = "/api/latest/oauth-idp-profile" user = {"username": username, "password": "******"} http_conn = http.client.HTTPConnection(hostname, port) http_conn.request("POST", endpoint, json.dumps(user)) response = http_conn.getresponse() self.assertIsNotNone(response) self.assertEqual(201, response.status) location = response.headers.get("Location") self.assertIsNotNone(location) http_conn.close() return location.split("/")[-1] def _delete_user(self, user_id, token, hostname, port): '''This method removes the requested user_id.''' db_conn = None conn_manager = None request_id = None person_facade = None person = None try: conn_manager, request_id, db_conn = self._get_db_conn() person_facade = ModelFacade(Person, db_conn) user = ModelFacade(User, db_conn).find_by_pk({User.user_id: user_id}) person = person_facade.find_by_pk({Person.person_id: user.person_id}) endpoint = "/api/latest/oauth-idp-profile/%s?token=%s" % (user_id, token) http_conn = http.client.HTTPConnection(hostname, port) http_conn.request("DELETE", endpoint) response = http_conn.getresponse() http_conn.close() self.assertIsNotNone(response) self.assertEqual(204, response.status) finally: if person: person_facade.delete(person) if db_conn: conn_manager.close_connection(request_id) def test_retrieve_user_ok(self): '''This test case ensures default user used in tests can be retrieved correctly.''' results = {"user_id": None, "token": None} def get_new_user(server): '''This method triggers an http get on default user.''' results["user_id"] = user_id = int(self._create_user(server.hostname, server.port)) results["token"] = access_token = self._get_oauth2_token(self.DEFAULT_CLIENT_ID, user_id, self.SCOPES) http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request("GET", "/api/latest/oauth-idp-profile/%s" % user_id, headers={"Authorization": "Bearer %s" % access_token}) results["response"] = http_conn.getresponse() http_conn.close() self._delete_user(user_id, access_token, server.hostname, server.port) def assert_user(server): '''This method assert the user response against expected results.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(200, response.status) body = response.read() self.assertIsNotNone(body) body = json.loads(body.decode()) self.assertNotIn("password", body) self.assertEqual("*****@*****.**", body["username"]) self.assertEqual(results.get("user_id"), body["user_id"]) self.assertGreater(body["person_id"], 1) self._run_test_against_dev_server(get_new_user, assert_user) def test_retrieve_users_ok(self): '''This test case ensures users can be retrieved .''' results = {} def get_default_user(server): '''This method triggers an http get on default users collection endpoint.''' http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request("GET", "/api/latest/oauth-idp-profile?token=%s" % self._access_token) results["response"] = http_conn.getresponse() http_conn.close() def assert_user(server): '''This method assert the user response against expected results.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(200, response.status) body = response.read() self.assertIsNotNone(body) body = json.loads(body.decode()) items = body.get("items") self.assertNotIn("password", items[0]) self.assertEqual("*****@*****.**", items[0]["username"]) self.assertEqual(1, items[0]["user_id"]) self.assertEqual(1, items[0]["person_id"]) self._run_test_against_dev_server(get_default_user, assert_user) def test_get_users_unauthorized(self): '''This method ensures users collection can not be accessed without an access token sent.''' results = {} def get_users(server): '''This method triggers an http get on default user.''' http_conn = http.client.HTTPConnection(host=server.hostname, port=server.port) http_conn.request("GET", "/api/latest/oauth-idp-profile") results["response"] = http_conn.getresponse() http_conn.close() def assert_unauthorized(server): '''This method assert the user response against expected results.''' response = results.get("response") self.assertIsNotNone(response) self.assertEqual(401, response.status) self._run_test_against_dev_server(get_users, assert_unauthorized)