def test_signal_oauth_error_login(request): responses.add( responses.POST, "https://example.com/oauth/request_token", body="oauth_problem=nonce_used", status=401, ) app, bp = make_app() calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: resp = client.get("/login/test-service", base_url="https://a.b.c") assert len(calls) == 1 assert calls[0][0] == (bp,) assert ( calls[0][1]["message"] == "Token request failed with code 401, response was 'oauth_problem=nonce_used'." ) assert resp.status_code == 302 location = resp.headers["Location"] assert location == "https://a.b.c/"
def test_signal_oauth_error_authorized(request): responses.add( responses.POST, "https://example.com/oauth/access_token", body="Invalid request token.", status=401, ) app, bp = make_app() calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: resp = client.get( "/login/test-service/authorized?" "oauth_token=faketoken&" "oauth_token_secret=fakesecret&" "oauth_verifier=fakeverifier", base_url="https://a.b.c", ) assert len(calls) == 1 assert calls[0][0] == (bp,) assert ( calls[0][1]["message"] == "Token request failed with code 401, response was 'Invalid request token.'." ) assert resp.status_code == 302
def test_signal_oauth_error(request): app, bp = make_app() calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: resp = client.get( "/login/test-service/authorized?" "error=unauthorized_client&" "error_description=Invalid+redirect+URI&" "error_uri=https%3a%2f%2fexample.com%2fdocs%2fhelp", base_url="https://a.b.c", ) assert len(calls) == 1 assert calls[0][0] == (bp,) assert calls[0][1] == { "error": "unauthorized_client", "error_description": "Invalid redirect URI", "error_uri": "https://example.com/docs/help", } assert resp.status_code == 302
def test_signal_oauth_error(request): app, bp = make_app() calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: resp = client.get( "/login/test-service/authorized?" "error=unauthorized_client&" "error_description=Invalid+redirect+URI&" "error_uri=https%3a%2f%2fexample.com%2fdocs%2fhelp", base_url="https://a.b.c", ) assert len(calls) == 1 assert calls[0][0] == (bp, ) assert calls[0][1] == { "error": "unauthorized_client", "error_description": "Invalid redirect URI", "error_uri": "https://example.com/docs/help", } assert resp.status_code == 302
def test_signal_oauth_notoken_authorized(request): app, bp = make_app() calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: resp = client.get( "/login/test-service/authorized?" "denied=faketoken", base_url="https://a.b.c", ) assert len(calls) == 1 assert calls[0][0] == (bp, ) assert "Response does not contain a token" in calls[0][1]["message"] assert calls[0][1]["response"] == {'denied': 'faketoken'} assert resp.status_code == 302 location = resp.headers["Location"] assert location == "https://a.b.c/"
def test_sqla_flask_login_misconfigured(app, db, blueprint, request): login_manager = LoginManager(app) class User(db.Model, UserMixin): id = db.Column(db.Integer, primary_key=True) name = db.Column(db.String(80)) class OAuth(OAuthConsumerMixin, db.Model): user_id = db.Column(db.Integer, db.ForeignKey(User.id)) user = db.relationship(User) blueprint.storage = SQLAlchemyStorage(OAuth, db.session, user=current_user) db.create_all() def done(): db.session.remove() db.drop_all() request.addfinalizer(done) # configure login manager @login_manager.user_loader def load_user(userid): return User.query.get(userid) calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: # reset the session before the request with client.session_transaction() as sess: sess["test-service_oauth_state"] = "random-string" # make the request resp = client.get( "/login/test-service/authorized?code=secret-code&state=random-string", base_url="https://a.b.c", ) # check that we redirected the client assert resp.status_code == 302 assert resp.headers["Location"] in ("https://a.b.c/oauth_done", "/oauth_done") assert len(calls) == 1 assert calls[0][0] == (blueprint, ) error = calls[0][1]["error"] assert isinstance(error, ValueError) assert str(error) == "Cannot set OAuth token without an associated user"
def test_sqla_flask_login_misconfigured(app, db, blueprint, request): login_manager = LoginManager(app) class User(db.Model, UserMixin): id = db.Column(db.Integer, primary_key=True) name = db.Column(db.String(80)) class OAuth(OAuthConsumerMixin, db.Model): user_id = db.Column(db.Integer, db.ForeignKey(User.id)) user = db.relationship(User) blueprint.storage = SQLAlchemyStorage(OAuth, db.session, user=current_user) db.create_all() def done(): db.session.remove() db.drop_all() request.addfinalizer(done) # configure login manager @login_manager.user_loader def load_user(userid): return User.query.get(userid) calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: # reset the session before the request with client.session_transaction() as sess: sess["test-service_oauth_state"] = "random-string" # make the request resp = client.get( "/login/test-service/authorized?code=secret-code&state=random-string", base_url="https://a.b.c", ) # check that we redirected the client assert resp.status_code == 302 assert resp.headers["Location"] == "https://a.b.c/oauth_done" assert len(calls) == 1 assert calls[0][0] == (blueprint,) error = calls[0][1]["error"] assert isinstance(error, ValueError) assert str(error) == "Cannot set OAuth token without an associated user"
def test_signal_oauth_notoken_authorized(request): app, bp = make_app() calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_error.connect(callback) request.addfinalizer(lambda: oauth_error.disconnect(callback)) with app.test_client() as client: resp = client.get( "/login/test-service/authorized?" "denied=faketoken", base_url="https://a.b.c", ) assert len(calls) == 1 assert calls[0][0] == (bp,) assert "Response does not contain a token" in calls[0][1]["message"] assert calls[0][1]["response"] == {"denied": "faketoken"} assert resp.status_code == 302 location = resp.headers["Location"] assert location == "https://a.b.c/"