def test_create_proxy(self): """ Tests that when the proxy is instantiated a token is created. """ with patch('hgw_common.models.OAuth2Session', new_callable=MockOAuth2Session) as mock: m = mock(200) OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret) # The datetime object has a precision to 10e-6 seconds while the timestamp 10e-7. # This precision is irrelevant in this case but we need to modify the original value m.token['expires_at'] = datetime.fromtimestamp(m.token['expires_at']).timestamp() mock.assert_called() self.assertEqual(AccessToken.objects.count(), 1) self.assertDictEqual(AccessToken.objects.first().to_python(), mock().token)
def list(self, request): try: oauth_backend_session = OAuth2SessionProxy('{}/oauth2/token/'.format(HGW_BACKEND_URI), HGW_BACKEND_CLIENT_ID, HGW_BACKEND_CLIENT_SECRET) except InvalidClientError: return Response({'errors': [ERRORS_MESSAGE['INVALID_BACKEND_CLIENT']]}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) except requests.exceptions.ConnectionError: return Response({'errors': [ERRORS_MESSAGE['BACKEND_CONNECTION_ERROR']]}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) else: res = oauth_backend_session.get('{}/v1/profiles/'.format(HGW_BACKEND_URI)) return Response(res.json(), content_type='application/json')
def test_access_token_refreshed_for_401_response(self): """ Tests that, when the response is 401 (Unauthorized), another token is created and the call is perfomed again """ with patch('hgw_common.models.OAuth2Session', MockOAuth2Session): MockOAuth2Session.RESPONSES = [401] proxy = OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret) m = proxy._session first_token = m.token['access_token'] proxy.get("/fake_url/1/") second_token = m.token['access_token'] self.assertEqual(len(m.get.call_args_list), 2) # Number of calls self.assertEqual(len(m.fetch_token.call_args_list), 2) # Number of calls m.get.assert_has_calls([call('/fake_url/1/'), call('/fake_url/1/')]) self.assertEqual(AccessToken.objects.count(), 1) self.assertNotEquals(first_token, second_token)
def test_access_token_reused(self): """ Tests that, if the token has already been created and two subsequent calls returns 200, it is used the same token """ with patch('hgw_common.models.OAuth2Session', MockOAuth2Session): MockOAuth2Session.RESPONSES = [200, 200] proxy = OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret) m = proxy._session first_token = m.token['access_token'] proxy.get("/fake_url/1/") second_token = m.token['access_token'] proxy.get("/fake_url/2/") third_token = m.token['access_token'] self.assertEqual(len(m.get.call_args_list), 2) # Number of calls m.get.assert_has_calls([call('/fake_url/1/'), call('/fake_url/2/')]) m.fetch_token.assert_called_once() self.assertEqual(AccessToken.objects.count(), 1) self.assertEqual(first_token, second_token, third_token)
def test_access_token_from_db(self): """ Tests that, when the proxy is instantiated and an access token is found in the db, the db token is used :return: """ token_data = {'access_token': 'OUfprCnmdJbhYAIk8rGMex4UBLXyf3', 'token_type': 'Bearer', 'expires_in': 36000, 'expires_at': (datetime.now() + timedelta(hours=10)).isoformat(), 'scope': 'read write'} AccessToken.objects.create(token_url=self.service_url, **token_data) with patch('hgw_common.models.OAuth2Session', new_callable=MockOAuth2Session) as mock: mock(200) OAuth2SessionProxy(self.service_url, self.client_id, self.client_secret) # The datetime object has a precision to 10e-6 seconds while the timestamp 10e-7. # This precision is irrelevant in this case but we need to modify the original value # m.token['expires_at'] = datetime.fromtimestamp(m.token['expires_at']).timestamp() mock.assert_called() self.assertEqual(AccessToken.objects.count(), 1) self.assertEqual(AccessToken.objects.first().access_token, token_data['access_token'])
def _get_consent_session(): return OAuth2SessionProxy('{}/oauth2/token/'.format(CONSENT_MANAGER_URI), CONSENT_MANAGER_CLIENT_ID, CONSENT_MANAGER_CLIENT_SECRET)
def _get_backend_session(): return OAuth2SessionProxy('{}/oauth2/token/'.format(HGW_BACKEND_URI), HGW_BACKEND_CLIENT_ID, HGW_BACKEND_CLIENT_SECRET)