Python AccessTokenFactory Examples

Example #1

File: test_grading_policy_view.py Project: sliva/edx-platform

 def get_auth_header(self, user):
     """
     Returns Bearer auth header with a generated access token
     for the given user.
     """
     access_token = AccessTokenFactory.create(user=user, application=self.oauth_client).token
     return 'Bearer ' + access_token

Example #2

File: test_views.py Project: yrchen/edx-platform

 def test_oauth(self):
     """ Verify the endpoint supports authentication via OAuth 2.0. """
     access_token = AccessTokenFactory(
         user=self.user, application=ApplicationFactory()).token
     headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token}
     self.client.logout()
     response = self.client.get(self.path, **headers)
     assert response.status_code == 200

Example #3

File: test_views.py Project: yrchen/edx-platform

    def test_oauth(self):
        """ Verify the endpoint supports OAuth, and only allows authorization for staff users. """
        user = UserFactory(is_staff=False)
        oauth_client = ApplicationFactory.create()
        access_token = AccessTokenFactory.create(
            user=user, application=oauth_client).token
        headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token}

        # Non-staff users should not have access to the API
        response = self.client.get(self.path, **headers)
        assert response.status_code == 403

        # Staff users should have access to the API
        user.is_staff = True
        user.save()
        response = self.client.get(self.path, **headers)
        assert response.status_code == 200

Example #4

File: test_api_views.py Project: sliva/edx-platform

    def test_oauth_list(self, path_name):
        """ Verify the endpoints supports OAuth, and only allows authorization for staff users. """
        path = reverse(path_name,
                       kwargs={'course_key_string': self.course_str})
        user = UserFactory(is_staff=False)
        oauth_client = ApplicationFactory.create()
        access_token = AccessTokenFactory.create(
            user=user, application=oauth_client).token
        headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token}

        # Non-staff users should not have access to the API
        response = self.client.get(path=path, **headers)
        self.assertEqual(response.status_code, 403)

        # Staff users should have access to the API
        user.is_staff = True
        user.save()
        response = self.client.get(path=path, **headers)
        self.assertEqual(response.status_code, 200)

Example #5

    def test_oauth_csv(self):
        """ Verify the endpoint supports OAuth, and only allows authorization for staff users. """
        cohorts.add_cohort(self.course_key, "DEFAULT", "random")
        path = reverse('api_cohorts:cohort_users_csv',
                       kwargs={'course_key_string': self.course_str})
        user = UserFactory(is_staff=False)
        oauth_client = ApplicationFactory.create()
        access_token = AccessTokenFactory.create(
            user=user, application=oauth_client).token
        headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token}

        # Non-staff users should not have access to the API
        response = self.client.post(path=path, **headers)
        assert response.status_code == 403

        # Staff users should have access to the API
        user.is_staff = True
        user.save()
        response = self.client.post(path=path, **headers)
        assert response.status_code == 400

Example #6

 def create_user_and_access_token(self):
     self.user = GlobalStaffFactory.create()
     self.oauth_client = ApplicationFactory.create()
     self.access_token = AccessTokenFactory.create(
         user=self.user, application=self.oauth_client).token