def test_init_login_result_for_not_authorized_user( self, mock_request, mock_redirect_arg, mock_safe_url, mock_g, mock_make_response, mock_jsonify, mock_jwt ): """ Test that checks if the correct response for a not authorized user is returned. """ oauth_view = AuthOAuthView() oauth_view.appbuilder = MagicMock() provider = "OPENLMIS" redirect_url = "/superset/dashboard/3" state = '12345' with patch('superset_patchup.oauth.g.user.is_authenticated', False): with patch("superset_patchup.oauth.session", dict()) as session: mock_redirect_arg.return_value = redirect_url mock_jwt.encode.return_value = state oauth_view.login_init(provider=provider) mock_make_response.assert_called() assert call(isAuthorized=False, state=state) in mock_jsonify.call_args_list assert session.get('%s_oauthredir' % provider) == redirect_url
def test_oauth_authorized( self, mock_request, mock_login, mock_request_redirect, mock_safe_url, mock_redirect, ): """ This test checks that 1. The access token is used when passed in the request header 2. Redirect is called with the url passed in the request args """ # Sample authorized response mock_authorized_response = { "access_token": "cZpwCzYjpzuSqzekM", "token_type": "Bearer", "expires_in": 3600, "refresh_token": "Sui6j4nQtbmU9P", "scope": "read write", } # Sample user info from onadata mock_user_info = { "name": "test auth", "email": "*****@*****.**", "id": 58863, "username": "******", "first_name": "test", "last_name": "auth", "is_active": True, } oauth_view = AuthOAuthView() oauth_view.appbuilder = MagicMock() oauth_view.appbuilder.sm.oauth_remotes[ "onadata"].authorized_response = MagicMock( return_value=mock_authorized_response) mock_request.headers = {"Custom-Api-Token": "cZpwCzYjpzuSqzekM"} auth_session_mock = MagicMock() oauth_view.appbuilder.sm.set_oauth_session = auth_session_mock oauth_view.appbuilder.sm.oauth_user_info = MagicMock( return_value=mock_user_info) oauth_view.appbuilder.sm.oauth_whitelists = MagicMock() oauth_view.appbuilder.sm.auth_user_oauth = MagicMock( return_value=mock_user_info) oauth_view.appbuilder.sm.get_oauth_redirect_url = MagicMock() mock_request_redirect.return_value = "http://example.com" mock_safe_url.return_value = True oauth_view.oauth_authorized(provider="onadata") auth_session_mock.assert_called_with( "onadata", {"access_token": "cZpwCzYjpzuSqzekM"}) assert mock_login.call_count == 1 mock_redirect.assert_called_once_with("http://example.com")
def test_login_redirect(self, mock_request, mock_redirect_arg, mock_safe_url, mock_g, mock_redirect): # pylint: disable=R0201,R0913,W0613 """ Test that we are redirected to the redirect url when it is passed as an argument to /login """ oauth_view = AuthOAuthView() oauth_view.appbuilder = MagicMock() mock_redirect_arg.return_value = "/superset/dashboard/3" mock_safe_url.return_value = True mock_g.user.is_authenticated.return_value = True oauth_view.login(provider="onadata") mock_redirect.assert_called_once_with("/superset/dashboard/3")
def test_generate_state_result(self, mock_request): # pylint: disable=R0201 """ Test that checks if a valid state is returned. """ oauth_view = AuthOAuthView() oauth_view.appbuilder = MagicMock() app_config = dict(SECRET_KEY="secret_key") request_args = dict(dummy_parameter="dummy_parameter_value") type(oauth_view.appbuilder.app).config = PropertyMock( return_value=app_config) mock_request.args.to_dict.return_value = request_args state = oauth_view.generate_state() assert len(state) > 0
def test_login(self): """Test /login/<provider>""" self.appbuilder.add_view(AuthOAuthView(), 'KetchupAuthOAuthView') client = self.app.test_client() response = client.get('/login/onadata') self.assertEqual(response.status_code, 302) # Confirm Redirect URL has https self.assertIn('redirect_uri=https%3A', response.headers['Location'])
def test_init_login_result_for_already_authorized_user( self, mock_g, mock_make_response, mock_jsonify): # pylint: disable=R0201,W0613 """ Test that checks if the correct response for an already authorized user is returned. """ oauth_view = AuthOAuthView() oauth_view.appbuilder = MagicMock() provider = "OPENLMIS" with patch("superset_patchup.oauth.g.user.is_authenticated", True): with patch("superset_patchup.oauth.session", dict()) as session: oauth_view.login_init(provider=provider) mock_make_response.assert_called() assert call(isAuthorized=True) in mock_jsonify.call_args_list assert (("%s_oauthredir" % provider) in session) is False