def test_auto_refresh_token2(self): def _update_token(token, refresh_token=None, access_token=None): self.assertEqual(access_token, 'a') self.assertEqual(token, self.token) update_token = mock.Mock(side_effect=_update_token) old_token = dict(access_token='a', token_type='bearer', expires_at=100) sess = OAuth2Session( 'foo', token=old_token, token_endpoint='https://i.b/token', grant_type='client_credentials', ) sess.send = mock_json_response(self.token) sess.get('https://i.b/user') self.assertFalse(update_token.called) sess = OAuth2Session( 'foo', token=old_token, token_endpoint='https://i.b/token', grant_type='client_credentials', update_token=update_token, ) sess.send = mock_json_response(self.token) sess.get('https://i.b/user') self.assertTrue(update_token.called)
def test_revoke_token(self): sess = OAuth2Session('a') answer = {'status': 'ok'} sess.send = mock_json_response(answer) resp = sess.revoke_token('https://i.b/token', 'hi') self.assertEqual(resp.json(), answer) resp = sess.revoke_token( 'https://i.b/token', 'hi', token_type_hint='access_token' ) self.assertEqual(resp.json(), answer) def revoke_token_request(url, headers, data): self.assertEqual(url, 'https://i.b/token') return url, headers, data sess.register_compliance_hook( 'revoke_token_request', revoke_token_request, ) sess.revoke_token( 'https://i.b/token', 'hi', body='', token_type_hint='access_token' )
def test_fetch_token_post(self): url = 'https://example.com/token' def fake_send(r, **kwargs): self.assertIn('code=v', r.body) self.assertIn('client_id=', r.body) self.assertIn('grant_type=authorization_code', r.body) resp = mock.MagicMock() resp.json = lambda: self.token return resp sess = OAuth2Session(client_id=self.client_id) sess.send = fake_send self.assertEqual( sess.fetch_token(url, authorization_response='https://i.b/?code=v'), self.token) sess = OAuth2Session( client_id=self.client_id, token_endpoint_auth_method='none', ) sess.send = fake_send token = sess.fetch_token(url, code='v') self.assertEqual(token, self.token) error = {'error': 'invalid_request'} sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.send = mock_json_response(error) self.assertRaises(OAuthError, sess.fetch_access_token, url)
def test_facebook_fetch_user(self): client = OAuthClient('a', 'b', api_base_url='https://facebook.com/api') client.set_token({'access_token': 'a', 'token_type': 'bearer'}) client.session.send = mock_json_response({ 'id': 1, 'name': 'Hsiaoming', 'email': '[email protected]' }) user = facebook_fetch_user(client) self.assertEqual(user.id, 1) self.assertEqual(user.name, 'Hsiaoming')
def test_google_fetch_user(self): client = OAuthClient('a', 'b', api_base_url='https://google.com/api') client.set_token({'access_token': 'a', 'token_type': 'bearer'}) client.session.send = mock_json_response({ 'sub': 1, 'name': 'Grey Li', 'email': '[email protected]' }) user = google_fetch_user(client) self.assertEqual(user.id, 1) self.assertEqual(user.name, 'Grey Li')
def test_access_token_response_hook(self): url = 'https://example.com/token' def access_token_response_hook(resp): self.assertEqual(resp.json(), self.token) return resp sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.register_compliance_hook('access_token_response', access_token_response_hook) sess.send = mock_json_response(self.token) self.assertEqual(sess.fetch_access_token(url), self.token)
def test_dropbox_fetch_user(self): client = OAuthClient('a', 'b', api_base_url='https://dropbox.com/api') client.set_token({'access_token': 'a', 'token_type': 'bearer'}) client.session.send = mock_json_response({ 'account_id': 1, 'name': { 'display_name': 'Hsiaoming' }, 'email': '[email protected]' }) user = dropbox_fetch_user(client) self.assertEqual(user.id, 1) self.assertEqual(user.name, 'Hsiaoming')
def test_twitter_fetch_user(self): client = OAuthClient('a', 'b', request_token_url='https://i.b', api_base_url='https://twitter.com/api') client.set_token({'oauth_token': 'a', 'oauth_token_secret': 'b'}) client.session.send = mock_json_response({ 'id': 1, 'name': 'Hsiaoming', 'email': '[email protected]' }) user = twitter_fetch_user(client) self.assertEqual(user.id, 1) self.assertEqual(user.name, 'Hsiaoming')
def test_introspect_token(self): sess = OAuth2Session('a') answer = { "active": True, "client_id": "l238j323ds-23ij4", "username": "******", "scope": "read write dolphin", "sub": "Z5O3upPC88QrAjx00dis", "aud": "https://protected.example.net/resource", "iss": "https://server.example.com/", "exp": 1419356238, "iat": 1419350238 } sess.send = mock_json_response(answer) resp = sess.introspect_token('https://i.b/token', 'hi') self.assertEqual(resp.json(), answer)
def test_auto_refresh_token(self): def token_updater(token): self.assertEqual(token, self.token) old_token = dict(access_token='a', refresh_token='b', token_type='bearer', expires_at=100) sess = OAuth2Session( 'foo', token=old_token, refresh_token_url='https://i.b/token', refresh_token_params={'ping': 'pong'}, token_updater=token_updater, ) sess.send = mock_json_response(self.token) sess.get('https://i.b/user')
def test_cleans_previous_token_before_fetching_new_one(self): """Makes sure the previous token is cleaned before fetching a new one. The reason behind it is that, if the previous token is expired, this method shouldn't fail with a TokenExpiredError, since it's attempting to get a new one (which shouldn't be expired). """ new_token = deepcopy(self.token) past = time.time() - 7200 now = time.time() self.token['expires_at'] = past new_token['expires_at'] = now + 3600 url = 'https://example.com/token' with mock.patch('time.time', lambda: now): sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.send = mock_json_response(new_token) self.assertEqual(sess.fetch_access_token(url), new_token)
def test_register_compliance_hook(self): sess = OAuth2Session('foo') self.assertRaises( ValueError, sess.register_compliance_hook, 'invalid_hook', lambda o: o, ) def protected_request(url, headers, data): self.assertIn('Authorization', headers) return url, headers, data sess = OAuth2Session('foo', token=self.token) sess.register_compliance_hook( 'protected_request', protected_request, ) sess.send = mock_json_response({'name': 'a'}) sess.get('https://i.b/user')