async def test_fetch_token_post():
url = 'https://example.com/token'
async def assert_func(request):
content = await request.body()
content = content.decode()
assert 'code=v' in content
assert 'client_id=' in content
assert 'grant_type=authorization_code' in content
mock_response = AsyncMockDispatch(default_token, assert_func=assert_func)
async with AsyncOAuth2Client('foo', app=mock_response) as client:
token = await client.fetch_token(
url, authorization_response='https://i.b/?code=v')
assert token == default_token
async with AsyncOAuth2Client('foo',
token_endpoint_auth_method='none',
app=mock_response) as client:
token = await client.fetch_token(url, code='v')
assert token == default_token
mock_response = AsyncMockDispatch({'error': 'invalid_request'})
async with AsyncOAuth2Client('foo', app=mock_response) as client:
with pytest.raises(OAuthError):
await client.fetch_token(url)
async def test_refresh_token():
async def verifier(request):
content = await request.body()
if str(request.url) == 'https://i.b/token':
assert b'assertion=' in content
async with AsyncAssertionClient(
'https://i.b/token',
grant_type=AsyncAssertionClient.JWT_BEARER_GRANT_TYPE,
issuer='foo',
subject='foo',
audience='foo',
alg='HS256',
key='secret',
app=AsyncMockDispatch(default_token,
assert_func=verifier)) as client:
await client.get('https://i.b')
# trigger more case
now = int(time.time())
async with AsyncAssertionClient(
'https://i.b/token',
issuer='foo',
subject=None,
audience='foo',
issued_at=now,
expires_at=now + 3600,
header={'alg': 'HS256'},
key='secret',
scope='email',
claims={'test_mode': 'true'},
app=AsyncMockDispatch(default_token,
assert_func=verifier)) as client:
await client.get('https://i.b')
await client.get('https://i.b')
async def test_auto_refresh_token():
async def _update_token(token, refresh_token=None, access_token=None):
assert refresh_token == 'b'
assert token == default_token
update_token = mock.Mock(side_effect=_update_token)
old_token = dict(access_token='a',
refresh_token='b',
token_type='bearer',
expires_at=100)
app = AsyncMockDispatch(default_token)
async with AsyncOAuth2Client('foo',
token=old_token,
token_endpoint='https://i.b/token',
update_token=update_token,
app=app) as sess:
await sess.get('https://i.b/user')
assert update_token.called is True
old_token = dict(access_token='a', token_type='bearer', expires_at=100)
async with AsyncOAuth2Client('foo',
token=old_token,
token_endpoint='https://i.b/token',
update_token=update_token,
app=app) as sess:
with pytest.raises(OAuthError):
await sess.get('https://i.b/user')
async def test_auto_refresh_token2():
async def _update_token(token, refresh_token=None, access_token=None):
assert access_token == 'a'
assert token == default_token
update_token = mock.Mock(side_effect=_update_token)
old_token = dict(access_token='a', token_type='bearer', expires_at=100)
app = AsyncMockDispatch(default_token)
async with AsyncOAuth2Client(
'foo',
token=old_token,
token_endpoint='https://i.b/token',
grant_type='client_credentials',
app=app,
) as client:
await client.get('https://i.b/user')
assert update_token.called is False
async with AsyncOAuth2Client(
'foo',
token=old_token,
token_endpoint='https://i.b/token',
update_token=update_token,
grant_type='client_credentials',
app=app,
) as client:
await client.get('https://i.b/user')
assert update_token.called is True
async def test_without_alg():
async with AsyncAssertionClient('https://i.b/token',
issuer='foo',
subject='foo',
audience='foo',
key='secret',
app=AsyncMockDispatch()) as client:
with pytest.raises(ValueError):
await client.get('https://i.b')
async def test_revoke_token():
answer = {'status': 'ok'}
app = AsyncMockDispatch(answer)
async with AsyncOAuth2Client('a', app=app) as sess:
resp = await sess.revoke_token('https://i.b/token', 'hi')
assert resp.json() == answer
resp = await sess.revoke_token('https://i.b/token',
'hi',
token_type_hint='access_token')
assert resp.json() == answer
async def test_fetch_request_token_via_header():
request_token = {'oauth_token': '1', 'oauth_token_secret': '2'}
async def assert_func(request):
auth_header = request.headers.get('authorization')
assert 'oauth_consumer_key="id"' in auth_header
assert 'oauth_signature=' in auth_header
app = AsyncMockDispatch(request_token, assert_func=assert_func)
async with AsyncOAuth1Client('id', 'secret', app=app) as client:
response = await client.fetch_request_token(oauth_url)
assert response == request_token
async def test_add_token_to_uri():
async def assert_func(request):
assert default_token['access_token'] in str(request.url)
mock_response = AsyncMockDispatch({'a': 'a'}, assert_func=assert_func)
async with AsyncOAuth2Client('foo',
token=default_token,
token_placement='uri',
app=mock_response) as client:
resp = await client.get('https://i.b')
data = resp.json()
assert data['a'] == 'a'
async def test_cleans_previous_token_before_fetching_new_one():
now = int(time.time())
new_token = deepcopy(default_token)
past = now - 7200
default_token['expires_at'] = past
new_token['expires_at'] = now + 3600
url = 'https://example.com/token'
app = AsyncMockDispatch(new_token)
with mock.patch('time.time', lambda: now):
async with AsyncOAuth2Client('foo', token=default_token,
app=app) as sess:
assert await sess.fetch_token(url) == new_token
async def test_add_token_to_header():
async def assert_func(request):
token = 'Bearer ' + default_token['access_token']
auth_header = request.headers.get('authorization')
assert auth_header == token
mock_response = AsyncMockDispatch({'a': 'a'}, assert_func=assert_func)
async with AsyncOAuth2Client('foo', token=default_token,
app=mock_response) as client:
resp = await client.get('https://i.b')
data = resp.json()
assert data['a'] == 'a'
async def test_access_token_response_hook():
url = 'https://example.com/token'
def _access_token_response_hook(resp):
assert resp.json() == default_token
return resp
access_token_response_hook = mock.Mock(
side_effect=_access_token_response_hook)
app = AsyncMockDispatch(default_token)
async with AsyncOAuth2Client('foo', token=default_token, app=app) as sess:
sess.register_compliance_hook('access_token_response',
access_token_response_hook)
assert await sess.fetch_token(url) == default_token
assert access_token_response_hook.called is True
async def test_client_credentials_type():
url = 'https://example.com/token'
async def assert_func(request):
content = await request.body()
content = content.decode()
assert 'scope=profile' in content
assert 'grant_type=client_credentials' in content
app = AsyncMockDispatch(default_token, assert_func=assert_func)
async with AsyncOAuth2Client('foo', scope='profile', app=app) as sess:
token = await sess.fetch_token(url)
assert token == default_token
token = await sess.fetch_token(url, grant_type='client_credentials')
assert token == default_token
async def test_get_via_header():
mock_response = AsyncMockDispatch(b'hello')
async with AsyncOAuth1Client(
'id',
'secret',
token='foo',
token_secret='bar',
app=mock_response,
) as client:
response = await client.get('https://example.com/')
assert response.content == b'hello'
request = response.request
auth_header = request.headers.get('authorization')
assert 'oauth_token="foo"' in auth_header
assert 'oauth_consumer_key="id"' in auth_header
assert 'oauth_signature=' in auth_header
async def test_password_grant_type():
url = 'https://example.com/token'
async def assert_func(request):
content = await request.body()
content = content.decode()
assert 'username=v' in content
assert 'scope=profile' in content
assert 'grant_type=password' in content
app = AsyncMockDispatch(default_token, assert_func=assert_func)
async with AsyncOAuth2Client('foo', scope='profile', app=app) as sess:
token = await sess.fetch_token(url, username='******', password='******')
assert token == default_token
token = await sess.fetch_token(url,
username='******',
password='******',
grant_type='password')
assert token == default_token
async def test_token_auth_method_client_secret_post():
url = 'https://example.com/token'
async def assert_func(request):
content = await request.body()
content = content.decode()
assert 'code=v' in content
assert 'client_id=' in content
assert 'client_secret=bar' in content
assert 'grant_type=authorization_code' in content
mock_response = AsyncMockDispatch(default_token, assert_func=assert_func)
async with AsyncOAuth2Client(
'foo',
'bar',
token_endpoint_auth_method='client_secret_post',
app=mock_response) as client:
token = await client.fetch_token(url, code='v')
assert token == default_token
async def test_get_via_query():
mock_response = AsyncMockDispatch(b'hello')
async with AsyncOAuth1Client(
'id',
'secret',
token='foo',
token_secret='bar',
signature_type=SIGNATURE_TYPE_QUERY,
app=mock_response,
) as client:
response = await client.get('https://example.com/')
assert response.content == b'hello'
request = response.request
auth_header = request.headers.get('authorization')
assert auth_header is None
url = str(request.url)
assert 'oauth_token=foo' in url
assert 'oauth_consumer_key=id' in url
assert 'oauth_signature=' in url
async def test_auto_refresh_token4():
async def _update_token(token, refresh_token=None, access_token=None):
await asyncio.sleep(
0.1) # artificial sleep to force other coroutines to wake
update_token = mock.Mock(side_effect=_update_token)
old_token = dict(access_token='a', token_type='bearer', expires_at=100)
app = AsyncMockDispatch(default_token)
async with AsyncOAuth2Client(
'foo',
token=old_token,
token_endpoint='https://i.b/token',
update_token=update_token,
grant_type='client_credentials',
app=app,
) as client:
coroutines = [client.get('https://i.b/user') for x in range(10)]
await asyncio.gather(*coroutines)
update_token.assert_called_once()
async def test_fetch_request_token_via_query():
request_token = {'oauth_token': '1', 'oauth_token_secret': '2'}
async def assert_func(request):
auth_header = request.headers.get('authorization')
assert auth_header is None
url = str(request.url)
assert 'oauth_consumer_key=id' in url
assert '&oauth_signature=' in url
mock_response = AsyncMockDispatch(request_token, assert_func=assert_func)
async with AsyncOAuth1Client(
'id',
'secret',
signature_type=SIGNATURE_TYPE_QUERY,
app=mock_response,
) as client:
response = await client.fetch_request_token(oauth_url)
assert response == request_token
async def test_get_via_body():
async def assert_func(request):
content = await request.body()
assert b'oauth_token=foo' in content
assert b'oauth_consumer_key=id' in content
assert b'oauth_signature=' in content
mock_response = AsyncMockDispatch(b'hello', assert_func=assert_func)
async with AsyncOAuth1Client(
'id',
'secret',
token='foo',
token_secret='bar',
signature_type=SIGNATURE_TYPE_BODY,
app=mock_response,
) as client:
response = await client.post('https://example.com/')
assert response.content == b'hello'
request = response.request
auth_header = request.headers.get('authorization')
assert auth_header is None
async def test_fetch_token_get():
url = 'https://example.com/token'
async def assert_func(request):
url = str(request.url)
assert 'code=v' in url
assert 'client_id=' in url
assert 'grant_type=authorization_code' in url
mock_response = AsyncMockDispatch(default_token, assert_func=assert_func)
async with AsyncOAuth2Client('foo', app=mock_response) as client:
authorization_response = 'https://i.b/?code=v'
token = await client.fetch_token(
url, authorization_response=authorization_response, method='GET')
assert token == default_token
async with AsyncOAuth2Client('foo',
token_endpoint_auth_method='none',
app=mock_response) as client:
token = await client.fetch_token(url, code='v', method='GET')
assert token == default_token
token = await client.fetch_token(url + '?q=a', code='v', method='GET')
assert token == default_token
async def test_fetch_access_token():
request_token = {'oauth_token': '1', 'oauth_token_secret': '2'}
async def assert_func(request):
auth_header = request.headers.get('authorization')
assert 'oauth_verifier="d"' in auth_header
assert 'oauth_token="foo"' in auth_header
assert 'oauth_consumer_key="id"' in auth_header
assert 'oauth_signature=' in auth_header
mock_response = AsyncMockDispatch(request_token, assert_func=assert_func)
async with AsyncOAuth1Client(
'id',
'secret',
token='foo',
token_secret='bar',
app=mock_response,
) as client:
with pytest.raises(OAuthError):
await client.fetch_access_token(oauth_url)
response = await client.fetch_access_token(oauth_url, verifier='d')
assert response == request_token
async def test_request_without_token():
async with AsyncOAuth2Client('a', app=AsyncMockDispatch()) as client:
with pytest.raises(OAuthError):
await client.get('https://i.b/token')