async def test_expired_token( server: AuthorizationServer, storage: Dict[str, List], defaults: Defaults ): settings = Settings() token = Token( client_id=defaults.client_id, expires_in=settings.TOKEN_EXPIRES_IN, access_token=generate_token(42), refresh_token=generate_token(48), issued_at=int(time.time() - settings.TOKEN_EXPIRES_IN), scope=defaults.scope, ) client_id = defaults.client_id client_secret = defaults.client_secret storage["tokens"].append(token) post = Post(token=token.access_token) request = Request( post=post, method=RequestMethod.POST, headers=encode_auth_headers(client_id, client_secret), ) response = await server.create_token_introspection_response(request) assert response.status_code == HTTPStatus.OK assert not response.content.active
async def test_expired_authorization_code(server: AuthorizationServer, defaults: Defaults, storage: Dict[str, List]): request_url = "https://localhost" settings = Settings() authorization_code = storage["authorization_codes"][0] storage["authorization_codes"][0] = set_values( authorization_code, {"auth_time": time.time() - settings.AUTHORIZATION_CODE_EXPIRES_IN}, ) post = Post( grant_type=GrantType.TYPE_AUTHORIZATION_CODE, redirect_uri=defaults.redirect_uri, code=storage["authorization_codes"][0].code, ) request = Request( url=request_url, post=post, method=RequestMethod.POST, headers=encode_auth_headers(defaults.client_id, defaults.client_secret), ) response = await server.create_token_response(request) assert response.status_code == HTTPStatus.BAD_REQUEST assert response.content.error == ErrorType.INVALID_GRANT
async def test_endpoint_availability(db_class: Type[BaseDB]): server = AuthorizationServer(db=db_class()) request = Request(method=RequestMethod.POST, settings=Settings(AVAILABLE=False)) response = await server.create_token_introspection_response(request) assert response.status_code == HTTPStatus.BAD_REQUEST assert response.content.error == ErrorType.TEMPORARILY_UNAVAILABLE
def get_aioauth_settings(): settings = get_settings() return Settings( TOKEN_EXPIRES_IN=settings.token_expires_in, AUTHORIZATION_CODE_EXPIRES_IN=settings.authorization_code_expires_in, INSECURE_TRANSPORT=settings.debug, )
def test_base_error_uri(): ERROR_URI = "https://google.com" request = Request(settings=Settings(ERROR_URI=ERROR_URI), method=RequestMethod.POST) try: raise InvalidClientError(request=request) except InvalidClientError as exc: assert urljoin(ERROR_URI, exc.error) == exc.error_uri
def test_is_secure_transport_insecure_transport_enabled(): request = Request( method=RequestMethod.GET, url="https://google.com", settings=Settings(INSECURE_TRANSPORT=True), ) is_secure = is_secure_transport(request=request) assert is_secure request = Request( method=RequestMethod.GET, url="https://google.com", settings=Settings(INSECURE_TRANSPORT=True), ) is_secure = is_secure_transport(request=request) assert is_secure
def storage(defaults: Defaults) -> Dict: settings = Settings() client = Client( client_id=defaults.client_id, client_secret=defaults.client_secret, grant_types=[ GrantType.TYPE_AUTHORIZATION_CODE, GrantType.TYPE_CLIENT_CREDENTIALS, GrantType.TYPE_REFRESH_TOKEN, GrantType.TYPE_PASSWORD, ], redirect_uris=[defaults.redirect_uri], response_types=[ResponseType.TYPE_CODE, ResponseType.TYPE_TOKEN], scope=defaults.scope, ) authorization_code = AuthorizationCode( code=defaults.code, client_id=defaults.client_id, response_type=ResponseType.TYPE_CODE, auth_time=int(time.time()), redirect_uri=defaults.redirect_uri, scope=defaults.scope, code_challenge_method=CodeChallengeMethod.PLAIN, ) token = Token( client_id=defaults.client_id, expires_in=settings.TOKEN_EXPIRES_IN, access_token=defaults.access_token, refresh_token=defaults.refresh_token, issued_at=int(time.time()), scope=defaults.scope, ) return { "tokens": [token], "authorization_codes": [authorization_code], "clients": [client], }
async def test_expired_refresh_token(server: AuthorizationServer, defaults: Defaults, storage: Dict[str, List]): settings = Settings() token = storage["tokens"][0] refresh_token = token.refresh_token storage["tokens"][0] = set_values( token, {"issued_at": time.time() - (settings.TOKEN_EXPIRES_IN * 2)}) request_url = "https://localhost" post = Post( grant_type=GrantType.TYPE_REFRESH_TOKEN, refresh_token=refresh_token, ) request = Request( url=request_url, post=post, method=RequestMethod.POST, headers=encode_auth_headers(defaults.client_id, defaults.client_secret), ) response = await server.create_token_response(request) assert response.status_code == HTTPStatus.BAD_REQUEST assert response.content.error == ErrorType.INVALID_GRANT