def test_should_redirect_with_invalid_scope_error(): url = build_authorize_url({'client_id': 'invalid_scope', 'response_type': 'code', 'redirect_uri': 'http://callback'}) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params(resp, 'http://callback', 'invalid_scope', 'The requested scope is invalid, unknown, or malformed')
def test_should_redirect_with_temporarily_unavailable_error(): url = build_authorize_url({'client_id': 'temporarily_unavailable', 'response_type': 'code', 'redirect_uri': 'http://callback'}) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params(resp, 'http://callback', 'temporarily_unavailable', 'The authorization server is currently unable to handle the request')
def test_should_redirect_with_server_error_error(): url = build_authorize_url({'client_id': 'server_error', 'response_type': 'code', 'redirect_uri': 'http://callback'}) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params(resp, 'http://callback', 'server_error', 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request')
def test_should_redirect_with_unauthorized_client_error_if_client_id_cant_request_authorization(): url = build_authorize_url({'client_id': 'unauthorized-client', 'response_type': 'code', 'redirect_uri': 'http://callback'}) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params(resp, 'http://callback', 'unauthorized_client', 'The client is not authorized to request an authorization code using this method')
def test_should_redirect_with_invalid_scope_error(): url = build_authorize_url({ 'client_id': 'invalid_scope', 'response_type': 'code', 'redirect_uri': 'http://callback' }) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params( resp, 'http://callback', 'invalid_scope', 'The requested scope is invalid, unknown, or malformed')
def test_should_redirect_with_temporarily_unavailable_error(): url = build_authorize_url({ 'client_id': 'temporarily_unavailable', 'response_type': 'code', 'redirect_uri': 'http://callback' }) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params( resp, 'http://callback', 'temporarily_unavailable', 'The authorization server is currently unable to handle the request')
def test_should_redirect_with_server_error_error(): url = build_authorize_url({ 'client_id': 'server_error', 'response_type': 'code', 'redirect_uri': 'http://callback' }) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params( resp, 'http://callback', 'server_error', 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request' )
def test_should_redirect_with_unauthorized_client_error_if_client_id_cant_request_authorization( ): url = build_authorize_url({ 'client_id': 'unauthorized-client', 'response_type': 'code', 'redirect_uri': 'http://callback' }) resp = requests.get(url, allow_redirects=False) assert_error_redirect_params( resp, 'http://callback', 'unauthorized_client', 'The client is not authorized to request an authorization code using this method' )
def test_should_redirect_to_redirect_uri_with_access_denied_from_plugin(): # there is a plugin on 'authorization-GET' to ask for user permission # and a plugin on 'authorization-POST' to simulate a redirect to # success or error, if user allowed of denied # in this test, the user will be denied (see client_id) http = requests.session() url = build_authorize_url({'client_id': 'client-id-verify-access', 'response_type': 'code', 'redirect_uri': 'http://callback'}) resp = http.get(url) # make sure GET plugin overrides default redirect assert 200 == resp.status_code assert 'Hello resource owner, do you allow this client to access your resources?' in resp.content # simulares a POST denying access from user resp = http.post(url, data={'allow': 'no'}) assert_error_redirect_params(resp, 'http://callback', 'access_denied', 'The resource owner or authorization server denied the request')
def test_should_redirect_to_redirect_uri_with_access_denied_from_plugin(): # there is a plugin on 'authorization-GET' to ask for user permission # and a plugin on 'authorization-POST' to simulate a redirect to # success or error, if user allowed of denied # in this test, the user will be denied (see client_id) http = requests.session() url = build_authorize_url({ 'client_id': 'client-id-verify-access', 'response_type': 'code', 'redirect_uri': 'http://callback' }) resp = http.get(url) # make sure GET plugin overrides default redirect assert 200 == resp.status_code assert 'Hello resource owner, do you allow this client to access your resources?' in resp.content # simulares a POST denying access from user resp = http.post(url, data={'allow': 'no'}) assert_error_redirect_params( resp, 'http://callback', 'access_denied', 'The resource owner or authorization server denied the request')