def test_oauth2_client_credential_and_multiple_authentication_can_be_combined( token_cache, httpx_mock: HTTPXMock ): resource_owner_password_auth = httpx_auth.OAuth2ClientCredentials( "http://provide_access_token", client_id="test_user", client_secret="test_pwd" ) httpx_mock.add_response( method="POST", url="http://provide_access_token", json={ "access_token": "2YotnFZFEjr1zCsicMWpAA", "token_type": "example", "expires_in": 3600, "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", "example_parameter": "example_value", }, ) api_key_auth = httpx_auth.HeaderApiKey("my_provided_api_key") api_key_auth2 = httpx_auth.HeaderApiKey( "my_provided_api_key2", header_name="X-Api-Key2" ) header = get_header( httpx_mock, resource_owner_password_auth & (api_key_auth & api_key_auth2) ) assert header.get("Authorization") == "Bearer 2YotnFZFEjr1zCsicMWpAA" assert header.get("X-Api-Key") == "my_provided_api_key" assert header.get("X-Api-Key2") == "my_provided_api_key2"
def test_oauth2_pkce_and_multiple_authentication_can_be_combined( token_cache, httpx_mock: HTTPXMock, browser_mock: BrowserMock, monkeypatch ): monkeypatch.setattr(httpx_auth.authentication.os, "urandom", lambda x: b"1" * 63) pkce_auth = httpx_auth.OAuth2AuthorizationCodePKCE( "http://provide_code", "http://provide_access_token" ) tab = browser_mock.add_response( opened_url="http://provide_code?response_type=code&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F&code_challenge=5C_ph_KZ3DstYUc965SiqmKAA-ShvKF4Ut7daKd3fjc&code_challenge_method=S256", reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de", ) httpx_mock.add_response( method="POST", url="http://provide_access_token", json={ "access_token": "2YotnFZFEjr1zCsicMWpAA", "token_type": "example", "expires_in": 3600, "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", "example_parameter": "example_value", }, ) api_key_auth = httpx_auth.HeaderApiKey("my_provided_api_key") api_key_auth2 = httpx_auth.HeaderApiKey( "my_provided_api_key2", header_name="X-Api-Key2" ) header = get_header(httpx_mock, pkce_auth & (api_key_auth & api_key_auth2)) assert header.get("Authorization") == "Bearer 2YotnFZFEjr1zCsicMWpAA" assert header.get("X-Api-Key") == "my_provided_api_key" assert header.get("X-Api-Key2") == "my_provided_api_key2" tab.assert_success( "You are now authenticated on 163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de. You may close this tab." )
def test_basic_and_multiple_authentication_can_be_combined( token_cache, httpx_mock: HTTPXMock): basic_auth = httpx_auth.Basic("test_user", "test_pwd") api_key_auth2 = httpx_auth.HeaderApiKey("my_provided_api_key2", header_name="X-Api-Key2") api_key_auth3 = httpx_auth.HeaderApiKey("my_provided_api_key3", header_name="X-Api-Key3") header = get_header(httpx_mock, basic_auth & (api_key_auth2 & api_key_auth3)) assert header.get("Authorization") == "Basic dGVzdF91c2VyOnRlc3RfcHdk" assert header.get("X-Api-Key2") == "my_provided_api_key2" assert header.get("X-Api-Key3") == "my_provided_api_key3"
def test_multiple_auth_and_header_api_key_can_be_combined( token_cache, httpx_mock: HTTPXMock): api_key_auth = httpx_auth.HeaderApiKey("my_provided_api_key") api_key_auth2 = httpx_auth.HeaderApiKey("my_provided_api_key2", header_name="X-Api-Key2") api_key_auth3 = httpx_auth.HeaderApiKey("my_provided_api_key3", header_name="X-Api-Key3") header = get_header(httpx_mock, (api_key_auth & api_key_auth2) & api_key_auth3) assert header.get("X-Api-Key") == "my_provided_api_key" assert header.get("X-Api-Key2") == "my_provided_api_key2" assert header.get("X-Api-Key3") == "my_provided_api_key3"
def test_oauth2_authorization_code_and_api_key_authentication_can_be_combined( token_cache, httpx_mock: HTTPXMock, browser_mock: BrowserMock ): authorization_code_auth = httpx_auth.OAuth2AuthorizationCode( "http://provide_code", "http://provide_access_token" ) tab = browser_mock.add_response( opened_url="http://provide_code?response_type=code&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F", reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de", ) httpx_mock.add_response( method="POST", url="http://provide_access_token", json={ "access_token": "2YotnFZFEjr1zCsicMWpAA", "token_type": "example", "expires_in": 3600, "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", "example_parameter": "example_value", }, ) api_key_auth = httpx_auth.HeaderApiKey("my_provided_api_key") header = get_header(httpx_mock, authorization_code_auth & api_key_auth) assert header.get("Authorization") == "Bearer 2YotnFZFEjr1zCsicMWpAA" assert header.get("X-Api-Key") == "my_provided_api_key" tab.assert_success( "You are now authenticated on 163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de. You may close this tab." )
def test_basic_and_api_key_authentication_can_be_combined( httpx_mock: HTTPXMock): basic_auth = httpx_auth.Basic("test_user", "test_pwd") api_key_auth = httpx_auth.HeaderApiKey("my_provided_api_key") header = get_header(httpx_mock, basic_auth & api_key_auth) assert header.get("Authorization") == "Basic dGVzdF91c2VyOnRlc3RfcHdk" assert header.get("X-Api-Key") == "my_provided_api_key"
def test_oauth2_implicit_and_multiple_authentication_can_be_combined( token_cache, httpx_mock: HTTPXMock, browser_mock: BrowserMock ): implicit_auth = httpx_auth.OAuth2Implicit("http://provide_token") expiry_in_1_hour = datetime.datetime.utcnow() + datetime.timedelta(hours=1) token = create_token(expiry_in_1_hour) tab = browser_mock.add_response( opened_url="http://provide_token?response_type=token&state=42a85b271b7a652ca3cc4c398cfd3f01b9ad36bf9c945ba823b023e8f8b95c4638576a0e3dcc96838b838bec33ec6c0ee2609d62ed82480b3b8114ca494c0521&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F", reply_url="http://localhost:5000", data=f"access_token={token}&state=42a85b271b7a652ca3cc4c398cfd3f01b9ad36bf9c945ba823b023e8f8b95c4638576a0e3dcc96838b838bec33ec6c0ee2609d62ed82480b3b8114ca494c0521", ) api_key_auth = httpx_auth.HeaderApiKey("my_provided_api_key") api_key_auth2 = httpx_auth.HeaderApiKey( "my_provided_api_key2", header_name="X-Api-Key2" ) header = get_header(httpx_mock, implicit_auth & (api_key_auth & api_key_auth2)) assert header.get("Authorization") == f"Bearer {token}" assert header.get("X-Api-Key") == "my_provided_api_key" assert header.get("X-Api-Key2") == "my_provided_api_key2" tab.assert_success( "You are now authenticated on 42a85b271b7a652ca3cc4c398cfd3f01b9ad36bf9c945ba823b023e8f8b95c4638576a0e3dcc96838b838bec33ec6c0ee2609d62ed82480b3b8114ca494c0521. You may close this tab." )
def test_query_api_key_and_multiple_authentication_can_be_combined( token_cache, httpx_mock: HTTPXMock): api_key_auth = httpx_auth.QueryApiKey("my_provided_api_key") api_key_auth2 = httpx_auth.QueryApiKey("my_provided_api_key2", query_parameter_name="api_key2") api_key_auth3 = httpx_auth.HeaderApiKey("my_provided_api_key3", header_name="X-Api-Key3") # Mock a dummy response httpx_mock.add_response( url= "http://authorized_only?api_key=my_provided_api_key&api_key2=my_provided_api_key2", match_headers={"X-Api-Key3": "my_provided_api_key3"}) # Send a request to this dummy URL with authentication httpx.get("http://authorized_only", auth=api_key_auth + (api_key_auth2 + api_key_auth3))
def test_header_api_key_requires_an_api_key(): with pytest.raises(Exception) as exception_info: httpx_auth.HeaderApiKey(None) assert str(exception_info.value) == "API Key is mandatory."
def test_header_api_key_can_be_sent_in_a_custom_field_name(httpx_mock: HTTPXMock): auth = httpx_auth.HeaderApiKey("my_provided_api_key", "X-API-HEADER-KEY") assert get_header(httpx_mock, auth).get("X-Api-Header-Key") == "my_provided_api_key"
def test_header_api_key_is_sent_in_x_api_key_by_default(httpx_mock: HTTPXMock): auth = httpx_auth.HeaderApiKey("my_provided_api_key") assert get_header(httpx_mock, auth).get("X-Api-Key") == "my_provided_api_key"