def test_twitter_login(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=true&oauth_token=123456789'
res = self.testapp.get('/twitter/login')
self.assertEqual(res.status, '302 Found')
loc = 'https://api.twitter.com/oauth/authenticate?oauth_token=123456789'
self.assertEqual(res.location, loc)
# simulate an authentication error from Twitter
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 401
res = self.testapp.get('/twitter/login', status=401)
self.assertEqual(res.status, '401 Unauthorized')
# simulate an oauth_callback_confirmed=false
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=false'
res = self.testapp.get('/twitter/login', status=401)
self.assertEqual(res.status, '401 Unauthorized')
res.mustcontain('oauth_callback_confirmed is not true')
def test_twitter_login(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=true&oauth_token=123456789'
res = self.testapp.get('/twitter/login')
self.assertEqual(res.status, '302 Found')
loc = 'https://api.twitter.com/oauth/authenticate?oauth_token=123456789'
self.assertEqual(res.location, loc)
# simulate an authentication error from Twitter
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 401
res = self.testapp.get('/twitter/login', status=401)
self.assertEqual(res.status, '401 Unauthorized')
# simulate an oauth_callback_confirmed=false
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=false'
res = self.testapp.get('/twitter/login', status=401)
self.assertEqual(res.status, '401 Unauthorized')
res.mustcontain('oauth_callback_confirmed is not true')
def test_oauth2_step2(self):
token_uri = 'http://example.com/oauth2/token'
client_id = '1234'
client_secret = 'secret'
redirect_url = 'http://localhost/oauth2/callback'
scope = 'scope1 scope2'
request = DummyRequest()
response = oauth2_step2(request, token_uri, client_id, client_secret,
redirect_url, scope)
self.assertEqual(response.status, '400 Bad Request')
self.assertEqual(response.message, 'Missing required code')
request.params = {'code': 'abcdef'}
response = oauth2_step2(request, token_uri, client_id, client_secret,
redirect_url, scope)
self.assertEqual(response.status, '400 Bad Request')
self.assertEqual(response.message, 'Missing required state')
request.params['state'] = 'random-string'
response = oauth2_step2(request, token_uri, client_id, client_secret,
redirect_url, scope)
self.assertEqual(response.status, '401 Unauthorized')
self.assertEqual(
response.message,
'Missing internal state. You may be a victim of CSRF')
request.session = {'state': 'other-string'}
response = oauth2_step2(request, token_uri, client_id, client_secret,
redirect_url, scope)
self.assertEqual(response.status, '401 Unauthorized')
self.assertEqual(
response.message,
'State parameter does not match internal state. You may be a victim of CSRF'
)
with mock.patch('requests.post') as fake:
fake.return_value.status_code = 401
fake.return_value.text = 'Unauthorized request'
request.session['state'] = 'random-string'
response = oauth2_step2(request, token_uri, client_id,
client_secret, redirect_url, scope)
self.assertEqual(response.status, '401 Unauthorized')
self.assertEqual(response.message, 'Unauthorized request')
with mock.patch('requests.post') as fake:
fake.return_value.status_code = 200
fake.return_value.json = lambda: {'access_token': 'qwerty'}
request.session['state'] = 'random-string'
response = oauth2_step2(request, token_uri, client_id,
client_secret, redirect_url, scope)
self.assertEqual(response, 'qwerty')
with mock.patch('requests.post') as fake:
fake.return_value.status_code = 200
fake.return_value.json = lambda: None
fake.return_value.text = 'access_token=qwerty'
request.session['state'] = 'random-string'
response = oauth2_step2(request, token_uri, client_id,
client_secret, redirect_url, scope)
self.assertEqual(response, 'qwerty')
def test_get_user_info_non_authorized2(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.ok = True
response.json = lambda: {
'token_type': 'bearer',
'access_token': '1234567890',
}
with mock.patch('requests.get') as fake2:
response2 = fake2.return_value
response2.ok = False
self.assertRaises(HTTPUnauthorized, get_user_info,
self.settings, '1234')
def test_get_user_info_non_authorized2(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.ok = True
response.json = lambda: {
'token_type': 'bearer',
'access_token': '1234567890',
}
with mock.patch('requests.get') as fake2:
response2 = fake2.return_value
response2.ok = False
self.assertRaises(HTTPUnauthorized,
get_user_info, self.settings, '1234')
def test_persona_login(self):
res = self.testapp.get('/persona/login', status=405)
self.assertEqual(res.status, '405 Method Not Allowed')
res.mustcontain('Only POST is allowed')
res = self.testapp.post('/persona/login', status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('The assertion parameter is required')
with mock.patch('requests.post') as fake_post:
fake_post.return_value.ok = False
res = self.testapp.post(
'/persona/login', {
'assertion': 'test-assertion',
'next_url': 'http://localhost/oauth2/clients',
},
status=502)
self.assertEqual(res.status, '502 Bad Gateway')
res.mustcontain('Mozilla Persona verifier is not working properly')
with mock.patch('requests.post') as fake_post:
fake_post.return_value.ok = True
fake_post.return_value.json = lambda: {
'status': 'failure',
}
res = self.testapp.post(
'/persona/login', {
'assertion': 'test-assertion',
'next_url': 'http://localhost/oauth2/clients',
},
status=403)
self.assertEqual(res.status, '403 Forbidden')
res.mustcontain(
'Mozilla Persona verifier can not verify your identity')
with mock.patch('requests.post') as fake_post:
fake_post.return_value.ok = True
fake_post.return_value.json = lambda: {
'status': 'okay',
'email': '*****@*****.**',
}
res = self.testapp.post(
'/persona/login', {
'assertion': 'test-assertion',
'next_url': 'http://localhost/oauth2/clients',
})
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/register')
def test_express_checkout_details(self):
request = testing.DummyRequest()
pec = PayPalExpressCheckout(request)
self.assertEqual(pec.nvp_url, 'http://paypal.com/nvp')
self.assertEqual(pec.express_checkout_url,
'http://paypal.com/express_checkout')
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success&AMT=5.00&FIRSTNAME=John&LASTNAME=Doe&SHIPTOCITY=ExampleCity&SHIPTOCOUNTRYNAME=ExampleCountry&SHIPTOSTATE=ExampleState&SHIPTOSTREET=ExampleStreet&SHIPTOZIP=123456&[email protected]'
result = pec.get_express_checkout_details('123', '456')
fake.assert_called_with('http://paypal.com/nvp', data={
'METHOD': 'GetExpressCheckoutDetails',
'VERSION': '72.0',
'USER': '******',
'PWD': 'paypal_password',
'SIGNATURE': 'paypal_signature',
'TOKEN': '123',
'PAYERID': '456',
})
self.assertEqual(result, {
'amount': 5,
'firstname': 'John',
'lastname': 'Doe',
'city': 'ExampleCity',
'country': 'ExampleCountry',
'state': 'ExampleState',
'street': 'ExampleStreet',
'zip': '123456',
'email': '*****@*****.**',
})
def test_oauth2_step1(self):
with mock.patch('uuid.uuid4') as fake:
fake.return_value = 'random-string'
request = DummyRequest()
request.params = {'next_url': 'http://localhost/'}
request.session = {}
response = oauth2_step1(
request=request,
auth_uri='http://example.com/oauth2/auth',
client_id='1234',
redirect_url='http://localhost/oauth2/callback',
scope='scope1 scope2')
self.assertEqual(response.status, '302 Found')
url = urlparse.urlparse(response.location)
self.assertEqual(url.netloc, 'example.com')
self.assertEqual(url.path, '/oauth2/auth')
query = urlparse.parse_qs(url.query)
self.assertEqual(
query, {
'scope': ['scope1 scope2'],
'state': ['random-string'],
'redirect_uri': ['http://localhost/oauth2/callback'],
'response_type': ['code'],
'client_id': ['1234'],
})
self.assertEqual(request.session['next_url'], 'http://localhost/')
def test_get_user_info(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.ok = True
response.json = lambda: {
'token_type': 'bearer',
'access_token': '1234567890',
}
with mock.patch('requests.get') as fake2:
response2 = fake2.return_value
response2.ok = True
response2.json = lambda: {
'screen_name': 'John Doe',
}
info = get_user_info(self.settings, '1234')
self.assertEqual(info, {'screen_name': 'John Doe'})
def test_get_user_info_non_authorized(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.ok = False
self.assertRaises(HTTPUnauthorized,
get_user_info, self.settings, '1234')
def test_get_user_info(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.ok = True
response.json = lambda: {
'token_type': 'bearer',
'access_token': '1234567890',
}
with mock.patch('requests.get') as fake2:
response2 = fake2.return_value
response2.ok = True
response2.json = lambda: {
'screen_name': 'John Doe',
}
info = get_user_info(self.settings, '1234')
self.assertEqual(info, {'screen_name': 'John Doe'})
def test_get_user_info_non_authorized(self):
with mock.patch('requests.post') as fake:
response = fake.return_value
response.ok = False
self.assertRaises(HTTPUnauthorized, get_user_info, self.settings,
'1234')
def test_contributions_donate(self):
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success&TOKEN=123'
res = self.testapp.post('/contribute/donate', {
'amount': '5',
'submit': 'submit',
}, status=302)
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=123')
# USER, PWD, and SIGNATURE are Paypal testing values
# They are set in yithlibrary.testing.TestCase.setUp
fake.assert_called_with('https://api-3t.sandbox.paypal.com/nvp', data={
'METHOD': 'SetExpressCheckout',
'VERSION': '72.0',
'USER': '******',
'PWD': 'QFZCWN5HZM8VBG7Q',
'SIGNATURE': 'A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU',
'LOCALECODE': 'EN',
'PAYMENTREQUEST_0_ITEMAMT': 5,
'PAYMENTREQUEST_0_PAYMENTACTION': 'Sale',
'PAYMENTREQUEST_0_CURRENCYCODE': 'USD',
'PAYMENTREQUEST_0_AMT': 5,
'PAYMENTREQUEST_0_DESC': 'Donation',
'L_PAYMENTREQUEST_0_NAME0': 'Donation of $5',
'L_PAYMENTREQUEST_0_AMT0': 5,
'BRANDNAME': 'Yith Library',
'RETURNURL': 'http://localhost/contribute/paypal-success-callback',
'CANCELURL': 'http://localhost/contribute/paypal-cancel-callback',
})
def test_express_checkout_token(self):
request = testing.DummyRequest()
pec = PayPalExpressCheckout(request)
self.assertEqual(pec.nvp_url, 'http://paypal.com/nvp')
self.assertEqual(pec.express_checkout_url,
'http://paypal.com/express_checkout')
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success&TOKEN=123'
result = pec.get_express_checkout_token(5)
fake.assert_called_with('http://paypal.com/nvp', data={
'METHOD': 'SetExpressCheckout',
'VERSION': '72.0',
'USER': '******',
'PWD': 'paypal_password',
'SIGNATURE': 'paypal_signature',
'LOCALECODE': 'EN',
'PAYMENTREQUEST_0_ITEMAMT': 5,
'PAYMENTREQUEST_0_PAYMENTACTION': 'Sale',
'PAYMENTREQUEST_0_CURRENCYCODE': 'USD',
'PAYMENTREQUEST_0_AMT': 5,
'PAYMENTREQUEST_0_DESC': 'Donation',
'L_PAYMENTREQUEST_0_NAME0': 'Donation of $5',
'L_PAYMENTREQUEST_0_AMT0': 5,
'BRANDNAME': 'Yith Library',
'RETURNURL': 'http://example.com/contribute/paypal-success-callback',
'CANCELURL': 'http://example.com/contribute/paypal-cancel-callback',
})
self.assertEqual(result, '123')
self.assertEqual(
pec.get_express_checkout_url('123'),
'http://paypal.com/express_checkout?cmd=_express-checkout&token=123')
def sqlalchemy_setup(db_uri):
engine = create_engine(db_uri)
init_sqlalchemy(engine)
sqlalchemy_patcher = mock.patch('pyramid_sqlalchemy.includeme', includeme_test)
sqlalchemy_patcher.start()
return SQLAlchemyTestContext(engine, sqlalchemy_patcher)
def test_form_fail(self):
create_and_login_user(self.testapp, allow_google_analytics=False)
# make the form fail
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/preferences', {
'submit': 'Save Changes',
})
self.assertEqual(res.status, '200 OK')
def sqlalchemy_setup(db_uri):
engine = create_engine(db_uri)
init_sqlalchemy(engine)
sqlalchemy_patcher = mock.patch('pyramid_sqlalchemy.includeme',
includeme_test)
sqlalchemy_patcher.start()
return SQLAlchemyTestContext(engine, sqlalchemy_patcher)
def test_form_fail(self):
create_and_login_user(self.testapp, allow_google_analytics=False)
# make the form fail
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/preferences', {
'submit': 'Save Changes',
})
self.assertEqual(res.status, '200 OK')
def test_user_information_form_fail(self):
create_and_login_user(self.testapp)
# make the form fail
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/profile', {
'submit': 'Save Changes',
})
self.assertEqual(res.status, '200 OK')
def test_user_information_form_fail(self):
create_and_login_user(self.testapp)
# make the form fail
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/profile', {
'submit': 'Save Changes',
})
self.assertEqual(res.status, '200 OK')
def test_contributions_donate(self):
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success&TOKEN=123'
res = self.testapp.post('/contribute/donate', {
'amount': '5',
'submit': 'submit',
},
status=302)
self.assertEqual(res.status, '302 Found')
self.assertEqual(
res.location,
'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=123'
)
# USER, PWD, and SIGNATURE are Paypal testing values
# They are set in yithlibrary.testing.TestCase.setUp
fake.assert_called_with(
'https://api-3t.sandbox.paypal.com/nvp',
data={
'METHOD':
'SetExpressCheckout',
'VERSION':
'72.0',
'USER':
'******',
'PWD':
'QFZCWN5HZM8VBG7Q',
'SIGNATURE':
'A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU',
'LOCALECODE':
'EN',
'PAYMENTREQUEST_0_ITEMAMT':
5,
'PAYMENTREQUEST_0_PAYMENTACTION':
'Sale',
'PAYMENTREQUEST_0_CURRENCYCODE':
'USD',
'PAYMENTREQUEST_0_AMT':
5,
'PAYMENTREQUEST_0_DESC':
'Donation',
'L_PAYMENTREQUEST_0_NAME0':
'Donation of $5',
'L_PAYMENTREQUEST_0_AMT0':
5,
'BRANDNAME':
'Yith Library',
'RETURNURL':
'http://localhost/contribute/paypal-success-callback',
'CANCELURL':
'http://localhost/contribute/paypal-cancel-callback',
})
def test_destroy_form_fail(self):
create_and_login_user(self.testapp)
# make the form fail
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/destroy', {
'reason': '',
'submit': 'Yes, I am sure. Destroy my account',
})
self.assertEqual(res.status, '200 OK')
def test_get_user_info(self):
with mock.patch('requests.get') as fake:
fake.return_value.status_code = 401
fake.return_value.text = 'Unauthorized request'
response = get_user_info('http://example.com/info', 'qwerty')
self.assertEqual(response.status, '401 Unauthorized')
self.assertEqual(response.message, 'Unauthorized request')
with mock.patch('requests.get') as fake:
fake.return_value.status_code = 200
fake.return_value.json = lambda: {
'name': 'John',
'surname': 'Doe',
}
response = get_user_info('http://example.com/info', 'qwerty')
self.assertEqual(response, {
'name': 'John',
'surname': 'Doe',
})
def test_destroy_form_fail(self):
create_and_login_user(self.testapp)
# make the form fail
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post(
'/destroy', {
'reason': '',
'submit': 'Yes, I am sure. Destroy my account',
})
self.assertEqual(res.status, '200 OK')
def test_twitter_callback_failures(self):
res = self.testapp.get('/twitter/callback', status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('Missing required oauth_token')
res = self.testapp.get('/twitter/callback?oauth_token=123456789',
status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('Missing required oauth_verifier')
good_url = '/twitter/callback?oauth_token=123456789&oauth_verifier=abc'
res = self.testapp.get(good_url, status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('No oauth_token was found in the session')
# bad request because oauth tokens are different
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=true&oauth_token=987654321'
self.testapp.get('/twitter/login')
res = self.testapp.get(good_url, status=401)
self.assertEqual(res.status, '401 Unauthorized')
res.mustcontain("OAuth tokens don't match")
# good request, twitter is not happy with us
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=true&oauth_token=123456789'
self.testapp.get('/twitter/login')
response = fake.return_value
response.status_code = 401
response.text = 'Invalid token'
res = self.testapp.get(good_url, status=401)
self.assertEqual(res.status, '401 Unauthorized')
res.mustcontain('Invalid token')
def test_twitter_callback_failures(self):
res = self.testapp.get('/twitter/callback', status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('Missing required oauth_token')
res = self.testapp.get('/twitter/callback?oauth_token=123456789',
status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('Missing required oauth_verifier')
good_url = '/twitter/callback?oauth_token=123456789&oauth_verifier=abc'
res = self.testapp.get(good_url, status=400)
self.assertEqual(res.status, '400 Bad Request')
res.mustcontain('No oauth_token was found in the session')
# bad request because oauth tokens are different
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=true&oauth_token=987654321'
self.testapp.get('/twitter/login')
res = self.testapp.get(good_url, status=401)
self.assertEqual(res.status, '401 Unauthorized')
res.mustcontain("OAuth tokens don't match")
# good request, twitter is not happy with us
with mock.patch('requests.post') as fake:
response = fake.return_value
response.status_code = 200
response.text = 'oauth_callback_confirmed=true&oauth_token=123456789'
self.testapp.get('/twitter/login')
response = fake.return_value
response.status_code = 401
response.text = 'Invalid token'
res = self.testapp.get(good_url, status=401)
self.assertEqual(res.status, '401 Unauthorized')
res.mustcontain('Invalid token')
def test_register_new_user_form_failed(self):
self.testapp.post('/__session', {
'user_info__provider': 'twitter',
'user_info__external_id': '1234',
'user_info__screen_name': 'John Doe',
'user_info__first_name': 'John',
'user_info__last_name': 'Doe',
'user_info__email': '*****@*****.**',
}, status=302)
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/register', {
'submit': 'Register into Yith Library',
})
self.assertEqual(res.status, '200 OK')
def test_register_new_user_form_failed(self):
self.testapp.post('/__session', {
'user_info__provider': 'twitter',
'user_info__external_id': '1234',
'user_info__screen_name': 'John Doe',
'user_info__first_name': 'John',
'user_info__last_name': 'Doe',
'user_info__email': '*****@*****.**',
},
status=302)
with mock.patch('deform.Form.validate') as fake:
fake.side_effect = DummyValidationFailure('f', 'c', 'e')
res = self.testapp.post('/register', {
'submit': 'Register into Yith Library',
})
self.assertEqual(res.status, '200 OK')
def test_contributions_confirm_details(self):
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success&AMT=5.00&FIRSTNAME=John&LASTNAME=Doe&SHIPTOCITY=ExampleCity&SHIPTOCOUNTRYNAME=ExampleCountry&SHIPTOSTATE=ExampleState&SHIPTOSTREET=ExampleStreet&SHIPTOZIP=123456&[email protected]'
res = self.testapp.get('/contribute/paypal-success-callback?token=123&PayerID=456')
self.assertEqual(res.status, '200 OK')
res.mustcontain('John', 'Doe', 'ExampleCity', 'ExampleCountry',
'ExampleState', 'ExampleStreet', '123456')
fake.assert_called_with('https://api-3t.sandbox.paypal.com/nvp', data={
'METHOD': 'GetExpressCheckoutDetails',
'VERSION': '72.0',
'USER': '******',
'PWD': 'QFZCWN5HZM8VBG7Q',
'SIGNATURE': 'A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU',
'TOKEN': '123',
'PAYERID': '456',
})
def test_contributions_confirm_details(self):
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success&AMT=5.00&FIRSTNAME=John&LASTNAME=Doe&SHIPTOCITY=ExampleCity&SHIPTOCOUNTRYNAME=ExampleCountry&SHIPTOSTATE=ExampleState&SHIPTOSTREET=ExampleStreet&SHIPTOZIP=123456&[email protected]'
res = self.testapp.get(
'/contribute/paypal-success-callback?token=123&PayerID=456')
self.assertEqual(res.status, '200 OK')
res.mustcontain('John', 'Doe', 'ExampleCity', 'ExampleCountry',
'ExampleState', 'ExampleStreet', '123456')
fake.assert_called_with(
'https://api-3t.sandbox.paypal.com/nvp',
data={
'METHOD': 'GetExpressCheckoutDetails',
'VERSION': '72.0',
'USER': '******',
'PWD': 'QFZCWN5HZM8VBG7Q',
'SIGNATURE':
'A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU',
'TOKEN': '123',
'PAYERID': '456',
})
def test_express_checkout_payment(self):
request = testing.DummyRequest()
pec = PayPalExpressCheckout(request)
self.assertEqual(pec.nvp_url, 'http://paypal.com/nvp')
self.assertEqual(pec.express_checkout_url,
'http://paypal.com/express_checkout')
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success'
result = pec.do_express_checkout_payment('123', '456', 5)
fake.assert_called_with('http://paypal.com/nvp', data={
'METHOD': 'DoExpressCheckoutPayment',
'VERSION': '72.0',
'USER': '******',
'PWD': 'paypal_password',
'SIGNATURE': 'paypal_signature',
'TOKEN': '123',
'PAYERID': '456',
'LOCALECODE': 'EN',
'PAYMENTREQUEST_0_ITEMAMT': 5,
'PAYMENTREQUEST_0_PAYMENTACTION': 'Sale',
'PAYMENTREQUEST_0_CURRENCYCODE': 'USD',
'PAYMENTREQUEST_0_AMT': 5,
'PAYMENTREQUEST_0_DESC': 'Donation',
'L_PAYMENTREQUEST_0_NAME0': 'Donation of $5',
'L_PAYMENTREQUEST_0_AMT0': 5,
'BRANDNAME': 'Yith Library',
})
self.assertTrue(result)
# Simulate a failure
fake.return_value.ok = True
fake.return_value.text = 'ACK=Failure'
result = pec.do_express_checkout_payment('123', '456', 5)
self.assertFalse(result)
def test_contributions_confirm_success_with_user(self):
user, user_id = create_and_login_user(self.testapp)
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success'
self.assertEqual(Session.query(Donation).count(), 0)
res = self.testapp.post('/contribute/paypal-success-callback', {
'submit': 'Submit',
'token': '123',
'payerid': '456',
'amount': '10',
'firstname': 'John',
'lastname': 'Doe',
'city': 'ExampleCity',
'country': 'ExampleCountry',
'state': 'ExampleState',
'street': 'ExampleStreet',
'zip': '123456',
'email': '*****@*****.**',
},
status=302)
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/contribute')
session = self.get_session(res)
self.assertEqual(
session['_f_success'],
['Thank you very much for your great contribution'])
fake.assert_called_with(
'https://api-3t.sandbox.paypal.com/nvp',
data={
'METHOD': 'DoExpressCheckoutPayment',
'VERSION': '72.0',
'USER': '******',
'PWD': 'QFZCWN5HZM8VBG7Q',
'SIGNATURE':
'A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU',
'TOKEN': '123',
'PAYERID': '456',
'LOCALECODE': 'EN',
'PAYMENTREQUEST_0_ITEMAMT': 10,
'PAYMENTREQUEST_0_PAYMENTACTION': 'Sale',
'PAYMENTREQUEST_0_CURRENCYCODE': 'USD',
'PAYMENTREQUEST_0_AMT': 10,
'PAYMENTREQUEST_0_DESC': 'Donation',
'L_PAYMENTREQUEST_0_NAME0': 'Donation of $10',
'L_PAYMENTREQUEST_0_AMT0': 10,
'BRANDNAME': 'Yith Library',
})
res.request.registry = self.testapp.app.registry
mailer = get_mailer(res.request)
# a couple of emails are sent
self.assertEqual(len(mailer.outbox), 2)
self.assertEqual(mailer.outbox[0].subject,
'Thanks for your contribution!')
self.assertEqual(mailer.outbox[0].recipients, ['*****@*****.**'])
self.assertEqual(mailer.outbox[1].subject,
'A new donation was received!')
self.assertEqual(mailer.outbox[1].recipients,
['*****@*****.**', '*****@*****.**'])
# a new object in the database stores this donation
self.assertEqual(Session.query(Donation).count(), 1)
donation = Session.query(Donation).one()
self.assertEqual(donation.amount, 10)
self.assertEqual(donation.first_name, 'John')
self.assertEqual(donation.last_name, 'Doe')
self.assertEqual(donation.city, 'ExampleCity')
self.assertEqual(donation.country, 'ExampleCountry')
self.assertEqual(donation.state, 'ExampleState')
self.assertEqual(donation.street, 'ExampleStreet')
self.assertEqual(donation.zipcode, '123456')
self.assertEqual(donation.email, '*****@*****.**')
self.assertEqual(donation.creation,
datetime.datetime(2013, 1, 2, 10, 11, 2))
self.assertTrue(donation.send_sticker)
self.assertEqual(donation.user_id, user_id)
def test_contributions_confirm_success_with_user(self):
user, user_id = create_and_login_user(self.testapp)
with mock.patch('requests.post') as fake:
fake.return_value.ok = True
fake.return_value.text = 'ACK=Success'
self.assertEqual(Session.query(Donation).count(), 0)
res = self.testapp.post('/contribute/paypal-success-callback', {
'submit': 'Submit',
'token': '123',
'payerid': '456',
'amount': '10',
'firstname': 'John',
'lastname': 'Doe',
'city': 'ExampleCity',
'country': 'ExampleCountry',
'state': 'ExampleState',
'street': 'ExampleStreet',
'zip': '123456',
'email': '*****@*****.**',
}, status=302)
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/contribute')
session = self.get_session(res)
self.assertEqual(session['_f_success'], ['Thank you very much for your great contribution'])
fake.assert_called_with('https://api-3t.sandbox.paypal.com/nvp', data={
'METHOD': 'DoExpressCheckoutPayment',
'VERSION': '72.0',
'USER': '******',
'PWD': 'QFZCWN5HZM8VBG7Q',
'SIGNATURE': 'A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU',
'TOKEN': '123',
'PAYERID': '456',
'LOCALECODE': 'EN',
'PAYMENTREQUEST_0_ITEMAMT': 10,
'PAYMENTREQUEST_0_PAYMENTACTION': 'Sale',
'PAYMENTREQUEST_0_CURRENCYCODE': 'USD',
'PAYMENTREQUEST_0_AMT': 10,
'PAYMENTREQUEST_0_DESC': 'Donation',
'L_PAYMENTREQUEST_0_NAME0': 'Donation of $10',
'L_PAYMENTREQUEST_0_AMT0': 10,
'BRANDNAME': 'Yith Library',
})
res.request.registry = self.testapp.app.registry
mailer = get_mailer(res.request)
# a couple of emails are sent
self.assertEqual(len(mailer.outbox), 2)
self.assertEqual(mailer.outbox[0].subject,
'Thanks for your contribution!')
self.assertEqual(mailer.outbox[0].recipients,
['*****@*****.**'])
self.assertEqual(mailer.outbox[1].subject,
'A new donation was received!')
self.assertEqual(mailer.outbox[1].recipients,
['*****@*****.**', '*****@*****.**'])
# a new object in the database stores this donation
self.assertEqual(Session.query(Donation).count(), 1)
donation = Session.query(Donation).one()
self.assertEqual(donation.amount, 10)
self.assertEqual(donation.first_name, 'John')
self.assertEqual(donation.last_name, 'Doe')
self.assertEqual(donation.city, 'ExampleCity')
self.assertEqual(donation.country, 'ExampleCountry')
self.assertEqual(donation.state, 'ExampleState')
self.assertEqual(donation.street, 'ExampleStreet')
self.assertEqual(donation.zipcode, '123456')
self.assertEqual(donation.email, '*****@*****.**')
self.assertEqual(donation.creation,
datetime.datetime(2013, 1, 2, 10, 11, 2))
self.assertTrue(donation.send_sticker)
self.assertEqual(donation.user_id, user_id)
