def test_oauth2_authorize(self):
request = self.factory.get('/login')
request.session = self.factory.session
client = RemoteApp(
'dev',
client_id='dev',
client_secret='dev',
base_url='https://i.b/api',
access_token_url='https://i.b/token',
authorize_url='https://i.b/authorize',
)
rv = client.authorize_redirect(request, 'https://a.b/c')
self.assertEqual(rv.status_code, 302)
url = rv.get('Location')
self.assertIn('state=', url)
state = request.session['_dev_authlib_state_']
with mock.patch('requests.sessions.Session.send') as send:
send.return_value = mock_send_value(get_bearer_token())
request = self.factory.get('/authorize?state={}'.format(state))
request.session = self.factory.session
request.session['_dev_authlib_state_'] = state
token = client.authorize_access_token(request)
self.assertEqual(token['access_token'], 'a')
def test_oauth1_authorize(self):
request = self.factory.get('/login')
request.session = self.factory.session
client = RemoteApp(
'dev',
client_id='dev',
client_secret='dev',
request_token_url='https://i.b/reqeust-token',
base_url='https://i.b/api',
access_token_url='https://i.b/token',
authorize_url='https://i.b/authorize',
)
with mock.patch('requests.sessions.Session.send') as send:
send.return_value = mock_send_value(
'oauth_token=foo&oauth_verifier=baz')
resp = client.authorize_redirect(request)
self.assertEqual(resp.status_code, 302)
url = resp.get('Location')
self.assertIn('oauth_token=foo', url)
with mock.patch('requests.sessions.Session.send') as send:
send.return_value = mock_send_value(
'oauth_token=a&oauth_token_secret=b')
token = client.authorize_access_token(request)
self.assertEqual(token['oauth_token'], 'a')
def test_oauth2_authorize_code_challenge(self):
request = self.factory.get('/login')
request.session = self.factory.session
client = RemoteApp(
'dev',
client_id='dev',
base_url='https://i.b/api',
access_token_url='https://i.b/token',
authorize_url='https://i.b/authorize',
code_challenge_method='S256',
)
rv = client.authorize_redirect(request, 'https://a.b/c')
self.assertEqual(rv.status_code, 302)
url = rv.get('Location')
self.assertIn('state=', url)
self.assertIn('code_challenge=', url)
state = request.session['_dev_authlib_state_']
verifier = request.session['_dev_authlib_code_verifier_']
def fake_send(sess, req, **kwargs):
self.assertIn('code_verifier={}'.format(verifier), req.body)
return mock_send_value(get_bearer_token())
with mock.patch('requests.sessions.Session.send', fake_send):
request = self.factory.get('/authorize?state={}'.format(state))
request.session = self.factory.session
request.session['_dev_authlib_state_'] = state
request.session['_dev_authlib_code_verifier_'] = verifier
token = client.authorize_access_token(request)
self.assertEqual(token['access_token'], 'a')
def test_oauth2_access_token_with_post(self):
client = RemoteApp(
'dev',
client_id='dev',
client_secret='dev',
base_url='https://i.b/api',
access_token_url='https://i.b/token',
authorize_url='https://i.b/authorize',
)
payload = {'code': 'a', 'state': 'b'}
with mock.patch('requests.sessions.Session.send') as send:
send.return_value = mock_send_value(get_bearer_token())
request = self.factory.post('/token', data=payload)
request.session = self.factory.session
request.session['_dev_authlib_state_'] = 'b'
token = client.authorize_access_token(request)
self.assertEqual(token['access_token'], 'a')