def test_unauthenticated_userid_passes_token_to_extractor_functions(self, jwt, api_token):
policy = TokenAuthenticationPolicy()
api_token.return_value = None
jwt.return_value = None
request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'})
policy.unauthenticated_userid(request)
api_token.assert_called_once_with('f00ba12')
jwt.assert_called_once_with('f00ba12', request)
def test_unauthenticated_userid_passes_token_to_extractor_functions(
self, jwt, api_token):
policy = TokenAuthenticationPolicy()
api_token.return_value = None
jwt.return_value = None
request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'})
policy.unauthenticated_userid(request)
api_token.assert_called_once_with('f00ba12')
jwt.assert_called_once_with('f00ba12', request)
def test_unauthenticated_userid_returns_userid_from_token(self, pyramid_request):
policy = TokenAuthenticationPolicy()
pyramid_request.auth_token = 'valid123'
result = policy.unauthenticated_userid(pyramid_request)
assert result == 'acct:[email protected]'
def test_unauthenticated_userid_returns_userid_from_token(self, fake_token, pyramid_request):
policy = TokenAuthenticationPolicy()
pyramid_request.auth_token = fake_token
result = policy.unauthenticated_userid(pyramid_request)
assert result == "acct:[email protected]"
def test_unauthenticated_userid_returns_none_if_token_invalid(self, pyramid_request, token_service):
policy = TokenAuthenticationPolicy()
token_service.validate.return_value = None
pyramid_request.auth_token = 'abcd123'
result = policy.unauthenticated_userid(pyramid_request)
assert result is None
def test_unauthenticated_userid_returns_none_if_token_invalid(self, pyramid_request):
policy = TokenAuthenticationPolicy()
token = DummyToken(valid=False)
pyramid_request.auth_token = token
result = policy.unauthenticated_userid(pyramid_request)
assert result is None
def test_unauthenticated_userid_returns_none_if_neither_token_valid(self, jwt, api_token):
policy = TokenAuthenticationPolicy()
api_token.return_value = None
jwt.return_value = None
request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'})
result = policy.unauthenticated_userid(request)
assert result is None
def test_unauthenticated_userid_returns_userid_from_jwt_as_fallback(self, jwt, api_token):
policy = TokenAuthenticationPolicy()
api_token.return_value = None
jwt.return_value = 'acct:[email protected]'
request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'})
result = policy.unauthenticated_userid(request)
assert result == 'acct:[email protected]'
def test_unauthenticated_userid_returns_none_if_token_invalid(
self, pyramid_request):
policy = TokenAuthenticationPolicy()
token = DummyToken(valid=False)
pyramid_request.auth_token = token
result = policy.unauthenticated_userid(pyramid_request)
assert result is None
def test_unauthenticated_userid_returns_userid_from_api_token_if_present(self, jwt, api_token, pyramid_request):
policy = TokenAuthenticationPolicy()
api_token.return_value = 'acct:[email protected]'
jwt.return_value = 'acct:[email protected]'
pyramid_request.headers = {'Authorization': 'Bearer f00ba12'}
result = policy.unauthenticated_userid(pyramid_request)
assert result == 'acct:[email protected]'
def test_unauthenticated_userid_returns_userid_from_query_params_token(self, pyramid_request):
"""When the path is `/ws` then we look into the query string parameters as well."""
policy = TokenAuthenticationPolicy()
pyramid_request.GET['access_token'] = 'valid123'
pyramid_request.path = '/ws'
result = policy.unauthenticated_userid(pyramid_request)
assert result == 'acct:[email protected]'
def test_unauthenticated_userid_returns_none_for_invalid_query_param_token(self, pyramid_request):
"""When the path is `/ws` but the token is invalid, it should still return None."""
policy = TokenAuthenticationPolicy()
pyramid_request.GET['access_token'] = 'expired'
pyramid_request.path = '/ws'
result = policy.unauthenticated_userid(pyramid_request)
assert result is None
def test_unauthenticated_userid_returns_none_if_neither_token_valid(
self, jwt, api_token):
policy = TokenAuthenticationPolicy()
api_token.return_value = None
jwt.return_value = None
request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'})
result = policy.unauthenticated_userid(request)
assert result is None
def test_unauthenticated_userid_returns_userid_from_jwt_as_fallback(
self, jwt, api_token):
policy = TokenAuthenticationPolicy()
api_token.return_value = None
jwt.return_value = 'acct:[email protected]'
request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'})
result = policy.unauthenticated_userid(request)
assert result == 'acct:[email protected]'
def test_unauthenticated_userid_skips_query_param_for_non_ws_requests(self, pyramid_request):
"""
When we have a valid token in the `access_token` query param, but it's
not a request to /ws, then we should ignore this access token.
"""
policy = TokenAuthenticationPolicy()
pyramid_request.GET['access_token'] = 'valid123'
pyramid_request.path = '/api'
result = policy.unauthenticated_userid(pyramid_request)
assert result is None
def test_unauthenticated_userid_is_none_if_header_incorrectly_formatted(self, pyramid_request, value):
policy = TokenAuthenticationPolicy()
pyramid_request.headers = {'Authorization': value}
assert policy.unauthenticated_userid(pyramid_request) is None
def test_unauthenticated_userid_is_none_if_header_missing(self):
policy = TokenAuthenticationPolicy()
request = DummyRequest()
assert policy.unauthenticated_userid(request) is None
def test_unauthenticated_userid_is_none_if_no_token(self, pyramid_request):
policy = TokenAuthenticationPolicy()
assert policy.unauthenticated_userid(pyramid_request) is None
def test_unauthenticated_userid_is_none_if_no_token(self, pyramid_request):
policy = TokenAuthenticationPolicy()
assert policy.unauthenticated_userid(pyramid_request) is None
def test_unauthenticated_userid_is_none_if_header_incorrectly_formatted(self, value):
policy = TokenAuthenticationPolicy()
request = DummyRequest(headers={'Authorization': value})
assert policy.unauthenticated_userid(request) is None
def test_unauthenticated_userid_is_none_if_header_incorrectly_formatted(
self, value):
policy = TokenAuthenticationPolicy()
request = DummyRequest(headers={'Authorization': value})
assert policy.unauthenticated_userid(request) is None
def test_unauthenticated_userid_is_none_if_header_missing(self):
policy = TokenAuthenticationPolicy()
request = DummyRequest()
assert policy.unauthenticated_userid(request) is None
