def test_invalid_authorization_header(self): """Test invalid authorization header.""" with self.assertRaises(helpers.UnauthorizedException) as cm: handler.get_email_and_access_token('ReceiverAccessToken') self.assertEqual(401, cm.exception.status) self.assertEqual( 'The Authorization header is invalid. It should have been started with' " 'Bearer '.", str(cm.exception)) self.assertEqual(0, self.mock.get.call_count)
def test_invalid_json(self): """Test invalid json.""" self.mock.get.return_value = mock.Mock(status_code=200, text='test') with self.assertRaises(helpers.EarlyExitException) as cm: handler.get_email_and_access_token('Bearer AccessToken') self.assertEqual(500, cm.exception.status) self.assertEqual('Parsing the JSON response body failed: test', str(cm.exception)) self._assert_requests_get_call()
def test_bad_status(self): """Test bad status.""" self.mock.get.return_value = mock.Mock(status_code=403) with self.assertRaises(helpers.UnauthorizedException) as cm: handler.get_email_and_access_token('Bearer AccessToken') self.assertEqual(401, cm.exception.status) self.assertEqual( ('Failed to authorize. The Authorization header (Bearer AccessToken)' ' might be invalid.'), str(cm.exception)) self._assert_requests_get_call()
def test_unverified_email(self): """Test unverified email.""" self.mock.get.return_value = mock.Mock( status_code=200, text=json.dumps({ 'aud': 'ClientId', 'email': '*****@*****.**', 'email_verified': False })) with self.assertRaises(helpers.EarlyExitException) as cm: handler.get_email_and_access_token('Bearer AccessToken') self.assertEqual(401, cm.exception.status) self.assertIn('The email ([email protected]) is not verified', str(cm.exception)) self._assert_requests_get_call()
def test_unverified_email(self): """Test unverified email.""" self.mock.fetch.return_value = mock.Mock( status_code=200, content=json.dumps({ 'aud': self.test_clusterfuzz_tools_oauth_client_id, 'email': '*****@*****.**', 'email_verified': False })) with self.assertRaises(helpers.EarlyExitException) as cm: handler.get_email_and_access_token('Bearer AccessToken') self.assertEqual(401, cm.exception.status) self.assertIn('The email ([email protected]) is not verified', cm.exception.message) self._assert_fetch_call()
def test_invalid_client_id(self): """Test the invalid client id.""" self.mock.get.return_value = mock.Mock( status_code=200, text=json.dumps({ 'aud': 'InvalidClientId', 'email': '*****@*****.**', 'email_verified': False })) with self.assertRaises(helpers.EarlyExitException) as cm: handler.get_email_and_access_token('Bearer AccessToken') self.assertEqual(401, cm.exception.status) self.assertIn( "The access token doesn't belong to one of the allowed OAuth clients", str(cm.exception)) self._assert_requests_get_call()
def test_allowed_bearer(self): """Test allowing Bearer.""" for aud in self.test_whitelisted_oauth_client_ids: self.mock.get.return_value = mock.Mock( status_code=200, text=json.dumps({ 'aud': aud, 'email': '*****@*****.**', 'email_verified': True })) email, token = handler.get_email_and_access_token('Bearer AccessToken') self.assertEqual('*****@*****.**', email) self.assertEqual('Bearer AccessToken', token) self._assert_requests_get_call()
def test_allow_whitelised_accounts(self): """Test allow compute engine service account.""" for email in self.test_whitelisted_oauth_emails: self.mock.get.reset_mock() self.mock.get.return_value = mock.Mock( status_code=200, text=json.dumps({ 'email_verified': True, 'email': email })) returned_email, token = handler.get_email_and_access_token( 'Bearer AccessToken') self.assertEqual(email, returned_email) self.assertEqual('Bearer AccessToken', token) self._assert_requests_get_call()
def test_allowed_verification_code(self): """Test allowing VerificationCode.""" self.mock.get.return_value = mock.Mock( status_code=200, text=json.dumps({ 'aud': 'ClientId', 'email': '*****@*****.**', 'email_verified': True })) self.mock.get_access_token.return_value = 'AccessToken' email, token = handler.get_email_and_access_token('VerificationCode Verify') self.assertEqual('*****@*****.**', email) self.assertEqual('Bearer AccessToken', token) self.assertEqual(1, self.mock.get_access_token.call_count) self.mock.get_access_token.assert_has_calls([mock.call('Verify')]) self._assert_requests_get_call()
def test_allowed_verification_code(self): """Test allowing VerificationCode.""" self.mock.fetch.return_value = mock.Mock( status_code=200, content=json.dumps({ 'aud': self.test_clusterfuzz_tools_oauth_client_id, 'email': '*****@*****.**', 'email_verified': True })) self.mock.get_access_token.return_value = 'AccessToken' email, auth = handler.get_email_and_access_token('VerificationCode Verify') self.assertEqual('*****@*****.**', email) self.assertEqual('Bearer AccessToken', auth) self.assertEqual(1, self.mock.get_access_token.call_count) self.mock.get_access_token.assert_has_calls( [mock.call(verification_code='Verify')]) self._assert_fetch_call()