def test_authorize_authorizes_user(self):
username = "******"
password = "******"
user = self.user_manager.create(UsernameTicket(username),
PasswordTicket(password),
NameTicket("First", "Last"))
pool_ticket = PoolTicket("MY_APP")
secret = pool_ticket.get_secret()
access_id = pool_ticket.get_access_id()
pool = self.pool_manager.create(pool_ticket)
self.user_pool_manager.add(pool.get_id(), user.get_id())
token = self.auth_pool_manager.authorize(access_id, secret, username,
password)
token_decoded = jwt.decode(token.get_token(),
secret,
algorithms=["HS256"])
self.assertEqual(4, len(token_decoded.items()))
self.assertEqual(user.get_uuid(), token_decoded["uuid"])
self.assertEqual(user.get_username(), token_decoded["username"])
self.assertEqual(user.get_first_name(), token_decoded["first_name"])
self.assertEqual(user.get_last_name(), token_decoded["last_name"])
def test_authorize_fails_when_not_pool_user(self):
username = "******"
password = "******"
self.user_manager.create(UsernameTicket(username),
PasswordTicket(password),
NameTicket("First", "Last"))
pool_ticket = PoolTicket("MY_APP")
secret = pool_ticket.get_secret()
access_id = pool_ticket.get_access_id()
self.pool_manager.create(pool_ticket)
with self.assertRaises(AuthPoolUserNotFoundError):
self.auth_pool_manager.authorize(access_id, secret, username,
password)
self.fail("Did not fail on missing pool user")
def create(self, pool_ticket: PoolTicket) -> Pool:
""" Create pool
Args:
pool_ticket (PoolTicket): Contains generated access ID and secret
Returns:
Pool
"""
result = self.__pool_data.insert(
const=pool_ticket.get_const(),
status_id=self.__statuses.ACTIVE.get_id(),
access_id=pool_ticket.get_access_id(),
secret=self.__encrypt_secret(pool_ticket.get_secret())
)
if not result.get_status():
raise PoolCreateError("Could not create pool")
return self.get(result.get_insert_id())