def test_bearer_auth():
request = ResourceRequest(access_token="12345678")
authn = ""
assert bearer_auth(request, authn) == "12345678"
request = ResourceRequest()
authn = "Bearer abcdefghijklm"
assert bearer_auth(request, authn) == "abcdefghijklm"
request = ResourceRequest()
authn = ""
with pytest.raises(ValueError):
bearer_auth(request, authn)
def test_construct(self, services):
_srv = services['accesstoken']
request = ResourceRequest(access_token="Sesame")
http_args = BearerBody().construct(request, service=_srv)
assert request["access_token"] == "Sesame"
assert http_args is None
def test_construct_with_token(self, services):
authz_service = services['authorization']
_state = authz_service.create_state('Issuer')
req = AuthorizationRequest(state=_state,
response_type='code',
redirect_uri='https://example.com',
scope=['openid'])
authz_service.store_item(req, 'auth_request', _state)
# Add a state and bind a code to it
resp1 = AuthorizationResponse(code="auth_grant", state=_state)
response = services['authorization'].parse_response(
resp1.to_urlencoded(), "urlencoded")
services['authorization'].update_service_context(response, key=_state)
# based on state find the code and then get an access token
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer",
expires_in=0,
state=_state)
response = services['accesstoken'].parse_response(
resp2.to_urlencoded(), "urlencoded")
services['accesstoken'].update_service_context(response, key=_state)
# and finally use the access token, bound to a state, to
# construct the authorization header
http_args = BearerHeader().construct(ResourceRequest(),
services['accesstoken'],
key=_state)
assert http_args == {"headers": {"Authorization": "Bearer token1"}}
def test_construct(self, entity):
_token_service = entity.client_get("service", 'accesstoken')
request = ResourceRequest(access_token="Sesame")
http_args = BearerBody().construct(request, service=_token_service)
assert request["access_token"] == "Sesame"
assert http_args is None
def test_construct_with_resource_request(self):
bh = BearerHeader()
request = ResourceRequest(access_token="Sesame")
http_args = bh.construct(request, service=get_service())
assert "access_token" not in request
assert http_args == {"headers": {"Authorization": "Bearer Sesame"}}
def test_construct(self, entity):
request = ResourceRequest(access_token="Sesame")
bh = BearerHeader()
http_args = bh.construct(request,
service=entity.client_get(
"service", "accesstoken"))
assert http_args == {"headers": {"Authorization": "Bearer Sesame"}}
def test_construct_with_http_args(self):
request = ResourceRequest(access_token="Sesame")
bh = BearerHeader()
# Any HTTP args should just be passed on
http_args = bh.construct(request,
service=get_service(),
http_args={"foo": "bar"})
assert _eq(http_args.keys(), ["foo", "headers"])
assert http_args["headers"] == {"Authorization": "Bearer Sesame"}
def test_construct_with_headers_in_http_args(self):
request = ResourceRequest(access_token="Sesame")
bh = BearerHeader()
http_args = bh.construct(request,
service=get_service(),
http_args={"headers": {
"x-foo": "bar"
}})
assert _eq(http_args.keys(), ["headers"])
assert _eq(http_args["headers"].keys(), ["Authorization", "x-foo"])
assert http_args["headers"]["Authorization"] == "Bearer Sesame"
def test_construct_with_state(self, services):
_srv = services['authorization']
_srv.state_db['FFFFF'] = State(iss='Issuer').to_json()
resp = AuthorizationResponse(code="code", state="FFFFF")
_srv.store_item(resp, 'auth_response', 'FFFFF')
atr = AccessTokenResponse(access_token="2YotnFZFEjr1zCsicMWpAA",
token_type="example",
refresh_token="tGzv3JOkF0XG5Qx2TlKWIA",
example_parameter="example_value",
scope=["inner", "outer"])
_srv.store_item(atr, 'token_response', 'FFFFF')
request = ResourceRequest()
http_args = BearerBody().construct(request, service=_srv, key="FFFFF")
assert request["access_token"] == "2YotnFZFEjr1zCsicMWpAA"
assert http_args is None
def test_construct_with_request(self, services):
authz_service = services['authorization']
authz_service.state_db.set('EEEE', State(iss='Issuer').to_json())
resp1 = AuthorizationResponse(code="auth_grant", state="EEEE")
response = authz_service.parse_response(resp1.to_urlencoded(),
"urlencoded")
authz_service.update_service_context(response, key='EEEE')
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer",
expires_in=0,
state="EEEE")
response = services['accesstoken'].parse_response(
resp2.to_urlencoded(), "urlencoded")
services['accesstoken'].update_service_context(response, key='EEEE')
request = ResourceRequest()
BearerBody().construct(request, service=authz_service, key="EEEE")
assert "access_token" in request
assert request["access_token"] == "token1"
def test_construct_with_state(self, entity):
_auth_service = entity.client_get("service", 'authorization')
_cntx = _auth_service.client_get("service_context")
_key = _cntx.state.create_state(iss='Issuer')
resp = AuthorizationResponse(code="code", state=_key)
_cntx.state.store_item(resp, 'auth_response', _key)
atr = AccessTokenResponse(access_token="2YotnFZFEjr1zCsicMWpAA",
token_type="example",
refresh_token="tGzv3JOkF0XG5Qx2TlKWIA",
example_parameter="example_value",
scope=["inner", "outer"])
_cntx.state.store_item(atr, 'token_response', _key)
request = ResourceRequest()
http_args = BearerBody().construct(request,
service=_auth_service,
key=_key)
assert request["access_token"] == "2YotnFZFEjr1zCsicMWpAA"
assert http_args is None
def test_construct_with_request(self, entity):
authz_service = entity.client_get("service", 'authorization')
_cntx = authz_service.client_get("service_context")
_key = _cntx.state.create_state(iss='Issuer')
resp1 = AuthorizationResponse(code="auth_grant", state=_key)
response = authz_service.parse_response(resp1.to_urlencoded(),
"urlencoded")
authz_service.update_service_context(response, key=_key)
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer",
expires_in=0,
state=_key)
_token_service = entity.client_get("service", 'accesstoken')
response = _token_service.parse_response(resp2.to_urlencoded(),
"urlencoded")
_token_service.update_service_context(response, key=_key)
request = ResourceRequest()
BearerBody().construct(request, service=authz_service, key=_key)
assert "access_token" in request
assert request["access_token"] == "token1"