def test_update_current_user(self):
# prepare token
token = OAuthToken(
access_token='current-user-access',
refresh_token='current-user-refresh',
token_type='Bearer',
scope='',
expires_in=3600,
)
token.user_id = 1
token.client_id = 1
db.session.add(token)
db.session.commit()
rv = self.client.patch(
'/api/users/me',
data=json.dumps({'description': 'unique_description'}),
headers={
'Authorization': 'Bearer current-user-access',
'Content-Type': 'application/json',
})
assert rv.status_code == 401
token.scope = 'user:write'
db.session.add(token)
db.session.commit()
rv = self.client.patch(
'/api/users/me',
data=json.dumps({'description': 'unique_description'}),
headers={
'Authorization': 'Bearer current-user-access',
'Content-Type': 'application/json',
})
assert b'unique_description' in rv.data
def test_update_current_user(self):
# prepare token
token = OAuthToken(
access_token='current-user-access',
refresh_token='current-user-refresh',
token_type='Bearer',
scope='',
expires_in=3600,
)
token.user_id = 1
token.client_id = 1
db.session.add(token)
db.session.commit()
rv = self.client.patch('/api/users/me', data=json.dumps({
'description': 'unique_description'
}), headers={
'Authorization': 'Bearer current-user-access',
'Content-Type': 'application/json',
})
assert rv.status_code == 401
token.scope = 'user:write'
db.session.add(token)
db.session.commit()
rv = self.client.patch('/api/users/me', data=json.dumps({
'description': 'unique_description'
}), headers={
'Authorization': 'Bearer current-user-access',
'Content-Type': 'application/json',
})
assert b'unique_description' in rv.data
def get_authorized_header(self, user_id=1, scope=""):
# prepare token
token = OAuthToken(
access_token=gen_salt(10), refresh_token=gen_salt(10), token_type="Bearer", scope=scope, expires_in=3600
)
token.user_id = user_id
token.client_id = 1
db.session.add(token)
db.session.commit()
return {"Authorization": "Bearer %s" % token.access_token, "Content-Type": "application/json"}
def test_oauth_token(self):
tok = OAuthToken(
access_token='double',
token_type='Bearer',
scope='',
expires_in=3600,
)
tok.user_id = 1
tok.client_id = 2
db.session.add(tok)
db.session.commit()
assert OAuthToken.query.get((2, 1)) is not None
assert OAuthToken.query.get((1, 2)) is None
tok = OAuthToken(
access_token='double2',
token_type='Bearer',
scope='',
expires_in=3600,
)
tok.user_id = 1
tok.client_id = 2
db.session.add(tok)
self.assertRaises(IntegrityError, db.session.commit)
def get_authorized_header(self, user_id=1, scope=''):
# prepare token
token = OAuthToken(
access_token=gen_salt(10),
refresh_token=gen_salt(10),
token_type='Bearer',
scope=scope,
expires_in=3600,
)
token.user_id = user_id
token.client_id = 1
db.session.add(token)
db.session.commit()
return {
'Authorization': 'Bearer %s' % token.access_token,
'Content-Type': 'application/json',
}
