def test_successful_authentication(self): # Use REST proxy for testing rest = _RestProxyForTest() auth = Auth(rest) # Before authenticating, auth should reflect not logged in. self.assertEqual(auth.get_user(), '') self.assertEqual(auth.get_logged_in(), False) # A successful authentication should store token and set user to returned value. rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True}) auth.authenticate() self.assertEqual(auth.get_user(), '*****@*****.**') self.assertEqual(auth.get_logged_in(), True)
def test_unsuccessful_authentication(self): # Use REST proxy for testing rest = _RestProxyForTest() auth = Auth(rest) # Authenticate in order to fill in email/logged_in so that next test # can verify that these are cleared. rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True}) auth.authenticate() # An unsuccessful authentication should clear token and other values. # An example of the few ways that the server might reject a user. Others look # like this with different messages. server_error_on_bad_token = """ { "error": { "errors": [ { "domain": "global", "reason": "backendError", "message": "org.apache.shiro.authc.IncorrectCredentialsException" } ], "code": 503, "message": "org.apache.shiro.authc.IncorrectCredentialsException" } } """ rest.expect_get('/me', 503, json.loads(server_error_on_bad_token)) auth.authenticate() self.assertEqual(auth.get_user(), '') self.assertEqual(auth.get_logged_in(), False)
def test_authentication_empty_token(self): # Use REST proxy for testing rest = _RestProxyForTest() auth = Auth(rest) # Authenticate in order to fill in email/logged_in so that next test # can verify that these are cleared. rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True}) auth.authenticate() # Authentication with an empty token should be no problem and result in an empty # auth object. rest.expect_get('/me', 200, {"loggedIn": False}) auth.authenticate() self.assertEqual(auth.get_user(), '') self.assertEqual(auth.get_logged_in(), False)
def test_authentication_server_error(self): # Use REST proxy for testing rest = _RestProxyForTest() auth = Auth(rest) # Authenticate in order to fill in email/logged_in/token so that next test # can verify that these are not cleared. rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True}) auth.authenticate() # Authentication should throw on a non-200 response and leave auth contents # unchanged. rest.expect_get('/me', 404, {}) with self.assertRaises(RuntimeError): auth.authenticate() self.assertEqual(auth.get_user(), '*****@*****.**') self.assertEqual(auth.get_logged_in(), True)
with open(tokenFile, "a+") as f: f.seek(0) token = f.readline().replace('\n', '') try: if not auth.authorize(token): if auth.initial_authorization(): with open(tokenFile, "w") as f: f.write(auth.get_token()) except RuntimeError as e: print('Encountered server error while attempting to authorize: ' + str(e)) if auth.get_token() == "": print('Could not authorize user.') else: print('Welcome, ' + auth.get_user()) # auth.get_token() can now be used to authorize calls to other API methods. auth_rest = AuthorizingRestProxy(rest, auth.get_token()) # Get projects TODO: move this somewhere else projects = Projects(auth_rest) project = projects.new_project('ffffffff-ffff-ffff-ffff-ffffffffffff', None, "parent") child = projects.new_project(project.get_uuid(), None, "child") print('Current projects, including newly-created parent and child:') projects.print_projects() projects.delete_project(child.get_uuid()) projects.delete_project(project.get_uuid()) # Example inputs