def test_calls_create_signature_properly_with_post_data(self, get_signature): signature = '4ZAQJqmWE_C9ozPkpJ3Owh0Z_DFtYkCdi4XAc-vOLtI=' get_signature.return_value = '4ZAQJqmWE_C9ozPkpJ3Owh0Z_DFtYkCdi4XAc-vOLtI=' url = "/my/path/?{}={}&{}={}".format( constants.CLIENT_ID_PARAM_NAME, 'apps-testclient', constants.SIGNATURE_PARAM_NAME, signature, ) request = test.client.RequestFactory().post(url, data={'username': '******'}) signed_view = signature_required(self.view) signed_view(request) get_signature.assert_called_once_with( TEST_PRIVATE_KEY, '/my/path/?__client_id=apps-testclient', dict(request.POST) )
def test_does_not_create_signature_with_multivalue_dict_to_prevent_data_loss(self, get_signature): signature = '4ZAQJqmWE_C9ozPkpJ3Owh0Z_DFtYkCdi4XAc-vOLtI=' get_signature.return_value = '4ZAQJqmWE_C9ozPkpJ3Owh0Z_DFtYkCdi4XAc-vOLtI=' url = "/my/path/?{}={}&{}={}".format( constants.CLIENT_ID_PARAM_NAME, 'apps-testclient', constants.SIGNATURE_PARAM_NAME, signature, ) request = test.client.RequestFactory().post(url, data={'usernames': ['t1', 't2', 't3']}) signed_view = signature_required(self.view) signed_view(request) expected_url = re.sub(r'&__signature={}$'.format(signature), '', unquote(request.get_full_path()), count=1) get_signature.assert_called_once_with(TEST_PRIVATE_KEY, expected_url, dict(request.POST)) posted_data = get_signature.mock_calls[0][1][2] self.assertEqual([('usernames', ['t1', 't2', 't3'])], list(posted_data.items()))
def test_calls_create_signature_properly_with_no_content_type(self, get_signature): signature = '4ZAQJqmWE_C9ozPkpJ3Owh0Z_DFtYkCdi4XAc-vOLtI=' get_signature.return_value = signature client = models.AuthorizedClient.objects.create(client_id='apps-testclient') request = test.client.RequestFactory().get("/my/path/?{}={}&{}={}".format( constants.CLIENT_ID_PARAM_NAME, client.client_id, constants.SIGNATURE_PARAM_NAME, signature, )) if 'CONTENT_TYPE' in request.META: del request.META['CONTENT_TYPE'] signed_view = signature_required(self.view) signed_view(request) call_url = unquote(request.get_full_path()) call_url = re.sub(r'&__signature={}$'.format(signature), '', call_url, count=1) get_signature.assert_called_once_with(client.private_key, call_url, {})