def test_okta_verify_failure(self):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client._request.return_value = MFA_WAITING_RESPONSE
client.mfa_wait_loop = mock.MagicMock(name='mfa_wait_loop')
client.mfa_wait_loop.return_value = None
ret = client.okta_verify('123', 'token')
self.assertEquals(ret, None)
def test_init_args_values(self):
client = okta.Okta(organization='foo',
username='******',
password='******',
oktapreview=True)
self.assertEquals(client.base_url, 'https://foo.oktapreview.com')
self.assertEquals(client.username, 'bar')
self.assertEquals(client.password, 'baz')
def test_handle_push_factors_duo_auth(self):
client = okta.Okta('organization', 'username', 'password')
client.duo_auth = mock.MagicMock(name='duo_auth')
client.duo_auth.return_value = True
duo_factor = MFA_CHALLENGE_RESPONSE_DUO_AUTH['_embedded']['factors']
ret = client.handle_push_factors(duo_factor, 'token')
self.assertEqual(ret, True)
client.duo_auth.assert_has_calls([mock.call('abcd', 'token')])
def test_send_user_response_invalid_token(self):
client = okta.Okta('organization', 'username', 'password')
resp = requests.Response()
resp.status_code = 403
client._request = mock.MagicMock(name='_request')
client._request.side_effect = requests.exceptions.HTTPError(
response=resp)
ret = client.send_user_response('fid', 'token', '123456', 'passCode')
self.assertEqual(None, ret)
def test_set_token(self):
client = okta.Okta("organization", "username", "password")
client.session = mock.MagicMock(name="session")
client._request = mock.MagicMock()
client._request.return_value = {"id": "LongToken"}
client.set_token(SUCCESS_RESPONSE)
self.assertEqual(client.session_token, "LongToken")
client._request.assert_has_calls([
mock.call("/sessions", {"sessionToken": "XXXTOKENXXX"}),
], )
def test_auth_with_token(self):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client._request.side_effect = [SUCCESS_RESPONSE]
client.set_token = mock.MagicMock()
client.auth('token')
client._request.assert_has_calls(
[mock.call('/authn', {'stateToken': 'token'})])
def test_auth_trigger_duo_auth(self):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client.duo_auth = mock.MagicMock(name='duo_auth')
client._request.side_effect = [MFA_CHALLENGE_RESPONSE_DUO_AUTH]
ret = client.auth()
self.assertEquals(ret, None)
client.duo_auth.assert_has_calls([mock.call(123, 'abcd', 'token')])
def test_handle_push_factors_okta_verify(self):
client = okta.Okta('organization', 'username', 'password')
client.okta_verify = mock.MagicMock(name='okta_verify')
client.okta_verify.return_value = True
factor = MFA_CHALLENGE_RESPONSE_OKTA_VERIFY['_embedded']['factors']
ret = client.handle_push_factors(factor, 'token')
self.assertEqual(ret, True)
client.okta_verify.assert_has_calls([mock.call('abcd', 'token')])
def test_handle_response_factors_call(self):
client = okta.Okta('organization', 'username', 'password')
client.request_otp = mock.MagicMock()
with self.assertRaises(okta.PasscodeRequired):
client.handle_response_factors(
MFA_CHALLENGE_CALL_OTP['_embedded']['factors'],
'foo')
client.request_otp.assert_has_calls([
mock.call('abcd', 'foo', 'phone call')
])
def test_send_user_response_invalid_token(self):
client = okta.Okta("organization", "username", "password")
resp = requests.Response()
resp.status_code = 403
client._request = mock.MagicMock(name="_request")
client._request.side_effect = requests.exceptions.HTTPError(
response=resp, )
ret = client.send_user_response("fid", "token", "123456", "passCode")
self.assertEqual(None, ret)
def test_mfa_wait_loop_timeout(self):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client._request.side_effect = [
MFA_WAITING_RESPONSE,
KeyboardInterrupt
]
data = {'fid': '123', 'stateToken': 'token'}
ret = client.mfa_wait_loop(MFA_WAITING_RESPONSE, data, sleep=0)
self.assertEquals(ret, None)
def test_duo_auth_failure(self, duo_mock, process_mock, _web_mock,
_sleep_mock):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client._request.return_value = MFA_WAITING_RESPONSE
process_mock.start.return_value = None
client.mfa_wait_loop = mock.MagicMock(name='mfa_wait_loop')
client.mfa_wait_loop.return_value = None
ret = client.duo_auth('123', 'token')
self.assertEquals(ret, None)
def test_send_user_response_unknown_error(self):
client = okta.Okta("organization", "username", "password")
resp = requests.Response()
resp.status_code = 500
resp.body = "Something bad happened"
client._request = mock.MagicMock(name="_request")
client._request.side_effect = requests.exceptions.HTTPError(
response=resp, )
with self.assertRaises(okta.UnknownError):
client.send_user_response("fid", "token", "123456", "passCode")
def test_send_user_response_retries_exceeded(self):
client = okta.Okta("organization", "username", "password")
resp = requests.Response()
resp.status_code = 401
resp.body = "Too many failures"
client._request = mock.MagicMock(name="_request")
client._request.side_effect = requests.exceptions.HTTPError(
response=resp, )
with self.assertRaises(okta.UnknownError):
client.send_user_response("fid", "token", "123456", "passCode")
def test_set_token_skip_if_exists(self):
client = okta.Okta('organization', 'username', 'password')
client.session_token = 'woot'
client.session = mock.MagicMock(name='session')
client._request = mock.MagicMock()
client._request.return_value = {'id': 'LongToken'}
client.set_token(SUCCESS_RESPONSE)
self.assertEqual(client.session_token, 'woot')
assert not client._request.called
def test_set_token_skip_if_exists(self):
client = okta.Okta("organization", "username", "password")
client.session_token = "woot"
client.session = mock.MagicMock(name="session")
client._request = mock.MagicMock()
client._request.return_value = {"id": "LongToken"}
client.set_token(SUCCESS_RESPONSE)
self.assertEqual(client.session_token, "woot")
assert not client._request.called
def test_init_args_values(self):
client = okta.Okta(
organization="foo",
username="******",
password="******",
oktapreview=True,
)
self.assertEqual(client.base_url, "https://foo.oktapreview.com")
self.assertEqual(client.username, "bar")
self.assertEqual(client.password, "baz")
def test_auth_trigger_okta_verify_canceled(self):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client.okta_verify_with_push = mock.MagicMock(
name='okta_verify_with_push')
client.okta_verify_with_push.side_effect = KeyboardInterrupt
client._request.side_effect = [MFA_CHALLENGE_RESPONSE_OKTA_VERIFY]
with self.assertRaises(okta.UnknownError):
client.auth()
def test_mfa_wait_loop_timeout(self):
client = okta.Okta("organization", "username", "password")
client._request = mock.MagicMock(name="_request")
client._request.side_effect = [
MFA_WAITING_RESPONSE,
KeyboardInterrupt,
]
data = {"fid": "123", "stateToken": "token"}
with self.assertRaises(KeyboardInterrupt):
client.mfa_wait_loop(MFA_WAITING_RESPONSE, data, sleep=0)
def test_handle_response_factors_call(self):
client = okta.Okta("organization", "username", "password")
client.request_otp = mock.MagicMock()
with self.assertRaises(okta.PasscodeRequired):
client.handle_response_factors(
MFA_CHALLENGE_CALL_OTP["_embedded"]["factors"],
"foo",
)
client.request_otp.assert_has_calls([
mock.call("abcd", "foo", "phone call"),
], )
def test_auth_call_error(self):
client = okta.Okta("organization", "username", "password")
resp = requests.Response()
resp.status_code = 403
resp.body = "Bad Password"
client._request = mock.MagicMock(name="_request")
client._request.side_effect = requests.exceptions.HTTPError(
response=resp, )
with self.assertRaises(requests.exceptions.HTTPError):
client.auth()
def test_duo_auth_failure(self, _duo_mock, _sleep_mock):
client = okta.Okta("organization", "username", "password")
client._request = mock.MagicMock(name="_request")
client._request.return_value = MFA_WAITING_RESPONSE
client.mfa_wait_loop = mock.MagicMock(name="mfa_wait_loop")
client.mfa_wait_loop.return_value = None
client.mfa_callback = mock.MagicMock()
client.duo_factor = "push"
ret = client.duo_auth("123", "token")
self.assertEqual(ret, None)
def test_handle_mfa_response_trigger_duo_auth(self):
client = okta.Okta('organization', 'username', 'password')
client.handle_push_factors = mock.MagicMock(
name='handle_push_factors')
client.handle_push_factors.return_value = True
client.handle_mfa_response(MFA_CHALLENGE_RESPONSE_DUO_AUTH)
client.handle_push_factors.assert_has_calls([
mock.call([{'factorType': 'web', 'provider': 'DUO', 'id': 'abcd'}],
'token')
])
def test_auth_call_error(self):
client = okta.Okta('organization', 'username', 'password')
resp = requests.Response()
resp.status_code = 403
resp.body = 'Bad Password'
client._request = mock.MagicMock(name='_request')
client._request.side_effect = requests.exceptions.HTTPError(
response=resp)
with self.assertRaises(requests.exceptions.HTTPError):
client.auth()
def test_duo_auth_failure(self, _duo_mock, _sleep_mock):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client._request.return_value = MFA_WAITING_RESPONSE
client.mfa_wait_loop = mock.MagicMock(name='mfa_wait_loop')
client.mfa_wait_loop.return_value = None
client.mfa_callback = mock.MagicMock()
client.duo_factor = "push"
ret = client.duo_auth('123', 'token')
self.assertEqual(ret, None)
def test_send_user_response_unknown_error(self):
client = okta.Okta('organization', 'username', 'password')
resp = requests.Response()
resp.status_code = 500
resp.body = 'Something bad happened'
client._request = mock.MagicMock(name='_request')
client._request.side_effect = requests.exceptions.HTTPError(
response=resp)
with self.assertRaises(okta.UnknownError):
client.send_user_response('fid', 'token', '123456', 'passCode')
def test_send_user_response_retries_exceeded(self):
client = okta.Okta('organization', 'username', 'password')
resp = requests.Response()
resp.status_code = 401
resp.body = 'Too many failures'
client._request = mock.MagicMock(name='_request')
client._request.side_effect = requests.exceptions.HTTPError(
response=resp)
with self.assertRaises(okta.UnknownError):
client.send_user_response('fid', 'token', '123456', 'passCode')
def test_auth_trigger_okta_verify(self):
client = okta.Okta('organization', 'username', 'password')
client._request = mock.MagicMock(name='_request')
client.okta_verify_with_push = mock.MagicMock(
name='okta_verify_with_push')
client._request.side_effect = [MFA_CHALLENGE_RESPONSE_OKTA_VERIFY]
ret = client.auth()
self.assertEquals(ret, None)
client.okta_verify_with_push.assert_has_calls(
[mock.call('abcd', 'token')])
def test_handle_push_factors_okta_verify(self):
client = okta.Okta("organization", "username", "password")
client.okta_verify = mock.MagicMock(name="okta_verify")
client.okta_verify.return_value = True
factor = MFA_CHALLENGE_RESPONSE_OKTA_VERIFY["_embedded"]["factors"]
ret = client.handle_push_factors(factor, "token")
self.assertEqual(ret, True)
client.okta_verify.assert_has_calls([
mock.call("abcd", "token"),
], )
def test_handle_push_factors_duo_auth(self):
client = okta.Okta("organization", "username", "password")
client.duo_auth = mock.MagicMock(name="duo_auth")
client.duo_auth.return_value = True
duo_factor = MFA_CHALLENGE_RESPONSE_DUO_AUTH["_embedded"]["factors"]
ret = client.handle_push_factors(duo_factor, "token")
self.assertEqual(ret, True)
client.duo_auth.assert_has_calls([
mock.call("abcd", "token"),
], )
