def test_payload_user_password(self): self.request.forms["client_id"] = "foobar" self.request.forms["client_secret"] = "barsecret" _, _, forms, headers = oauth2.extract_params(self.request) self.assertEqual(forms["client_id"], "foobar") self.assertEqual(forms["client_secret"], "barsecret") self.assertNotIn("Authorization", headers)
def test_bearer_html(self): self.request.content_type = self.request.headers["Content-Type"] = "text/html" self.request.headers["Authorization"] = "Bearer myfootoken" self.request.body = "<html>" _, _, body, headers = oauth2.extract_params(self.request) self.assertEqual(headers["Authorization"], "Bearer myfootoken") self.assertEqual(body, "<html>")
def test_payload_overload_auth(self): self.request.auth = ("foobar", "barsecret") self.request.forms["client_id"] = "bigger_foobar" self.request.forms["client_secret"] = "bigger_barsecret" _, _, forms, headers = oauth2.extract_params(self.request) self.assertEqual(forms["client_id"], "bigger_foobar") self.assertEqual(forms["client_secret"], "bigger_barsecret") self.assertNotIn("Authorization", headers)
def test_bearer_form(self): self.request.content_type = self.request.headers[ "Content-Type"] = "application/x-www-form-urlencoded" self.request.headers["Authorization"] = "Bearer myfootoken" self.request.forms = {"foo": "bar", "bar": 42} _, _, body, headers = oauth2.extract_params(self.request) self.assertEqual(headers["Authorization"], "Bearer myfootoken") self.assertEqual(body, self.request.forms)
def test_noforms_auth_user_password_wait_until_609(self): """TODO: fix of unittest above, remove once 609 fixed. """ self.request.content_type = self.request.headers["Content-Type"] = "text/html" self.request.body = "<html>" self.request.auth = ("foobar", "barsecret") _, _, body, headers = oauth2.extract_params(self.request) self.assertEqual(body["client_id"], "foobar") self.assertEqual(body["client_secret"], "barsecret")
def test_noforms_auth_user_password(self): """POSTed body is not a forms, so we need to decode authorization ourselves. """ self.request.content_type = self.request.headers["Content-Type"] = "text/html" self.request.body = "<html>" self.request.auth = ("foobar", "barsecret") _, _, body, headers = oauth2.extract_params(self.request) self.assertEqual(body, "<html>") self.assertIn("Authorization", headers) import bottle client_id, client_secret = bottle.parse_auth(headers["Authorization"]) self.assertEqual(client_id, "foobar") self.assertEqual(client_secret, "barsecret")
def assertAuth(self, request): _, _, forms, headers = oauth2.extract_params(request) self.assertEqual(forms["client_id"], "foobar") self.assertEqual(forms["client_secret"], "barsecret")
def test_auth_password(self): self.request.auth = (None, "barsecret") _, _, forms, headers = oauth2.extract_params(self.request) self.assertNotIn("client_id", forms) self.assertEqual(forms["client_secret"], "barsecret") self.assertNotIn("Authorization", headers)
def test_auth_user_password_empty(self): self.request.auth = ("foobar", "") _, _, forms, headers = oauth2.extract_params(self.request) self.assertEqual(forms["client_id"], "foobar") self.assertEqual(forms["client_secret"], "") self.assertNotIn("Authorization", headers)
def test_empty(self): self.request.auth = (None, None) _, _, forms, headers = oauth2.extract_params(self.request) self.assertNotIn("client_id", forms) self.assertNotIn("client_secret", forms) self.assertNotIn("Authorization", headers)