def test_require_auth0_userinfo_expired_token(jwks, app): # Make sure requiring userinfo also validates the token first. expired_token = create_access_token(exp=1) headers = [("Authorization", "Bearer {}".format(expired_token))] with app.test_request_context("/", headers=headers): with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=(), userinfo=True)(noop)() assert exc_info.value.status == 401 assert exc_info.value.title == "Token Expired"
def test_require_access_token_invalid(jwks, app, token_kwargs, status, title): token = create_access_token(**token_kwargs) headers = [("Authorization", "Bearer {}".format(token))] with app.test_request_context("/", headers=headers): with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=())(noop)() assert exc_info.value.status == status assert exc_info.value.title == title
def test_require_auth0_userinfo_auth0_jwks_invalid_response_error( app, response_text, status, title): token = create_access_token() headers = [("Authorization", "Bearer {}".format(token))] with app.test_request_context("/", headers=headers): with requests_mock.mock() as m: m.get("/.well-known/jwks.json", text=response_text) with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=(), userinfo=True)(noop)() assert exc_info.value.status == status assert exc_info.value.title == title
def test_require_auth0_userinfo_auth0_failures(jwks, app, a0status, a0kwargs, status, title): token = create_access_token() headers = [("Authorization", "Bearer {}".format(token))] with app.test_request_context("/", headers=headers): with requests_mock.mock() as m: m.get("/userinfo", status_code=a0status, **a0kwargs) with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=(), userinfo=True)(noop)() assert exc_info.value.status == status assert exc_info.value.title == title
def test_require_access_token_no_kid_match(jwks, app): key = copy.deepcopy(TEST_KEY_PRIV) key["kid"] = "BOGUSKID" token = create_access_token(key=key) headers = [("Authorization", "Bearer {}".format(token))] with app.test_request_context("/", headers=headers): with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=())(noop)() assert exc_info.value.status == 400 assert exc_info.value.title == "Authorization Header Invalid" assert exc_info.value.detail == ( "Appropriate key for Authorization header could not be found")
def test_require_auth0_userinfo_auth0_jwks_request_errors( app, exc, status, title ): token = create_access_token() headers = [('Authorization', 'Bearer {}'.format(token))] with app.test_request_context('/', headers=headers): with requests_mock.mock() as m: m.get('/.well-known/jwks.json', exc=exc) with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=(), userinfo=True)(noop)() assert exc_info.value.status == status assert exc_info.value.title == title
def test_require_access_scopes_valid(jwks, app, scopes, token_kwargs): token = create_access_token(**token_kwargs) headers = [("Authorization", "Bearer {}".format(token))] with app.test_request_context("/", headers=headers): resp = require_auth0(scopes=scopes)(noop)() assert resp.status_code == 200
def test_require_access_token_valid( jwks, app, token_kwargs, ): token = create_access_token(**token_kwargs) headers = [('Authorization', 'Bearer {}'.format(token))] with app.test_request_context('/', headers=headers): resp = require_auth0(scopes=())(noop)() assert resp.status_code == 200
def test_require_auth0_userinfo_succeeded(jwks, app): token = create_access_token() headers = [("Authorization", "Bearer {}".format(token))] with app.test_request_context("/", headers=headers): with requests_mock.mock() as m: m.get("/userinfo", status_code=200, json=CANNED_USERINFO["STANDARD"]) resp = require_auth0(scopes=(), userinfo=True)(noop)() assert isinstance(g.auth0_user, A0User) assert resp.status_code == 200
def test_require_access_token_malformed(jwks, app, headers, status): with app.test_request_context("/", headers=headers): with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=())(noop)() assert exc_info.value.status == status
def test_require_access_token_missing(app): with app.test_request_context("/", headers=[]): with pytest.raises(ProblemException) as exc_info: require_auth0(scopes=())(noop)() assert exc_info.value.status == 401