def test_mangled_header(self):
app = ApiEndpoint(None, auth_factory=MockAuthorizer)
request = make_request('/')
request.META['HTTP_AUTHORIZATION'] = 'Boarer: {}'.format(MASTER_API_TOKEN)
response = app(request)
self.assertEqual(response.status_code, 401)
self.assertEqual(response['WWW-Authenticate'], 'Bearer')
def test_401_with_bogus_token(self):
app = ApiEndpoint(None, auth_factory=MockAuthorizer)
request = make_request('/')
request.META['HTTP_AUTHORIZATION'] = 'Bearer not-a-real-token'
response = app(request)
self.assertEqual(response.status_code, 401)
self.assertEqual(response['WWW-Authenticate'], 'Bearer')
def test_lenient_input(self):
def app_view(request):
self.assertIsInstance(request.api, GlobalApi)
return HttpResponse("Hi!")
app = ApiEndpoint(app_view, auth_factory=MockAuthorizer)
request = make_request('/')
request.META['HTTP_AUTHORIZATION'] = 'bearer {}'.format(MASTER_API_TOKEN)
response = app(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.content, b"Hi!")
def test_200_successful_user_token(self):
def app_view(request):
self.assertIsInstance(request.api, UserApi)
return HttpResponse("Hi!")
app = ApiEndpoint(app_view, auth_factory=MockAuthorizer)
request = make_request('/')
request.META['HTTP_AUTHORIZATION'] = 'Bearer {}'.format('user-magic')
response = app(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.content, b"Hi!")
def test_unauthorized_exception(self):
def app_view(request):
# UnauthorizedException is automatically converted to a
# 401 response.
raise UnauthorizedException("Nope, nuh-uh.")
app = ApiEndpoint(app_view, auth_factory=MockAuthorizer)
request = make_request('/')
request.META['HTTP_AUTHORIZATION'] = 'bearer {}'.format(MASTER_API_TOKEN)
response = app(request)
self.assertEqual(response.status_code, 401)
self.assertEqual(response['WWW-Authenticate'], 'Bearer')
def test_401_without_token(self):
app = ApiEndpoint(None, auth_factory=MockAuthorizer)
response = app(make_request('/'))
self.assertEqual(response.status_code, 401)
self.assertEqual(response['WWW-Authenticate'], 'Bearer')