def test_request_token_success(self):
"""
Verify that we can request an access token and use it
to access a restricted resource.
"""
token_request_data_ok = {
'client_id': 'client_1',
'client_secret': 'secret_1',
'grant_type': 'client_credentials'
}
wsgi_env = {
'REMOTE_ADDR': '1.2.3.4',
'HTTP_USER_AGENT': 'UnitTester',
}
with self.app.test_request_context(environ_base=wsgi_env):
with app.test_client() as client:
response = client.post(token_request_url,
data=token_request_data_ok)
access_token = response.json.get('access_token')
# Now use the retrieved access token
query_data = {'access_token': access_token}
response = client.get(private_url, data=query_data)
self.assert200(response, "Response code is not 200")
if 200 == response.status_code:
data = response.json.get('data')
self.assertEqual('*****@*****.**',
data.get('user')['email'])
else:
self.fail("This should no happen")
def test_request_token_success(self):
"""
Verify that we can request an access token and use it
to access a restricted resource.
"""
token_request_data_ok = {
'client_id': 'client_1',
'client_secret': 'secret_1',
'grant_type': 'client_credentials'
}
wsgi_env = {
'REMOTE_ADDR': '1.2.3.4',
'HTTP_USER_AGENT': 'UnitTester',
}
with self.app.test_request_context(environ_base=wsgi_env):
with app.test_client() as client:
response = client.post(token_request_url,
data=token_request_data_ok)
access_token = response.json.get('access_token')
# Now use the retrieved access token
query_data = {'access_token': access_token}
response = client.get(private_url, data=query_data)
self.assert200(response, "Response code is not 200")
if 200 == response.status_code:
data = response.json.get('data')
self.assertEqual('*****@*****.**',
data.get('user')['email'])
else:
self.fail("This should no happen")
def test_success(self):
with self.app.test_request_context():
with app.test_client() as client:
# print("\n Request access from:{}" .format(token_request_url))
response = client.post(token_request_url,
data=token_request_data_ok)
access_token = response.json.get('access_token')
# print("Retrieved access token: {}".format(access_token))
# Now use the retrieved access token
auth_headers = [
('Authorization', "Basic: {}".format(access_token)),
('Content-Type', 'application/json')]
# Test_1 bad json
bad_response = client.post(save_patient_chunks_url,
data='{"a": "b",}',
headers=auth_headers)
# Verify that we get a "400 BAD REQUEST"
# response for invalid json
self.assert400(bad_response, "Response code is not 400")
# Test_2 KeyError 'data'
with self.assertRaises(Exception):
bad_response = client.post(save_patient_chunks_url,
data='{"data2": ""}',
headers=auth_headers)
# Test_3 valid request
response = client.post(save_patient_chunks_url,
data=chunks,
headers=auth_headers)
self.assert200(response, "Response code is not 200")
data = response.json.get('data')
# print("==> Integration test response: {}".format(data))
status = response.json.get('status')
if 'success' == status:
group_1 = data.get('1')
group_2 = data.get('2')
group_3 = data.get('3')
# compare the UUIDs generated using
# base_test_with_data#dummy_get_uuid_hex()
self.assertEqual(
group_1.get('uuid'),
'409949141ba811e69454f45c898e9b67')
self.assertEqual(
group_2.get('uuid'),
'509949141ba811e69454f45c898e9b67')
self.assertEqual(
group_3.get('uuid'),
'709949141ba811e69454f45c898e9b67')
else:
self.fail("Error response: {}".format(data))
def test_login_form_display(self):
"""
Check the login form message presence
"""
with self.app.test_request_context():
with app.test_client() as client:
response = client.get(login_url)
self.assertTrue(b'Please login' in response.data)
def test_access_protected_resource(self):
"""
Verify that when not logged in the user is
unable to access the protected content.
"""
with self.app.test_request_context():
with app.test_client() as client:
response = client.get("https://localhost/api/hello")
self.assertTrue(b'Please <a href="/">login</a> first.'
in response.data)
def test_access_protected_resource(self):
"""
Verify that without an access token we can't access
restricted routes.
"""
with self.app.test_request_context():
with app.test_client() as client:
response = client.get(private_url)
self.assert401(response)
self.assertEqual('401 UNAUTHORIZED', response.status)
def test_access_protected_resource(self):
"""
Verify that without an access token we can't access
restricted routes.
"""
with self.app.test_request_context():
with app.test_client() as client:
response = client.get(private_url)
self.assert401(response)
self.assertEqual('401 UNAUTHORIZED', response.status)
def test_login_success(self):
"""
Emulate user login
"""
login_data = {'email': '*****@*****.**',
'password': '******'}
with self.app.test_request_context():
with app.test_client() as client:
app.preprocess_request()
response = client.post(login_url, data=login_data,
follow_redirects=True)
self.assert200(response, "Response code is not 200")
self.assertTrue(b'Hello [email protected]' in response.data)
def test_login_failure(self):
"""
Try to login with an invalid password
"""
login_data = {'email': '*****@*****.**',
'password': '******'}
with self.app.test_request_context():
with app.test_client() as client:
response = client.post(login_url, data=login_data,
follow_redirects=True)
self.assert200(response, "Response code is not 200")
self.assertTrue(b'Please login' in response.data)
self.assertTrue(b'Hello [email protected]'
not in response.data)
def test_request_token_no_secret(self):
"""
Verify that not specifying a `client_secret`
results in a `401 Unauthorized` response
"""
token_request_data_fail = {
'client_id': 'client_1',
'client_secret': '',
'grant_type': 'client_credentials'
}
with self.app.test_request_context():
with app.test_client() as client:
with self.assertRaises(Exception):
response_fail = client.post(token_request_url,
data=token_request_data_fail)
self.assert401(response_fail)
def test_request_token_no_secret(self):
"""
Verify that not specifying a `client_secret`
results in a `401 Unauthorized` response
"""
token_request_data_fail = {
'client_id': 'client_1',
'client_secret': '',
'grant_type': 'client_credentials'
}
with self.app.test_request_context():
with app.test_client() as client:
with self.assertRaises(Exception):
response_fail = client.post(token_request_url,
data=token_request_data_fail)
self.assert401(response_fail)
def test_get_expired_token(self):
"""
"""
with self.app.test_request_context():
with app.test_client() as client:
response = client.post(token_request_url,
data=token_request_data_expired)
access_token = response.json.get('access_token')
# Now use the retrieved access token
auth_headers = [
('Authorization', "Basic: {}".format(access_token)),
('Content-Type', 'application/json')]
response = client.post(save_patient_chunks_url,
data='{"data2": ""}',
headers=auth_headers)
self.assert401(response, "Response code is not 401")
self.assertEqual('401 UNAUTHORIZED', response.status)
# Verify that a new code was generated on the second request
response = client.post(token_request_url,
data=token_request_data_expired)
self.assert200(response, "Response code is not 200")