def test_auth(client): """ Test the Taskcluster authentication """ # Test non authenticated endpoint resp = client.get('/') assert resp.status_code in (200, 302) # Test authenticated endpoint without header resp = client.get('/test-login') assert resp.status_code == 401 # Test authenticated endpoint with header ext_data = { 'scopes': [ 'project/test/*', ], } client_id = 'test/[email protected]' header = build_header(client_id, ext_data) resp = client.get('/test-login', headers=[('Authorization', header)]) assert resp.status_code == 200 data = json.loads(resp.data.decode('utf-8')) assert data['auth'] assert data['user'] == client_id assert data['scopes'] == ext_data['scopes']
def hawk_header(scopes): """" Helper to build an Hawk header for a set of TC scopes """ client_id = 'test/[email protected]' ext_data = { 'scopes': scopes, } return build_header(client_id, ext_data)
def test_scopes_invalid(client): """ Test the Taskcluster required scopes """ client_id = "test/[email protected]" # Missing a scope to validate test ext_data = {"scopes": ["project/test/A", "project/test/C"]} header = build_header(client_id, ext_data) resp = client.get("/test-scopes", headers=[("Authorization", header)]) assert resp.status_code == 401
def test_scopes_admin(client): """ Test the Taskcluster required scopes """ client_id = 'test/[email protected]' # Validate with admin scopes ext_data = {'scopes': ['project/another/*', 'project/test-admin/*']} header = build_header(client_id, ext_data) resp = client.get('/test-scopes', headers=[('Authorization', header)]) assert resp.status_code == 200 assert resp.data == b'Your scopes are ok.'
def test_scopes_admin(client): """ Test the Taskcluster required scopes """ client_id = "test/[email protected]" # Validate with admin scopes ext_data = {"scopes": ["project/another/*", "project/test-admin/*"]} header = build_header(client_id, ext_data) resp = client.get("/test-scopes", headers=[("Authorization", header)]) assert resp.status_code == 200 assert resp.data == b"Your scopes are ok."
def test_scopes_invalid(client): """ Test the Taskcluster required scopes """ client_id = 'test/[email protected]' # Missing a scope to validate test ext_data = { 'scopes': [ 'project/test/A', 'project/test/C', ], } header = build_header(client_id, ext_data) resp = client.get('/test-scopes', headers=[('Authorization', header)]) assert resp.status_code == 401
def test_auth(client): """ Test the Taskcluster authentication """ # Test non authenticated endpoint resp = client.get("/") assert resp.status_code in (200, 302) # Test authenticated endpoint without header resp = client.get("/test-login") assert resp.status_code == 401 # Test authenticated endpoint with header ext_data = {"scopes": ["project/test/*"]} client_id = "test/[email protected]" header = build_header(client_id, ext_data) resp = client.get("/test-login", headers=[("Authorization", header)]) assert resp.status_code == 200 data = json.loads(resp.data.decode("utf-8")) assert data["auth"] assert data["user"] == client_id assert data["scopes"] == ext_data["scopes"]