def test_bearer_api_auth_with_token_in_body_without_locations(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = 'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET,
status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
basic_auth = base64.b64encode(
"{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8'))
body = {'grant_type': 'client_credentials', 'scope': 'test1'}
headers = {'Authorization': b'Basic ' + basic_auth}
allowed_scopes = ['test1']
result = authenticate(
app=app, allowed_scopes=allowed_scopes, body=body, headers=headers)
self.assertIsNotNone(result)
self.assertIsNotNone(result.token)
token = result.token
body = {'access_token': token.token}
result = authenticate(
app=app, allowed_scopes=allowed_scopes, body=body, headers={})
self.assertIsNotNone(result)
self.assertEquals(result.token.token, token.token)
def test_valid_bearer_token_but_deleted_api_key(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = b'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
basic_auth = base64.b64encode("{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
body = {'grant_type': 'client_credentials', 'scope': 'test1'}
headers = {
'Authorization': b'Basic ' + basic_auth
}
allowed_scopes = ['test1']
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNotNone(result)
self.assertIsNotNone(result.token)
token = result.token
body = {}
headers = {
'Authorization': b'Bearer ' + token.token.encode('utf-8')
}
api_keys.get_key = lambda k, s=None: None
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNone(result)
def test_bearer_api_auth_with_unicode(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = 'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
basic_auth = base64.b64encode(
"{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
body = {'grant_type': 'client_credentials', 'scope': 'test1'}
headers = {'Authorization': u('Basic ') + basic_auth.decode('utf-8')}
allowed_scopes = ['test1']
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNotNone(result)
self.assertIsNotNone(result.token)
token = result.token
body = {}
headers = {
'Authorization': b'Bearer ' + token.token.encode('utf-8')
}
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNotNone(result)
self.assertEquals(result.token.token, token.token)
def test_valid_bearer_token_but_disabled_api_key(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = 'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET,
status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
ds = MagicMock()
ds.get_resource.side_effect = StormpathError(
{'developerMessage': 'No username on account.'})
client = MagicMock(data_store=ds)
app.accounts.get.return_value = Account(client=client, href='account')
basic_auth = base64.b64encode("{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
body = {'grant_type': 'client_credentials', 'scope': 'test1'}
headers = {
'Authorization': b'Basic ' + basic_auth
}
allowed_scopes = ['test1']
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNotNone(result)
self.assertIsNotNone(result.token)
token = result.token
body = {}
headers = {
'Authorization': b'Bearer ' + token.token.encode('utf-8')
}
disabled_api_key = MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_DISABLED)
disabled_api_key.is_enabled.return_value = False
api_keys.get_key = lambda k, s=None: disabled_api_key
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNone(result)
def test_basic_api_auth_invalid_credentials(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = b'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: None
app.api_keys = api_keys
basic_auth = base64.b64encode("invalid_client_id:invalid_client_secret".encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
# body = {}
body = {'grant_type': 'client_credentials', 'scope': 'test1'}
headers = {
'Authorization': b'Basic ' + basic_auth
}
allowed_scopes = ['test1']
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNone(result)
def test_invalid_grant_type_no_token_gets_generated(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = 'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
basic_auth = base64.b64encode("{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
body = {'grant_type': 'invalid_grant', 'scope': 'test1'}
headers = {
'Authorization': b'Basic ' + basic_auth
}
allowed_scopes = ['test1']
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNotNone(result)
self.assertIsNone(result.token)
def test_basic_api_auth_invalid_credentials(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = 'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: None
app.api_keys = api_keys
basic_auth = base64.b64encode("invalid_client_id:invalid_client_secret".encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
# body = {}
body = {'grant_type': 'client_credentials', 'scope': 'test1'}
headers = {
'Authorization': b'Basic ' + basic_auth
}
allowed_scopes = ['test1']
result = authenticate(app, allowed_scopes, http_method, uri, body, headers)
self.assertIsNone(result)
def test_basic_api_auth_unicode_and_locations(self):
app = MagicMock()
app._client.auth.secret = 'fakeApiKeyProperties.secret'
app.href = 'HREF'
api_keys = MagicMock()
api_keys.get_key = lambda k, s=None: MagicMock(
id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED)
app.api_keys = api_keys
basic_auth = base64.b64encode(
"{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8'))
uri = 'https://example.com/get'
http_method = 'GET'
body = {}
headers = {'Authorization': u('Basic ') + basic_auth.decode('utf-8')}
allowed_scopes = ['test1']
result = authenticate(
app, allowed_scopes, http_method, uri, body, headers, ['header'])
self.assertIsNotNone(result)
self.assertIsNone(result.token)
self.assertIsNotNone(result.api_key)
