def test_bearer_api_auth_with_token_in_body_without_locations(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = 'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys basic_auth = base64.b64encode( "{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8')) body = {'grant_type': 'client_credentials', 'scope': 'test1'} headers = {'Authorization': b'Basic ' + basic_auth} allowed_scopes = ['test1'] result = authenticate( app=app, allowed_scopes=allowed_scopes, body=body, headers=headers) self.assertIsNotNone(result) self.assertIsNotNone(result.token) token = result.token body = {'access_token': token.token} result = authenticate( app=app, allowed_scopes=allowed_scopes, body=body, headers={}) self.assertIsNotNone(result) self.assertEquals(result.token.token, token.token)
def test_valid_bearer_token_but_deleted_api_key(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = b'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys basic_auth = base64.b64encode("{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' body = {'grant_type': 'client_credentials', 'scope': 'test1'} headers = { 'Authorization': b'Basic ' + basic_auth } allowed_scopes = ['test1'] result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNotNone(result) self.assertIsNotNone(result.token) token = result.token body = {} headers = { 'Authorization': b'Bearer ' + token.token.encode('utf-8') } api_keys.get_key = lambda k, s=None: None result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNone(result)
def test_bearer_api_auth_with_unicode(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = 'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys basic_auth = base64.b64encode( "{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' body = {'grant_type': 'client_credentials', 'scope': 'test1'} headers = {'Authorization': u('Basic ') + basic_auth.decode('utf-8')} allowed_scopes = ['test1'] result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNotNone(result) self.assertIsNotNone(result.token) token = result.token body = {} headers = { 'Authorization': b'Bearer ' + token.token.encode('utf-8') } result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNotNone(result) self.assertEquals(result.token.token, token.token)
def test_valid_bearer_token_but_disabled_api_key(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = 'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys ds = MagicMock() ds.get_resource.side_effect = StormpathError( {'developerMessage': 'No username on account.'}) client = MagicMock(data_store=ds) app.accounts.get.return_value = Account(client=client, href='account') basic_auth = base64.b64encode("{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' body = {'grant_type': 'client_credentials', 'scope': 'test1'} headers = { 'Authorization': b'Basic ' + basic_auth } allowed_scopes = ['test1'] result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNotNone(result) self.assertIsNotNone(result.token) token = result.token body = {} headers = { 'Authorization': b'Bearer ' + token.token.encode('utf-8') } disabled_api_key = MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_DISABLED) disabled_api_key.is_enabled.return_value = False api_keys.get_key = lambda k, s=None: disabled_api_key result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNone(result)
def test_basic_api_auth_invalid_credentials(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = b'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: None app.api_keys = api_keys basic_auth = base64.b64encode("invalid_client_id:invalid_client_secret".encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' # body = {} body = {'grant_type': 'client_credentials', 'scope': 'test1'} headers = { 'Authorization': b'Basic ' + basic_auth } allowed_scopes = ['test1'] result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNone(result)
def test_invalid_grant_type_no_token_gets_generated(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = 'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys basic_auth = base64.b64encode("{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' body = {'grant_type': 'invalid_grant', 'scope': 'test1'} headers = { 'Authorization': b'Basic ' + basic_auth } allowed_scopes = ['test1'] result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNotNone(result) self.assertIsNone(result.token)
def test_basic_api_auth_invalid_credentials(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = 'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: None app.api_keys = api_keys basic_auth = base64.b64encode("invalid_client_id:invalid_client_secret".encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' # body = {} body = {'grant_type': 'client_credentials', 'scope': 'test1'} headers = { 'Authorization': b'Basic ' + basic_auth } allowed_scopes = ['test1'] result = authenticate(app, allowed_scopes, http_method, uri, body, headers) self.assertIsNone(result)
def test_basic_api_auth_unicode_and_locations(self): app = MagicMock() app._client.auth.secret = 'fakeApiKeyProperties.secret' app.href = 'HREF' api_keys = MagicMock() api_keys.get_key = lambda k, s=None: MagicMock( id=FAKE_CLIENT_ID, secret=FAKE_CLIENT_SECRET, status=StatusMixin.STATUS_ENABLED) app.api_keys = api_keys basic_auth = base64.b64encode( "{}:{}".format(FAKE_CLIENT_ID, FAKE_CLIENT_SECRET).encode('utf-8')) uri = 'https://example.com/get' http_method = 'GET' body = {} headers = {'Authorization': u('Basic ') + basic_auth.decode('utf-8')} allowed_scopes = ['test1'] result = authenticate( app, allowed_scopes, http_method, uri, body, headers, ['header']) self.assertIsNotNone(result) self.assertIsNone(result.token) self.assertIsNotNone(result.api_key)