def test_specify_scopes(self): """ Validates whether requested scopes are assigned """ from api.oauth2.tokenview import OAuth2TokenView from api.view import MetadataView time.sleep(180) data = { 'grant_type': 'password', 'username': '******', 'password': '******' } request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) self.assertIn('access_token', json.loads(response.content)) access_token = json.loads(response.content)['access_token'] time.sleep(180) header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertListEqual(sorted(response_content['roles']), ['manage', 'read', 'write']) time.sleep(180) data['scope'] = 'read write' request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) response_content = json.loads(response.content) self.assertIn('access_token', response_content) access_token = response_content['access_token'] time.sleep(180) header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertIn('roles', response_content) self.assertListEqual(sorted(response_content['roles']), ['read', 'write']) time.sleep(180) data = { 'grant_type': 'password', 'username': '******', 'password': '******', 'scope': 'read write manage' } request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_scope', HttpBadRequestException)
def test_grandtype_headers(self): """ Validates whether not sending a grant_type will fail the call and the grant_type is checked """ from api.oauth2.tokenview import OAuth2TokenView time.sleep(180) request = self.factory.post('/', HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_request', HttpBadRequestException) time.sleep(180) data = {'grant_type': 'foobar'} request = self.factory.post('/', HTTP_X_REAL_IP='127.0.0.1', data=data) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'unsupported_grant_type', HttpBadRequestException)
def test_specify_scopes(self): """ Validates whether requested scopes are assigned """ from api.oauth2.tokenview import OAuth2TokenView from api.view import MetadataView time.sleep(180) data = {'grant_type': 'password', 'username': '******', 'password': '******'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) self.assertIn('access_token', json.loads(response.content)) access_token = json.loads(response.content)['access_token'] time.sleep(180) header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertListEqual(sorted(response_content['roles']), ['manage', 'read', 'write']) time.sleep(180) data['scope'] = 'read write' request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) response_content = json.loads(response.content) self.assertIn('access_token', response_content) access_token = response_content['access_token'] time.sleep(180) header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertIn('roles', response_content) self.assertListEqual(sorted(response_content['roles']), ['read', 'write']) time.sleep(180) data = {'grant_type': 'password', 'username': '******', 'password': '******', 'scope': 'read write manage'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_scope', HttpBadRequestException)
def test_authentication_backend(self): """ Validates the Authentication backend """ from django.contrib.auth.models import User as DUser from api.oauth2.tokenview import OAuth2TokenView from api.oauth2.backend import OAuth2Backend time.sleep(180) backend = OAuth2Backend() data = { 'grant_type': 'password', 'username': '******', 'password': '******' } request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) response_content = json.loads(response.content) access_token = response_content['access_token'] request = self.factory.get('/') response = backend.authenticate(request) self.assertIsNone(response) time.sleep(180) header = 'Bearer foobar' request = self.factory.get('/', HTTP_AUTHORIZATION=header) with self.assertRaises(HttpUnauthorizedException) as context: backend.authenticate(request) self.assertEqual(context.exception.status_code, 401) self.assertEqual(str(context.exception.error), 'invalid_token') time.sleep(180) header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_AUTHORIZATION=header) user, extra = backend.authenticate(request) self.assertIsInstance(user, DUser) self.assertIsNone(extra) self.assertEqual(request.token.access_token, access_token) self.assertEqual(request.client.user.username, 'admin') time.sleep(180) user = UserList.get_user_by_username('admin') user.is_active = False user.save() request = self.factory.get('/', HTTP_AUTHORIZATION=header) with self.assertRaises(HttpUnauthorizedException) as context: backend.authenticate(request) self.assertEqual(context.exception.status_code, 401) self.assertEqual(str(context.exception.error), 'inactive_user') user.is_active = True user.save() time.sleep(int(response_content['expires_in'])) request = self.factory.get('/', HTTP_AUTHORIZATION=header) with self.assertRaises(HttpUnauthorizedException) as context: backend.authenticate(request) self.assertEqual(context.exception.status_code, 401) self.assertEqual(str(context.exception.error), 'token_expired')
def test_authentication_backend(self): """ Validates the Authentication backend """ from django.contrib.auth.models import User as DUser from api.oauth2.tokenview import OAuth2TokenView from api.oauth2.backend import OAuth2Backend time.sleep(180) backend = OAuth2Backend() data = {'grant_type': 'password', 'username': '******', 'password': '******'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) response_content = json.loads(response.content) access_token = response_content['access_token'] request = self.factory.get('/') response = backend.authenticate(request) self.assertIsNone(response) time.sleep(180) header = 'Bearer foobar' request = self.factory.get('/', HTTP_AUTHORIZATION=header) with self.assertRaises(HttpUnauthorizedException) as context: backend.authenticate(request) self.assertEqual(context.exception.status_code, 401) self.assertEqual(str(context.exception.error), 'invalid_token') time.sleep(180) header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_AUTHORIZATION=header) user, extra = backend.authenticate(request) self.assertIsInstance(user, DUser) self.assertIsNone(extra) self.assertEqual(request.token.access_token, access_token) self.assertEqual(request.client.user.username, 'admin') time.sleep(180) user = UserList.get_user_by_username('admin') user.is_active = False user.save() request = self.factory.get('/', HTTP_AUTHORIZATION=header) with self.assertRaises(HttpUnauthorizedException) as context: backend.authenticate(request) self.assertEqual(context.exception.status_code, 401) self.assertEqual(str(context.exception.error), 'inactive_user') user.is_active = True user.save() time.sleep(int(response_content['expires_in'])) request = self.factory.get('/', HTTP_AUTHORIZATION=header) with self.assertRaises(HttpUnauthorizedException) as context: backend.authenticate(request) self.assertEqual(context.exception.status_code, 401) self.assertEqual(str(context.exception.error), 'token_expired')
def test_resource_owner_password_credentials(self): """ Validates the Resource Owner Password Credentials """ from api.oauth2.tokenview import OAuth2TokenView time.sleep(180) data = {'grant_type': 'password'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_request', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'inactive_user', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'unauthorized_client', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) self.assertEqual(response.status_code, 200) response_content = json.loads(response.content) self.assertIn('access_token', response_content) result = { 'access_token': response_content['access_token'], 'token_type': 'bearer', 'expires_in': 86400 } self.assertDictEqual(response_content, result)
def test_resource_owner_password_credentials(self): """ Validates the Resource Owner Password Credentials """ from api.oauth2.tokenview import OAuth2TokenView time.sleep(180) data = {'grant_type': 'password'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_request', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'inactive_user', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'unauthorized_client', HttpBadRequestException) time.sleep(180) data.update({'username': '******', 'password': '******'}) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) self.assertEqual(response.status_code, 200) response_content = json.loads(response.content) self.assertIn('access_token', response_content) result = {'access_token': response_content['access_token'], 'token_type': 'bearer', 'expires_in': 86400} self.assertDictEqual(response_content, result)
def test_client_credentials(self): """ Validates the Client Credentials """ from api.oauth2.tokenview import OAuth2TokenView time.sleep(180) data = {'grant_type': 'client_credentials'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'missing_header', HttpBadRequestException) time.sleep(180) header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format('foo', 'bar'))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.2', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException) time.sleep(180) admin_na = UserList.get_user_by_username('admin_na') admin_na_client = Client() admin_na_client.ovs_type = 'USER' admin_na_client.grant_type = 'PASSWORD' admin_na_client.client_secret = OAuth2Toolbox.create_hash(64) admin_na_client.user = admin_na admin_na_client.save() header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format(admin_na_client.guid, admin_na_client.client_secret))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.3', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_grant', HttpBadRequestException) time.sleep(180) admin_na_client.grant_type = 'CLIENT_CREDENTIALS' admin_na_client.save() request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.4', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'inactive_user', HttpBadRequestException) time.sleep(180) admin = UserList.get_user_by_username('admin') admin_client = Client() admin_client.ovs_type = 'USER' admin_client.grant_type = 'CLIENT_CREDENTIALS' admin_client.client_secret = OAuth2Toolbox.create_hash(64) admin_client.user = admin admin_client.save() header = 'Basic {0}'.format(base64.encodestring('{0}:foobar'.format(admin_client.guid))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.5', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException) time.sleep(180) header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format(admin_client.guid, admin_client.client_secret))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.6', HTTP_AUTHORIZATION=header) response = OAuth2TokenView.as_view()(request) self.assertEqual(response.status_code, 200) response_content = json.loads(response.content) self.assertIn('access_token', response_content) result = {'access_token': response_content['access_token'], 'token_type': 'bearer', 'expires_in': 3600} self.assertDictEqual(response_content, result)
def test_metadata(self): """ Validates the authentication related information at the API root's metadata. - The 'roles' key is already checked in the Scope-related tests """ from ovs.dal.lists.bearertokenlist import BearerTokenList from api.oauth2.tokenview import OAuth2TokenView from api.view import MetadataView def _raise_exception(argument): _ = argument raise RuntimeError('foobar') result_data = { 'authenticated': False, 'authentication_state': None, 'username': None, 'userguid': None } time.sleep(180) data = { 'grant_type': 'password', 'username': '******', 'password': '******' } request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) response_content = json.loads(response.content) self.assertIn('expires_in', response_content) self.assertIn('access_token', response_content) time.sleep(180) expiry = int(response_content['expires_in']) access_token = response_content['access_token'] request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1') response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict(result_data.items() + {'authentication_state': 'unauthenticated'}.items()), response_content) time.sleep(180) header = 'Basic foobar' request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict(result_data.items() + {'authentication_state': 'invalid_authorization_type' }.items()), response_content) time.sleep(180) header = 'Bearer foobar' request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict(result_data.items() + {'authentication_state': 'invalid_token'}.items()), response_content) time.sleep(180) user = UserList.get_user_by_username('admin') header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict( result_data.items() + { 'authenticated': True, 'authentication_state': 'authenticated', 'username': user.username, 'userguid': user.guid }.items()), response_content) time.sleep(180) user.is_active = False user.save() request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict(result_data.items() + {'authentication_state': 'inactive_user'}.items()), response_content) user.is_active = True user.save() time.sleep(180) original_method = BearerTokenList.get_by_access_token BearerTokenList.get_by_access_token = staticmethod(_raise_exception) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict(result_data.items() + {'authentication_state': 'unexpected_exception'}.items()), response_content) time.sleep(180) BearerTokenList.get_by_access_token = staticmethod(original_method) time.sleep(expiry) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset( dict(result_data.items() + {'authentication_state': 'token_expired'}.items()), response_content)
def test_client_credentials(self): """ Validates the Client Credentials """ from api.oauth2.tokenview import OAuth2TokenView time.sleep(180) data = {'grant_type': 'client_credentials'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'missing_header', HttpBadRequestException) time.sleep(180) header = 'Basic {0}'.format( base64.encodestring('{0}:{1}'.format('foo', 'bar'))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.2', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException) time.sleep(180) admin_na = UserList.get_user_by_username('admin_na') admin_na_client = Client() admin_na_client.ovs_type = 'USER' admin_na_client.grant_type = 'PASSWORD' admin_na_client.client_secret = OAuth2Toolbox.create_hash(64) admin_na_client.user = admin_na admin_na_client.save() header = 'Basic {0}'.format( base64.encodestring('{0}:{1}'.format( admin_na_client.guid, admin_na_client.client_secret))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.3', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_grant', HttpBadRequestException) time.sleep(180) admin_na_client.grant_type = 'CLIENT_CREDENTIALS' admin_na_client.save() request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.4', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'inactive_user', HttpBadRequestException) time.sleep(180) admin = UserList.get_user_by_username('admin') admin_client = Client() admin_client.ovs_type = 'USER' admin_client.grant_type = 'CLIENT_CREDENTIALS' admin_client.client_secret = OAuth2Toolbox.create_hash(64) admin_client.user = admin admin_client.save() header = 'Basic {0}'.format( base64.encodestring('{0}:foobar'.format(admin_client.guid))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.5', HTTP_AUTHORIZATION=header) self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException) time.sleep(180) header = 'Basic {0}'.format( base64.encodestring('{0}:{1}'.format(admin_client.guid, admin_client.client_secret))) request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.6', HTTP_AUTHORIZATION=header) response = OAuth2TokenView.as_view()(request) self.assertEqual(response.status_code, 200) response_content = json.loads(response.content) self.assertIn('access_token', response_content) result = { 'access_token': response_content['access_token'], 'token_type': 'bearer', 'expires_in': 3600 } self.assertDictEqual(response_content, result)
def build_router_urls(): """ Creates a router instance to generate API urls for Customer and Internal API """ routes = [] path = '/'.join([os.path.dirname(__file__), 'backend', 'views']) for filename in os.listdir(path): if os.path.isfile('/'.join([path, filename])) and filename.endswith('.py'): name = filename.replace('.py', '') module = imp.load_source(name, '/'.join([path, filename])) for member in inspect.getmembers(module): if inspect.isclass(member[1]) \ and member[1].__module__ == name \ and 'ViewSet' in [base.__name__ for base in member[1].__bases__]: routes.append({'prefix': member[1].prefix, 'viewset': member[1], 'base_name': member[1].base_name}) router = SimpleRouter() for route in routes: router.register(**route) return router.urls urlpatterns = patterns('', url(r'^oauth2/token/', OAuth2TokenView.as_view()), url(r'^oauth2/redirect/', OAuth2RedirectView.as_view()), url(r'^relay/', relay), url(r'^swagger.json', OpenAPIView.as_view()), url(r'^$', MetadataView.as_view()), url(r'', include(build_router_urls())))
""" routes = [] path = '/'.join([os.path.dirname(__file__), 'backend', 'views']) for filename in os.listdir(path): if os.path.isfile('/'.join([path, filename ])) and filename.endswith('.py'): name = filename.replace('.py', '') mod = imp.load_source(name, '/'.join([path, filename])) for member_name, member in inspect.getmembers( mod, predicate=inspect.isclass): if member.__module__ == name and 'ViewSet' in [ base.__name__ for base in member.__bases__ ]: routes.append({ 'prefix': member.prefix, 'viewset': member, 'base_name': member.base_name }) router = OVSRouter() for route in routes: router.register(**route) return router.urls urlpatterns = patterns('', url(r'^oauth2/token/', OAuth2TokenView.as_view()), url(r'^oauth2/redirect/', OAuth2RedirectView.as_view()), url(r'^relay/', relay), url(r'^swagger.json', OpenAPIView.as_view()), url(r'^$', MetadataView.as_view()), url(r'', include(build_router_urls())))
def test_metadata(self): """ Validates the authentication related information at the API root's metadata. - The 'roles' key is already checked in the Scope-related tests """ from ovs.dal.lists.bearertokenlist import BearerTokenList from api.oauth2.tokenview import OAuth2TokenView from api.view import MetadataView def _raise_exception(argument): _ = argument raise RuntimeError('foobar') result_data = {'authenticated': False, 'authentication_state': None, 'username': None, 'userguid': None} time.sleep(180) data = {'grant_type': 'password', 'username': '******', 'password': '******'} request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1') response = OAuth2TokenView.as_view()(request) response_content = json.loads(response.content) self.assertIn('expires_in', response_content) self.assertIn('access_token', response_content) time.sleep(180) expiry = int(response_content['expires_in']) access_token = response_content['access_token'] request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1') response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'unauthenticated'}.items()), response_content) time.sleep(180) header = 'Basic foobar' request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'invalid_authorization_type'}.items()), response_content) time.sleep(180) header = 'Bearer foobar' request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'invalid_token'}.items()), response_content) time.sleep(180) user = UserList.get_user_by_username('admin') header = 'Bearer {0}'.format(access_token) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authenticated': True, 'authentication_state': 'authenticated', 'username': user.username, 'userguid': user.guid}.items()), response_content) time.sleep(180) user.is_active = False user.save() request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'inactive_user'}.items()), response_content) user.is_active = True user.save() time.sleep(180) original_method = BearerTokenList.get_by_access_token BearerTokenList.get_by_access_token = staticmethod(_raise_exception) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'unexpected_exception'}.items()), response_content) time.sleep(180) BearerTokenList.get_by_access_token = staticmethod(original_method) time.sleep(expiry) request = self.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header) response = MetadataView.as_view()(request) response_content = json.loads(response.content) self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'token_expired'}.items()), response_content)