def test_verify_oauth_scopes_remote(monkeypatch): tokeninfo = dict(uid="foo", scope="scope1 scope2") def get_tokeninfo_response(*args, **kwargs): tokeninfo_response = requests.Response() tokeninfo_response.status_code = requests.codes.ok tokeninfo_response._content = json.dumps(tokeninfo).encode() return tokeninfo_response token_info_func = get_tokeninfo_func({'x-tokenInfoUrl': 'https://example.org/tokeninfo'}) wrapped_func = verify_oauth(token_info_func, validate_scope) request = MagicMock() request.headers = {"Authorization": "Bearer 123"} session = MagicMock() session.get = get_tokeninfo_response monkeypatch.setattr('connexion.decorators.security.session', session) with pytest.raises(OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request, ['admin']) tokeninfo["scope"] += " admin" assert wrapped_func(request, ['admin']) is not None tokeninfo["scope"] = ["foo", "bar"] with pytest.raises(OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request, ['admin']) tokeninfo["scope"].append("admin") assert wrapped_func(request, ['admin']) is not None
def test_verify_oauth_scopes_local(): tokeninfo = dict(uid="foo", scope="scope1 scope2") def token_info(token): return tokeninfo wrapped_func = verify_oauth(token_info, validate_scope) request = MagicMock() request.headers = {"Authorization": "Bearer 123"} with pytest.raises( OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request, ['admin']) tokeninfo["scope"] += " admin" assert wrapped_func(request, ['admin']) is not None tokeninfo["scope"] = ["foo", "bar"] with pytest.raises( OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request, ['admin']) tokeninfo["scope"].append("admin") assert wrapped_func(request, ['admin']) is not None
def test_verify_oauth_missing_auth_header(): def somefunc(token): return None wrapped_func = verify_oauth(somefunc, validate_scope) request = MagicMock() request.headers = {} assert wrapped_func(request, ['admin']) is None
def test_verify_oauth_invalid_local_token_response_none(): def somefunc(token): return None wrapped_func = verify_oauth(somefunc, validate_scope) request = MagicMock() request.headers = {"Authorization": "Bearer 123"} with pytest.raises(OAuthResponseProblem): wrapped_func(request, ['admin'])
def test_verify_oauth_invalid_auth_header(monkeypatch): def func(): pass wrapped_func = verify_oauth('https://example.org/tokeninfo', set(['admin']), func) request = MagicMock() app = MagicMock() monkeypatch.setattr('flask.current_app', app) with pytest.raises(OAuthProblem): wrapped_func(request)
def test_verify_oauth_invalid_auth_header(monkeypatch): def func(): pass wrapped_func = verify_oauth('https://example.org/tokeninfo', set(['admin']), func) request = MagicMock() app = MagicMock() monkeypatch.setattr('connexion.decorators.security.request', request) monkeypatch.setattr('flask.current_app', app) resp = wrapped_func() assert resp == problem(401, 'Unauthorized', 'Invalid authorization header')
def test_verify_oauth_invalid_auth_header(monkeypatch): def func(): pass wrapped_func = verify_oauth('https://example.org/tokeninfo', set(['admin']), func) request = MagicMock() app = MagicMock() monkeypatch.setattr('flask.current_app', app) with pytest.raises(OAuthProblem) as exc_info: wrapped_func(MagicMock())
def test_verify_oauth_scopes_local(): tokeninfo = dict(uid="foo", scope="scope1 scope2") def token_info(token): return tokeninfo wrapped_func = verify_oauth(token_info, validate_scope) request = MagicMock() request.headers = {"Authorization": "Bearer 123"} with pytest.raises(OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request, ['admin']) tokeninfo["scope"] += " admin" assert wrapped_func(request, ['admin']) is not None tokeninfo["scope"] = ["foo", "bar"] with pytest.raises(OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request, ['admin']) tokeninfo["scope"].append("admin") assert wrapped_func(request, ['admin']) is not None
def test_verify_oauth_scopes(monkeypatch): tokeninfo = dict(uid="foo", scope="scope1 scope2") def get_tokeninfo_response(*args, **kwargs): tokeninfo_response = requests.Response() tokeninfo_response.status_code = requests.codes.ok tokeninfo_response._content = json.dumps(tokeninfo).encode() return tokeninfo_response def func(request): pass wrapped_func = verify_oauth('https://example.org/tokeninfo', set(['admin']), func) request = MagicMock() request.headers = {} request.headers["Authorization"] = "Bearer 123" app = MagicMock() monkeypatch.setattr('flask.current_app', app) session = MagicMock() session.get = get_tokeninfo_response monkeypatch.setattr('connexion.decorators.security.session', session) with pytest.raises(OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request) tokeninfo["scope"] += " admin" wrapped_func(request) tokeninfo["scope"] = ["foo", "bar"] with pytest.raises(OAuthScopeProblem, message="Provided token doesn't have the required scope"): wrapped_func(request) tokeninfo["scope"].append("admin") wrapped_func(request)