def test_should_not_refresh_without_refresh_token(self): authn = self.init_app() with self.app.test_request_context('/foo'): session = UserSession(flask.session, self.PROVIDER_NAME) session.update(expires_in=-10) assert authn.valid_access_token() is None
def test_initialising_session_with_new_provider_name_should_reset_session( self): storage = {} session1 = UserSession(storage, 'provider1') session1.update() assert session1.is_authenticated() is True session2 = UserSession(storage, 'provider2') assert session2.is_authenticated() is False
def test_should_not_refresh_access_token_without_expiry(self): authn = self.init_app() access_token = 'access_token' with self.app.test_request_context('/foo'): session = UserSession(flask.session, self.PROVIDER_NAME) session.update(access_token=access_token, refresh_token='refresh-token') assert authn.valid_access_token() == access_token
def test_initialising_session_with_existing_user_session_should_preserve_state( self): storage = {} session1 = UserSession(storage, self.PROVIDER_NAME) session1.update() assert session1.is_authenticated() is True assert session1.current_provider == self.PROVIDER_NAME session2 = UserSession(storage, self.PROVIDER_NAME) assert session2.is_authenticated() is True assert session2.current_provider == self.PROVIDER_NAME session3 = UserSession(storage) assert session3.is_authenticated() is True assert session3.current_provider == self.PROVIDER_NAME
def test_should_return_None_if_token_refresh_request_fails(self): token_endpoint = self.PROVIDER_BASEURL + '/token' authn = self.init_app( provider_metadata_extras={'token_endpoint': token_endpoint}) token_response = { 'error': 'invalid_grant', 'error_description': 'The refresh token is invalid' } responses.add(responses.POST, token_endpoint, json=token_response) access_token = 'access_token' with self.app.test_request_context('/foo'): session = UserSession(flask.session, self.PROVIDER_NAME) session.update(access_token=access_token, expires_in=-10, refresh_token='refresh-token') assert authn.valid_access_token(force_refresh=True) is None assert session.access_token == access_token
def test_should_refresh_expired_access_token(self): token_endpoint = self.PROVIDER_BASEURL + '/token' authn = self.init_app( provider_metadata_extras={'token_endpoint': token_endpoint}) token_response = { 'access_token': 'new-access-token', 'expires_in': 3600, 'token_type': 'Bearer', 'refresh_token': 'new-refresh-token' } responses.add(responses.POST, token_endpoint, json=token_response) with self.app.test_request_context('/foo'): session = UserSession(flask.session, self.PROVIDER_NAME) session.update(expires_in=-10, refresh_token='refresh-token') assert authn.valid_access_token() == token_response['access_token'] assert session.access_token == token_response['access_token'] assert session.refresh_token == token_response['refresh_token']
def login(): user_session = UserSession(session) user_session.update(access_token=user_session.access_token, id_token=user_session.id_token, userinfo=user_session.userinfo) return redirect(url_for('main.profile'))