def test_valid_scope(self):
scopes = [
("aaa bbb ccc", ["aaa", "bbb", "ccc"]),
("aaa", ["aaa"]),
("aaa aaa", ["aaa"]),
("aaa aaa bbb", ["aaa", "bbb"]),
("bbb aaa ccc", ["aaa", "bbb", "ccc"]),
("aaa,bbb", ["aaa,bbb"]),
("aaa,bbb ccc", ["aaa,bbb", "ccc"]),
("", []),
]
form_data = dict(
grant_type="authorization_code", code="xxx", redirect_uri="http://example.com/", client_id="123"
)
for scope_arg, scope in scopes:
form_data["scope"] = scope_arg
form_class = make_token_form("authorization_code", required_fields=["scope"])
form = form_class(form_data)
self.assertTrue(form.is_valid(), "scope string %r should validate" % scope_arg)
self.assertEqual(
set(form.cleaned_data["scope"]),
set(scope),
"scope string %r should result "
"in scope set %r, not %r" % (scope_arg, scope, form.cleaned_data["scope"]),
)
def test_invalid_scope(self):
scopes = ["aaa bbb ccc", "aaa\\bbb", '"b"', "a\nc", "a\x00b"]
form_data = dict(
grant_type="authorization_code", code="xxx", redirect_uri="http://example.com/", client_id="123"
)
for scope_arg in scopes:
form_data["scope"] = scope_arg
form_class = make_token_form("authorization_code", required_fields=["scope"])
form = form_class(form_data)
self.assertFalse(form.is_valid(), "scope string %r should result in an error" % scope_arg)
self.assertIn("scope", form.errors)
