def test_authenticated_userid_passes_token_to_extractor_functions(jwt, api_token): api_token.return_value = None jwt.return_value = None request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'}) tokens.authenticated_userid(request) api_token.assert_called_once_with('f00ba12') jwt.assert_called_once_with('f00ba12', request)
def unauthenticated_userid(self, request): if _is_api_request(request): # We can't really get an "unauthenticated" userid for an API # request. We have to actually go and decode/look up the tokens and # get what is effectively an authenticated userid. return tokens.authenticated_userid(request) return self.session_policy.unauthenticated_userid(request)
def test_authenticated_userid_returns_none_if_neither_token_valid(jwt, api_token): api_token.return_value = None jwt.return_value = None request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'}) result = tokens.authenticated_userid(request) assert result is None
def test_authenticated_userid_returns_userid_from_jwt_as_fallback(jwt, api_token): api_token.return_value = None jwt.return_value = 'acct:[email protected]' request = DummyRequest(headers={'Authorization': 'Bearer f00ba12'}) result = tokens.authenticated_userid(request) assert result == 'acct:[email protected]'
def test_authenticated_userid_is_none_if_header_incorrectly_formatted(value): request = DummyRequest(headers={'Authorization': value}) assert tokens.authenticated_userid(request) is None
def test_authenticated_userid_is_none_if_header_missing(): request = DummyRequest() assert tokens.authenticated_userid(request) is None
def authenticated_userid(self, request): if _is_api_request(request): return tokens.authenticated_userid(request) return self.session_policy.authenticated_userid(request)