def test_invalid_token_during_connect(db, patch_access_token_getter, account_with_single_auth_creds): account_id = account_with_single_auth_creds.id patch_access_token_getter.revoke_refresh_token( account_with_single_auth_creds.auth_credentials[0].refresh_token) account_with_single_auth_creds.verify_all_credentials() assert len(account_with_single_auth_creds.valid_auth_credentials) == 0 g_token_manager.clear_cache(account_with_single_auth_creds) # connect_account() takes an /expunged/ account object # that has the necessary relationships eager-loaded object_session(account_with_single_auth_creds).expunge( account_with_single_auth_creds) assert not object_session(account_with_single_auth_creds) account = db.session.query(GmailAccount).options( joinedload(GmailAccount.auth_credentials)).get( account_id) db.session.expunge(account) assert not object_session(account) g = GmailAuthHandler('gmail') with pytest.raises(OAuthError): g.connect_account(account) invalid_account = db.session.query(GmailAccount).get(account_id) for auth_creds in invalid_account.auth_credentials: assert not auth_creds.is_valid
def test_new_token_with_non_oauth_error( db, patch_access_token_getter, account_with_multiple_auth_creds): account = account_with_multiple_auth_creds refresh_token1 = account.auth_credentials[0].refresh_token refresh_token2 = account.auth_credentials[1].refresh_token g_token_manager.clear_cache(account) assert account.new_token(GOOGLE_EMAIL_SCOPE).value == ACCESS_TOKEN patch_access_token_getter.revoke_refresh_token(refresh_token1) patch_access_token_getter.force_connection_errors(refresh_token2) with pytest.raises(ConnectionError): g_token_manager.get_token(account, GOOGLE_EMAIL_SCOPE) db.session.refresh(account) assert len(account.valid_auth_credentials) == 1
def test_g_token_manager( db, patch_access_token_getter, account_with_multiple_auth_creds, account_with_single_auth_creds): account = account_with_multiple_auth_creds refresh_token1 = account.auth_credentials[0].refresh_token refresh_token2 = account.auth_credentials[1].refresh_token g_token_manager.clear_cache(account) # existing account w/ multiple credentials, all valid assert (g_token_manager.get_token(account, GOOGLE_EMAIL_SCOPE) == ACCESS_TOKEN) assert (g_token_manager.get_token(account, GOOGLE_CONTACTS_SCOPE) == ACCESS_TOKEN) assert (g_token_manager.get_token(account, GOOGLE_CALENDAR_SCOPE) == ACCESS_TOKEN) for auth_creds in account.auth_credentials: assert auth_creds.is_valid # existing account w/ multiple credentials: some valid patch_access_token_getter.revoke_refresh_token(refresh_token1) g_token_manager.clear_cache(account) with pytest.raises(OAuthError): g_token_manager.get_token(account, GOOGLE_CONTACTS_SCOPE) assert (g_token_manager.get_token(account, GOOGLE_EMAIL_SCOPE) == ACCESS_TOKEN) with pytest.raises(OAuthError): g_token_manager.get_token(account, GOOGLE_CALENDAR_SCOPE) # existing account w/ multiple credentials: all invalid patch_access_token_getter.revoke_refresh_token(refresh_token2) g_token_manager.clear_cache(account) with pytest.raises(OAuthError): g_token_manager.get_token(account, GOOGLE_EMAIL_SCOPE) with pytest.raises(OAuthError): g_token_manager.get_token(account, GOOGLE_CALENDAR_SCOPE) with pytest.raises(OAuthError): g_token_manager.get_token(account, GOOGLE_CONTACTS_SCOPE) db.session.refresh(account) for auth_creds in account.auth_credentials: assert not auth_creds.is_valid # existing account w/ one credential account = account_with_single_auth_creds g_token_manager.clear_cache(account) assert (g_token_manager.get_token(account, GOOGLE_EMAIL_SCOPE) == ACCESS_TOKEN) assert (g_token_manager.get_token(account, GOOGLE_CALENDAR_SCOPE) == ACCESS_TOKEN) with pytest.raises(OAuthError): g_token_manager.get_token(account, GOOGLE_CONTACTS_SCOPE)