def test_revoke_all(): global body global TUPLE global RS # test revoke-all (as provider) r = provider.get_token(body) access_token = r['response'] assert r['success'] is True assert None != access_token assert 60 * 60 * 2 == access_token['expires-in'] token = access_token['token'] if type(token) == TUPLE: token = token[0] s = token.split("/") assert len(s) == 3 assert s[0] == 'auth.iudx.org.in' r = provider.audit_tokens(100) assert r["success"] is True audit_report = r['response'] as_provider = audit_report["as-provider"] num_tokens = len(as_provider) assert num_tokens >= 1 for a in as_provider: if a["revoked"] is False and a['expired'] is False: cert_serial = a["certificate-serial-number"] cert_fingerprint = a["certificate-fingerprint"] break r = provider.revoke_all(cert_serial, cert_fingerprint) assert r["success"] is True assert r["response"]["num-tokens-revoked"] >= 1 r = provider.audit_tokens(100) assert r["success"] is True audit_report = r['response'] as_provider = audit_report["as-provider"] for a in as_provider: if a['certificate-serial-number'] == cert_serial and a[ 'certificate-fingerprint'] == cert_fingerprint: if a['expired'] is False: assert a['revoked'] is True
def test_revoke_with_token(): global body global TUPLE # test revoke API r = provider.get_token(body) access_token = r['response'] assert r['success'] is True assert None != access_token assert 60 * 60 * 2 == access_token['expires-in'] token = access_token['token'] if type(token) == TUPLE: token = token[0] s = token.split("/") assert len(s) == 3 assert s[0] == 'auth.iudx.org.in' r = provider.audit_tokens(5) assert r["success"] is True audit_report = r['response'] as_consumer = audit_report["as-consumer"] num_revoked_before = 0 for a in as_consumer: if a['revoked'] is True: num_revoked_before = num_revoked_before + 1 r = provider.revoke_tokens(token) assert r["success"] is True assert r["response"]["num-tokens-revoked"] >= 1 r = provider.audit_tokens(5) assert r["success"] is True audit_report = r['response'] as_consumer = audit_report["as-consumer"] num_revoked_after = 0 for a in as_consumer: if a['revoked'] is True: num_revoked_after = num_revoked_after + 1 assert num_revoked_before < num_revoked_after new_policy = "*@iisc.ac.in can access * for 1 month" assert provider.set_policy(new_policy)['success'] is True body = [{ "id": "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs1/r1", }, { "id": "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs1/r2" }] r = restricted_consumer.get_token(body) access_token = r['response'] assert r['success'] is True assert None != access_token assert r['response']['expires-in'] == 60 * 60 * 24 * 30 * 1 body = [{ "id": "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs1/r1", }, { "id": "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs2/r2" }] expect_failure(True) r = restricted_consumer.get_token(body) expect_failure(False) assert r['success'] is False assert r['status_code'] == 403 # new api tests new_policy = "*@iisc.ac.in can access * for 5 months" assert provider.set_policy(new_policy)['success'] is True body = [ "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs1/r1", "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs2/r2" ] r = consumer.get_token(body) assert r['success'] is True assert r['response']['expires-in'] == 60 * 60 * 24 * 30 * 5 body = "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs1/r1" r = consumer.get_token(body) assert r['success'] is True assert r['response']['expires-in'] == 60 * 60 * 24 * 30 * 5 body = { "id": "rbccps.org/9cf2c2382cf661fc20a4776345a3be7a143a109c/rs1/r1" } r = consumer.get_token(body) assert r['success'] is True assert r['response']['expires-in'] == 60 * 60 * 24 * 30 * 5
audit_report = r['response'] as_provider = audit_report["as-provider"] token_hash_found = False found = None for a in as_provider: if a['token-hash'] == token_hash: token_hash_found = True found = a break assert token_hash_found is True assert found['revoked'] is True # test revoke-all (as provider) r = provider.get_token(body) access_token = r['response'] assert r['success'] is True assert None != access_token assert 7200 == access_token['expires-in'] token = access_token['token'] if type(token) == TUPLE: token = token[0] s = token.split("/") assert len(s) == 3 assert s[0] == 'auth.iudx.org.in'