def test_get_request_without_portal_access(self): request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key}) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_without_portal_parameters(self): request = self.factory.get(reverse("lizard_auth_server.jwt"), ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_without_portal_parameters(self): request = self.factory.get(reverse("lizard_auth_server.jwt")) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_as_anonymous_user(self): request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key}) request.user = AnonymousUser() response = JWTView.as_view()(request) expected_status_code = 302 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) expected_url = reverse("django.contrib.auth.views.login") self.assertTrue(response.url.startswith(expected_url))
def test_get_request_with_invalid_portal_parameter(self): random_sso_key = GenKey("Portal", "sso_key") request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": random_sso_key}) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_invalid_next_parameter(self): request = self.factory.get( reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key, "next": fake.uri_path()} ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_redirect_response(self): next_ = fake.url() request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key, "next": next_}) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 302 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) self.assertTrue(JWTView.is_url(response.url)) self.assertTrue(response.url.startswith(next_)) self.assertTrue("access_token=" in response.url)
def test_get_request_without_portal_access(self): request = self.factory.get( reverse("lizard_auth_server.jwt"), { "portal": self.portal.sso_key, }, ) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_as_anonymous_user(self): request = self.factory.get( reverse("lizard_auth_server.jwt"), { "portal": self.portal.sso_key, }, ) request.user = AnonymousUser() response = JWTView.as_view()(request) expected_status_code = 302 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) expected_url = reverse("login") self.assertTrue(response.url.startswith(expected_url))
def test_get_request_with_invalid_portal_parameter(self): random_sso_key = GenKey("Portal", "sso_key") request = self.factory.get( reverse("lizard_auth_server.jwt"), { "portal": random_sso_key, }, ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_invalid_next_parameter(self): request = self.factory.get( reverse("lizard_auth_server.jwt"), { "portal": self.portal.sso_key, "next": fake.uri_path(), }, ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 400 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_text_response(self): request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key}) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 200 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) expected_content_type = "text/plain" actual_content_type = response.get("Content-Type") self.assertEqual(expected_content_type, actual_content_type) token = response.content payload = jwt.decode(token, self.portal.sso_secret) self.assertTrue(payload["username"] == self.user.username) self.assertTrue("exp" in payload)
def test_get_request_with_redirect_response(self): next_ = fake.url() request = self.factory.get( reverse("lizard_auth_server.jwt"), { "portal": self.portal.sso_key, "next": next_, }, ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 302 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) self.assertTrue(JWTView.is_url(response.url)) self.assertTrue(response.url.startswith(next_)) self.assertTrue("access_token=" in response.url)
def test_get_request_with_text_response(self): request = self.factory.get( reverse('lizard_auth_server.jwt'), { 'portal': self.portal.sso_key, }, ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 200 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) expected_content_type = 'text/plain' actual_content_type = response.get('Content-Type') self.assertEqual(expected_content_type, actual_content_type) token = response.content payload = jwt.decode(token, self.portal.sso_secret) self.assertTrue(payload['username'] == self.user.username) self.assertTrue('exp' in payload)
def test_get_request_with_text_response(self): request = self.factory.get( reverse("lizard_auth_server.jwt"), { "portal": self.portal.sso_key, }, ) self.user.user_profile.portals.add(self.portal) request.user = self.user response = JWTView.as_view()(request) expected_status_code = 200 actual_status_code = response.status_code self.assertEqual(expected_status_code, actual_status_code) expected_content_type = "text/plain" actual_content_type = response.get("Content-Type") self.assertEqual(expected_content_type, actual_content_type) token = response.content payload = jwt.decode(token, self.portal.sso_secret, algorithms=["HS256"]) self.assertTrue(payload["username"] == self.user.username) self.assertTrue("exp" in payload)