def test_trusted_client(self):
response = self.login_and_authorize(trusted=True)
# Check for valid redirect
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('oauth2:redirect'),
normpath(response['Location']))
def test_untrusted_client(self):
response = self.login_and_authorize(trusted=False)
# Check if consent form is being shown
form_action = 'action="{}"'.format(
normpath(reverse("oauth2:authorize")))
self.assertContains(response, form_action, status_code=200)
def get_new_access_token_response(self):
""" Get a new access token using the OAuth2 authorization flow. """
response = self.login_and_authorize(trusted=True)
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('oauth2:redirect'), normpath(response['Location']))
response = self.client.get(reverse('oauth2:redirect'))
self.assertEqual(302, response.status_code)
query = QueryDict(urlparse(response['Location']).query)
response = self.client.post(reverse('oauth2:access_token'), {
'grant_type': 'authorization_code',
'client_id': self.auth_client.client_id,
'client_secret': self.client_secret,
'code': query['code'],
})
return response
def get_new_access_token_response(self):
""" Get a new access token using the OAuth2 authorization flow. """
response = self.login_and_authorize(trusted=True)
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('oauth2:redirect'),
normpath(response['Location']))
response = self.client.get(reverse('oauth2:redirect'))
self.assertEqual(302, response.status_code)
query = QueryDict(urlparse(response['Location']).query)
response = self.client.post(
reverse('oauth2:access_token'), {
'grant_type': 'authorization_code',
'client_id': self.auth_client.client_id,
'client_secret': self.client_secret,
'code': query['code'],
})
return response
def get_access_token_response(self, scope=None, claims=None):
""" Get a new access token using the OAuth2 authorization flow. """
response = self.login_and_authorize(scope, claims, trusted=True)
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('oauth2:redirect'), normpath(response['Location']))
response = self.client.get(reverse('oauth2:redirect'))
self.assertEqual(302, response.status_code)
query = QueryDict(urlparse(response['Location']).query)
payload = {
'grant_type': 'authorization_code',
'client_id': self.auth_client.client_id,
'client_secret': self.client_secret,
'code': query['code'],
}
_add_values(payload, 'id_token', scope, claims)
response = self.client.post(reverse('oauth2:access_token'), payload)
return response
def get_access_token_response(self, scope=None, claims=None):
""" Get a new access token using the OAuth2 authorization flow. """
response = self.login_and_authorize(scope, claims, trusted=True)
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('oauth2:redirect'),
normpath(response['Location']))
response = self.client.get(reverse('oauth2:redirect'))
self.assertEqual(302, response.status_code)
query = QueryDict(urlparse(response['Location']).query)
payload = {
'grant_type': 'authorization_code',
'client_id': self.auth_client.client_id,
'client_secret': self.client_secret,
'code': query['code'],
}
_add_values(payload, 'id_token', scope, claims)
response = self.client.post(reverse('oauth2:access_token'), payload)
return response
def test_trusted_client(self):
response = self.login_and_authorize(trusted=True)
# Check for valid redirect
self.assertEqual(302, response.status_code)
self.assertEqual(reverse('oauth2:redirect'), normpath(response['Location']))
def test_untrusted_client(self):
response = self.login_and_authorize(trusted=False)
# Check if consent form is being shown
form_action = 'action="{}"'.format(normpath(reverse("oauth2:authorize")))
self.assertContains(response, form_action, status_code=200)
