def setUp(self): super().setUp() self.student = UserFactory.create(username='******') self.course_key = 'course-v1:testX+test101+2T2020' self.site = SiteFactory() self.site_configuration = SiteConfigurationFactory(site=self.site) ApplicationFactory.create(name='credentials') UserFactory.create(username=settings.CREDENTIALS_SERVICE_USERNAME) self.create_credentials_config() self.inverted_programs = {self.course_key: [{'uuid': 1}, {'uuid': 2}]}
def setUp(self): super().setUp() ApplicationFactory(name=CredentialsApiConfig.OAUTH2_CLIENT_NAME) self.credentials_config = self.create_credentials_config(cache_ttl=1) self.user = UserFactory()
def setUp(self): super(TestGetCredentials, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments ApplicationFactory(name=CredentialsApiConfig.OAUTH2_CLIENT_NAME) self.credentials_config = self.create_credentials_config(cache_ttl=1) self.user = UserFactory()
def test_oauth(self): """ Verify the endpoint supports authentication via OAuth 2.0. """ access_token = AccessTokenFactory( user=self.user, application=ApplicationFactory()).token headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token} self.client.logout() response = self.client.get(self.path, **headers) assert response.status_code == 200
def test_safe_redirect_oauth2(self, client_redirect_uri, redirect_url, host, expected_is_safe): """ Test safe redirect_url parameter when logging out OAuth2 client. """ application = ApplicationFactory(redirect_uris=client_redirect_uri) params = { 'client_id': application.client_id, 'redirect_url': redirect_url, } req = self.request.get('/logout?{}'.format(urlencode(params)), HTTP_HOST=host) actual_is_safe = is_safe_login_or_logout_redirect(req, redirect_url) self.assertEqual(actual_is_safe, expected_is_safe)
def test_safe_redirect_oauth2(self, client_redirect_uri, redirect_url, host, expected_is_safe): """ Test safe redirect_url parameter when logging out OAuth2 client. """ application = ApplicationFactory(redirect_uris=client_redirect_uri) params = { 'client_id': application.client_id, 'redirect_url': redirect_url, } req = self.request.get(f'/logout?{urlencode(params)}', HTTP_HOST=host) actual_is_safe = self._is_safe_redirect(req, redirect_url) assert actual_is_safe == expected_is_safe
def setUp(self): super(AwardCourseCertificatesTestCase, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments self.available_date = datetime.now(pytz.UTC) + timedelta(days=1) self.course = CourseOverviewFactory.create( self_paced= True, # Any option to allow the certificate to be viewable for the course certificate_available_date=self.available_date, ) self.student = UserFactory.create(username='******') # Instantiate the Certificate first so that the config doesn't execute issuance self.certificate = GeneratedCertificateFactory.create( user=self.student, mode='verified', course_id=self.course.id, status='downloadable') self.create_credentials_config() self.site = SiteFactory() ApplicationFactory.create(name='credentials') UserFactory.create(username=settings.CREDENTIALS_SERVICE_USERNAME)
def setUp(self): super().setUp() self.available_date = datetime.now(pytz.UTC) + timedelta(days=1) self.course = CourseOverviewFactory.create( self_paced=True, # Any option to allow the certificate to be viewable for the course certificate_available_date=self.available_date, certificates_display_behavior=CertificatesDisplayBehaviors.END_WITH_DATE ) self.student = UserFactory.create(username='******') # Instantiate the Certificate first so that the config doesn't execute issuance self.certificate = GeneratedCertificateFactory.create( user=self.student, mode='verified', course_id=self.course.id, status='downloadable' ) self.create_credentials_config() self.site = SiteFactory() ApplicationFactory.create(name='credentials') UserFactory.create(username=settings.CREDENTIALS_SERVICE_USERNAME)
def test_oauth(self): """ Verify the endpoint supports OAuth, and only allows authorization for staff users. """ user = UserFactory(is_staff=False) oauth_client = ApplicationFactory.create() access_token = AccessTokenFactory.create( user=user, application=oauth_client).token headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token} # Non-staff users should not have access to the API response = self.client.get(self.path, **headers) assert response.status_code == 403 # Staff users should have access to the API user.is_staff = True user.save() response = self.client.get(self.path, **headers) assert response.status_code == 200
def test_oauth_list(self, path_name): """ Verify the endpoints supports OAuth, and only allows authorization for staff users. """ path = reverse(path_name, kwargs={'course_key_string': self.course_str}) user = UserFactory(is_staff=False) oauth_client = ApplicationFactory.create() access_token = AccessTokenFactory.create( user=user, application=oauth_client).token headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token} # Non-staff users should not have access to the API response = self.client.get(path=path, **headers) self.assertEqual(response.status_code, 403) # Staff users should have access to the API user.is_staff = True user.save() response = self.client.get(path=path, **headers) self.assertEqual(response.status_code, 200)
def test_oauth_csv(self): """ Verify the endpoint supports OAuth, and only allows authorization for staff users. """ cohorts.add_cohort(self.course_key, "DEFAULT", "random") path = reverse('api_cohorts:cohort_users_csv', kwargs={'course_key_string': self.course_str}) user = UserFactory(is_staff=False) oauth_client = ApplicationFactory.create() access_token = AccessTokenFactory.create( user=user, application=oauth_client).token headers = {'HTTP_AUTHORIZATION': 'Bearer ' + access_token} # Non-staff users should not have access to the API response = self.client.post(path=path, **headers) assert response.status_code == 403 # Staff users should have access to the API user.is_staff = True user.save() response = self.client.post(path=path, **headers) assert response.status_code == 400
def create_user_and_access_token(self): self.user = GlobalStaffFactory.create() self.oauth_client = ApplicationFactory.create() self.access_token = AccessTokenFactory.create( user=self.user, application=self.oauth_client).token
def _create_oauth_client(self): """ Creates a trusted OAuth client. """ return ApplicationFactory( redirect_uris='https://www.example.com/logout/', skip_authorization=True)