def test_authenticate_oidc_100_single_implicit(requests_mock):
requests_mock.get(API_URL, json={"api_version": "1.0.0"})
client_id = "myclient"
requests_mock.get(API_URL + 'credentials/oidc',
json={
"providers": [{
"id": "fauth",
"issuer": "https://fauth.test",
"title": "Foo Auth",
"scopes": ["openid", "im"]
}]
})
oidc_mock = OidcMock(
requests_mock=requests_mock,
expected_grant_type="authorization_code",
expected_client_id=client_id,
expected_fields={"scope": "im openid"},
oidc_discovery_url=
"https://fauth.test/.well-known/openid-configuration",
scopes_supported=["openid", "im"],
)
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
conn.authenticate_OIDC(client_id=client_id,
webbrowser_open=oidc_mock.webbrowser_open)
assert isinstance(conn.auth, BearerAuth)
assert conn.auth.bearer == 'oidc/fauth/' + oidc_mock.state["access_token"]
def test_authenticate_oidc_100_multiple_wrong_id(requests_mock):
requests_mock.get(API_URL, json={"api_version": "1.0.0"})
client_id = "myclient"
requests_mock.get(API_URL + 'credentials/oidc',
json={
"providers": [
{
"id": "fauth",
"issuer": "https://fauth.test",
"title": "Foo Auth",
"scopes": ["openid", "w"]
},
{
"id": "bauth",
"issuer": "https://bauth.test",
"title": "Bar Auth",
"scopes": ["openid", "w"]
},
]
})
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
match = r"'lol' not available\. Should be one of \[('fauth', 'bauth'|'bauth', 'fauth')\]\."
with pytest.raises(OpenEoClientException, match=match):
conn.authenticate_OIDC(client_id=client_id,
provider_id="lol",
webbrowser_open=pytest.fail)
def test_authenticate_oidc_100_single_wrong_id(requests_mock):
requests_mock.get(API_URL, json={"api_version": "1.0.0"})
client_id = "myclient"
requests_mock.get(API_URL + 'credentials/oidc', json={
"providers": [{"id": "foidc", "issuer": "https://auth.foidc.net", "title": "FOIDC", "scopes": ["openid", "w"]}]
})
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
with pytest.raises(OpenEoClientException, match=r"'nopenope' not available\. Should be one of \['foidc'\]\."):
conn.authenticate_OIDC(client_id=client_id, provider_id="nopenope", webbrowser_open=pytest.fail)
def test_authenticate_oidc(oidc_test_setup):
# see test/rest/conftest.py for `oidc_test_setup` fixture
client_id = "myclient"
oidc_discovery_url = "https://oeo.net/credentials/oidc"
state, webbrowser_open = oidc_test_setup(
client_id=client_id, oidc_discovery_url=oidc_discovery_url)
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
conn.authenticate_OIDC(client_id=client_id,
webbrowser_open=webbrowser_open)
assert isinstance(conn.auth, BearerAuth)
assert conn.auth.bearer == state["access_token"]
def test_authenticate_oidc_100_multiple_no_id(requests_mock):
requests_mock.get(API_URL, json={"api_version": "1.0.0"})
client_id = "myclient"
requests_mock.get(API_URL + 'credentials/oidc', json={
"providers": [
{"id": "foidc", "issuer": "https://auth.foidc.net", "title": "FOIDC", "scopes": ["openid", "w"]},
{"id": "baroi", "issuer": "https://acco.baroi.net", "title": "BarOI", "scopes": ["openid", "w"]},
]
})
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
match = r"No provider_id given. Available: \[('foidc', 'baroi'|'baroi', 'foidc')\]\."
with pytest.raises(OpenEoClientException, match=match):
conn.authenticate_OIDC(client_id=client_id, webbrowser_open=pytest.fail)
def test_authenticate_oidc_040(requests_mock):
client_id = "myclient"
oidc_discovery_url = "https://oeo.test/credentials/oidc"
oidc_mock = OidcMock(requests_mock=requests_mock,
expected_grant_type="authorization_code",
expected_client_id=client_id,
expected_fields={"scope": "openid"},
oidc_discovery_url=oidc_discovery_url)
requests_mock.get(API_URL, json={"api_version": "0.4.0"})
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
conn.authenticate_OIDC(client_id=client_id,
webbrowser_open=oidc_mock.webbrowser_open)
assert isinstance(conn.auth, BearerAuth)
assert conn.auth.bearer == oidc_mock.state["access_token"]
def test_authenticate_oidc_100_multiple_success(requests_mock):
requests_mock.get(API_URL, json={"api_version": "1.0.0"})
client_id = "myclient"
requests_mock.get(API_URL + 'credentials/oidc', json={
"providers": [
{"id": "foidc", "issuer": "https://auth.foidc.net", "title": "FOIDC", "scopes": ["openid", "mu"]},
{"id": "baroi", "issuer": "https://acco.baroi.net", "title": "BarOI", "scopes": ["openid", "mu"]},
]
})
oidc_mock = OidcMock(
requests_mock=requests_mock,
expected_grant_type="authorization_code",
expected_client_id=client_id,
expected_fields={"scope": "mu openid"},
oidc_discovery_url="https://acco.baroi.net/.well-known/openid-configuration",
scopes_supported=["openid", "mu"],
)
# With all this set up, kick off the openid connect flow
conn = Connection(API_URL)
assert isinstance(conn.auth, NullAuth)
conn.authenticate_OIDC(client_id=client_id, provider_id="baroi", webbrowser_open=oidc_mock.webbrowser_open)
assert isinstance(conn.auth, BearerAuth)
assert conn.auth.bearer == 'oidc/baroi/' + oidc_mock.state["access_token"]