def test_client_secret_basic(self):
self.clients[TEST_CLIENT_ID][
'token_endpoint_auth_method'] = 'client_secret_basic'
authz_header = self.create_basic_auth()
assert verify_client_authentication(self.clients,
self.token_request_args,
authz_header)
def test_public_client_no_auth(self):
del self.token_request_args['client_secret']
# public client
self.clients[TEST_CLIENT_ID]['token_endpoint_auth_method'] = 'none'
del self.clients[TEST_CLIENT_ID]['client_secret']
assert verify_client_authentication(self.clients,
self.token_request_args, None)
def test_invalid_userid_password(self):
with pytest.raises(InvalidClientAuthentication):
verify_client_authentication(self.clients, self.token_request_args,
'Basic invalid')
def test_invalid_authorization_scheme(self):
authz_header = self.create_basic_auth()
with pytest.raises(InvalidClientAuthentication):
verify_client_authentication(
self.clients, self.token_request_args,
authz_header.replace('Basic', 'invalid'))
def test_wrong_client_secret(self):
self.token_request_args['client_secret'] = 'foobar'
with pytest.raises(InvalidClientAuthentication):
verify_client_authentication(self.clients, self.token_request_args)
def test_unknown_client_id(self):
self.token_request_args['client_id'] = 'unknown'
with pytest.raises(InvalidClientAuthentication):
verify_client_authentication(self.clients, self.token_request_args)
def test_client_secret_post(self):
self.clients[TEST_CLIENT_ID][
'token_endpoint_auth_method'] = 'client_secret_post'
assert verify_client_authentication(self.clients,
self.token_request_args)
def test_wrong_authentication_method(self):
# do client_secret_basic, while client_secret_post is expected
authz_header = self.create_basic_auth()
with pytest.raises(InvalidClientAuthentication):
verify_client_authentication(self.clients, None, authz_header)
