def test_authentication_successful(self): """ Verify successful authentication message with valid access token """ headers = payload.get_oauth_headers(helper.getBase64Value()) data = payload.get_oauth_data() # Get bearer token using /oauth2/token response = self.session.post(self.base_url + '/oauth2/token', data=data, headers=headers) assert response.status_code == 200 LOGGER.info(response.text) parsed_response = json.loads(response.text) # Verify /statuses/user_timeline using access_token retrieved from above step oheaders = { 'Authorization': 'Bearer ' + parsed_response['access_token'], 'Accept-Encoding': 'application/gzip' } user_tline_resp = self.session.get( self.base_url + '/1.1/statuses/user_timeline.json?count=100&screen_name=twitterapi', headers=oheaders) assert user_tline_resp.status_code == 200
def test_unathorized_user_context_resource_using_appauth(self): """ Verify app only authentication gets error when try to access resources which needs user session. """ headers = payload.get_oauth_headers(helper.getBase64Value()) data = payload.get_oauth_data() # Get bearer token using /oauth2/token response = self.session.post(self.base_url + '/oauth2/token', data=data, headers=headers) assert response.status_code == 200 LOGGER.info(response.text) parsed_response = json.loads(response.text) # Verify /statuses/mentions_timeline using access_token retrieved from above step oheaders = { 'Authorization': 'Bearer ' + parsed_response['access_token'], 'Accept-Encoding': 'application/gzip' } user_tline_resp = self.session.get(self.base_url + '/1.1/statuses/mentions_timeline', headers=oheaders) assert user_tline_resp.status_code == 403 LOGGER.info(user_tline_resp.text) # Verify error message in response assert user_tline_resp.text.strip( "\n") == restricted_resource_user_err_msg
def test_oauth_invalid_url(self): """ Verify twitter oauth with invalid oauth url """ headers = payload.get_oauth_headers(helper.getBase64Value()) data = payload.get_oauth_data() # Get bearer token using /oauth2/token response = self.session.post(self.base_url + "/oauth2", data=data, headers=headers) assert response.status_code == 404
def test_oauth_without_content_type(self): """ Verify twitter oauth without content_type """ headers = payload.get_oauth_headers(helper.getBase64Value(), content_type="") # Get bearer token using /oauth2/token response = self.session.post(self.base_url + "/oauth2/token", headers=headers) # Verify error status code assert response.status_code == 403 LOGGER.info(response.status_code)
def test_oauth_without_grant_type(self): """ Verify twitter oauth without grant_type """ headers = payload.get_oauth_headers(helper.getBase64Value()) # Get bearer token using /oauth2/token response = self.session.post(self.base_url + "/oauth2/token", headers=headers) # Verify error status code and error message assert response.status_code == 403 LOGGER.info(response.status_code) parsed_response = json.loads(response.text) assert parsed_response["errors"][0]["message"] == \ grant_type_missing_err_msg
def test_oauth_with_invalid_creds(self): """ Verify twitter auth API returns error when passed invalid credentials. """ headers = payload.get_oauth_headers("invalid_creds") data = payload.get_oauth_data() response = self.session.post(self.base_url + "/oauth2/token", data=data, headers=headers) assert response.status_code == 403 LOGGER.info(response.text) # Assert error message for invalid credentials parsed_response = json.loads(response.text) assert parsed_response["errors"][0]["message"] == \ invalid_creds_err_msg
def test_oauth_without_authorization(self): """ Verify twitter oauth without authorization """ headers = payload.get_oauth_headers(helper.getBase64Value()) data = payload.get_oauth_data() headers.pop('Authorization', None) # Get bearer token using /oauth2/token response = self.session.post(self.base_url + "/oauth2/token", data=data, headers=headers) assert response.status_code == 403 LOGGER.info(response.text) # Verify error message in response parsed_response = json.loads(response.text) assert parsed_response["errors"][0]["message"] == \ invalid_creds_err_msg
def test_oauth_with_other_acc_consumer_key(self): """ Verify twitter auth API returns error when passed consumer key of one account and secret key of other account. """ headers = payload.get_oauth_headers( helper.getBase64Value( consumer_key=settings.api.other_acc_consumer_key)) data = payload.get_oauth_data() response = self.session.post(self.base_url + "/oauth2/token", data=data, headers=headers) assert response.status_code == 403 LOGGER.info(response.text) # Assert error message for invalid credentials parsed_response = json.loads(response.text) assert parsed_response["errors"][0]["message"] == \ invalid_creds_err_msg
def test_statuses_utline_rate_limit(self): """ Verify limit change in user timeline statuses after executing it 3 times. """ headers = payload.get_oauth_headers(helper.getBase64Value()) data = payload.get_oauth_data() # Get bearer token using /oauth2/token response = self.session.post(self.base_url + '/oauth2/token', data=data, headers=headers) assert response.status_code == 200 parsed_response = json.loads(response.text) # Hit /statuses/user_timeline 3 times to check if count changes oheaders = { 'Authorization': 'Bearer ' + parsed_response['access_token'], 'Accept-Encoding': 'application/gzip' } for x in range(0, 3): self.session.get( self.base_url + '/1.1/statuses/user_timeline.json?count=100&screen_name=twitterapi', headers=oheaders) time.sleep(5) # Get rate limit status for statuses resource user_rlimit_resp = self.session.get( self.base_url + '/1.1/application/rate_limit_status.json?resources=statuses', headers=oheaders) assert user_rlimit_resp.status_code == 200 parsed_rlimit_resp = json.loads(user_rlimit_resp.text) assert parsed_rlimit_resp['resources']['statuses']['/statuses/user_timeline']['remaining'] \ < USER_TIMELINE_LIMIT