def test_process_request_invalid_cookie(self): request = Mock() request.COOKIES = { FEATURE_FLAG_COOKIE_NAME: 1, } request.get_signed_cookie.side_effect = ValueError assert self.middleware.process_request(request) is None assert request.{{ cookiecutter.project_name }}_feature_flags == set() request.get_signed_cookie.assert_called_once_with(FEATURE_FLAG_COOKIE_NAME)
def test_process_request_valid_cookie(self): request = Mock() request.COOKIES = { FEATURE_FLAG_COOKIE_NAME: 1, } request.get_signed_cookie.return_value = 1 assert self.middleware.process_request(request) is None assert request.{{ cookiecutter.project_name }}_feature_flags == {FeatureFlag.EXAMPLE_FEATURE} request.get_signed_cookie.assert_called_once_with(FEATURE_FLAG_COOKIE_NAME)
def test_process_request_invalid_cookie(self): request = Mock() request.COOKIES = { FEATURE_FLAG_COOKIE_NAME: 1, } request.get_signed_cookie.side_effect = ValueError assert self.middleware.process_request(request) is None assert request.ocw_studio_feature_flags == set() request.get_signed_cookie.assert_called_once_with( FEATURE_FLAG_COOKIE_NAME)
def test_token_from_cookie(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): 'this-is-access-token', RidiOAuth2Config.get_refresh_token_cookie_key(): 'this-is-refresh-token' } token = get_token_from_cookie(request=request) self.assertEqual(token.access_token.token, 'this-is-access-token') self.assertEqual(token.refresh_token.token, 'this-is-refresh-token')
def test_login_and_loose_token(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): self.loose_token, } response = self.middleware.process_request(request=request) self.assertIsNone(response, HttpUnauthorizedResponse) self.assertIsInstance(request.user, AnonymousUser) self.assertFalse(request.user.is_authenticated)
def test_cookie_monitoring_no_cookies(self, mock_set_custom_attribute, mock_capture_cookie_sizes): mock_capture_cookie_sizes.is_enabled.return_value = True middleware = CookieMonitoringMiddleware() mock_request = Mock() mock_request.COOKIES = {} middleware.process_request(mock_request) mock_set_custom_attribute.assert_has_calls([call('cookies_total_size', 0)], any_order=True)
def test_login_and_not_expire(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): self.valid_token, } response = self.middleware.process_request(request=request) self.assertIsNone(response) self.assertTrue(request.user.is_authenticated) self.assertIsInstance(request.user, get_user_model()) self.assertEqual(request.user.u_idx, request.user.token_info.u_idx)
def test_process_request_valid_cookie(self): request = Mock() request.COOKIES = { FEATURE_FLAG_COOKIE_NAME: 1, } request.get_signed_cookie.return_value = 1 assert self.middleware.process_request(request) is None assert request.course_catalog_feature_flags == { FeatureFlag.EXAMPLE_FEATURE } request.get_signed_cookie.assert_called_once_with( FEATURE_FLAG_COOKIE_NAME)
def test_login(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): jwt.encode(payload=self.jwt_payload, key='dummy_jwt_secret').decode(), } self.middleware.process_request(request) response = self.dummy_view(None, request) self.assertIsInstance(response, HttpResponse) self.assertEqual(response.status_code, 200) self.assertEqual(response.content.decode(), 'success')
def test_cookie_monitoring(self, mock_set_custom_attribute, mock_capture_cookie_sizes): mock_capture_cookie_sizes.is_enabled.return_value = True middleware = CookieMonitoringMiddleware() mock_request = Mock() mock_request.COOKIES = { "a": "." * 100, "_b": "." * 13, "_c_": "." * 13, "a.b": "." * 10, "a.c": "." * 10, "b.": "." * 13, "b_a": "." * 15, "b_c": "." * 15, "d": "." * 3, } middleware.process_request(mock_request) mock_set_custom_attribute.assert_has_calls([ call('cookies.1.name', 'a'), call('cookies.1.size', 100), call('cookies.2.name', 'b_a'), call('cookies.2.size', 15), call('cookies.3.name', 'b_c'), call('cookies.3.size', 15), call('cookies.4.name', '_b'), call('cookies.4.size', 13), call('cookies.5.name', '_c_'), call('cookies.5.size', 13), call('cookies.6.name', 'b.'), call('cookies.6.size', 13), call('cookies.7.name', 'a.b'), call('cookies.7.size', 10), call('cookies.8.name', 'a.c'), call('cookies.8.size', 10), call('cookies.group.1.name', 'b'), call('cookies.group.1.size', 43), call('cookies.group.2.name', 'a'), call('cookies.group.2.size', 20), call('cookies.max.name', 'a'), call('cookies.max.size', 100), call('cookies.max.group.name', 'a'), call('cookies.max.group.size', 100), call('cookies_total_size', 192), call('cookies_unaccounted_size', 3), call('cookies_total_num', 9), ], any_order=True)
def test_not_exists_token_info(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): jwt.encode(payload=self.jwt_payload, key='dummy_jwt_secret').decode(), } self.middleware.process_request(request) del request.user.token_info response1 = self.dummy_view(None, request) self.assertIsNone(getattr(request.user, 'token_info', None)) self.assertIsInstance(response1, HttpUnauthorizedResponse) self.assertEqual(response1.status_code, 401)
def test_restriction_scope_with_custom_response(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): jwt.encode(payload=self.jwt_loose_payload, key='dummy_jwt_secret').decode(), } self.middleware.process_request(request) response = self.dummy_view_with_custom_response(None, request) self.assertIn('user_info', request.user.token_info.scope) self.assertIsInstance(response, HttpResponse) self.assertEqual(response.content, b'tetete') self.assertEqual(response.status_code, 200)
def _build_request( self, method: str, path: str, data: Dict, request_params: Any ) -> Mock: request = Mock() request.method = method request.path = path request.body = "" request.COOKIES = {} request._dont_enforce_csrf_checks = True request.is_secure.return_value = False request.build_absolute_uri = build_absolute_uri if "user" not in request_params: request.user.is_authenticated = False request.META = request_params.pop("META", {}) request.FILES = request_params.pop("FILES", {}) request.META.update( dict( [ (f"HTTP_{k.replace('-', '_')}", v) for k, v in request_params.pop("headers", {}).items() ] ) ) if django.VERSION[:2] > (2, 1): from django.http.request import HttpHeaders request.headers = HttpHeaders(request.META) if isinstance(data, QueryDict): request.POST = data else: request.POST = QueryDict(mutable=True) for k, v in data.items(): request.POST[k] = v if "?" in path: request.GET = QueryDict(path.split("?")[1]) else: request.GET = QueryDict() for k, v in request_params.items(): setattr(request, k, v) return request
def prepare_request_mock( self, data=None, referer='http://localhost/user_with_workspaces/public-workspace', user=None, extra_headers={}, GET=''): request = Mock() request.get_host.return_value = 'localhost' GET_PARAMETERS = parse_qsl(GET) request.GET = MagicMock() request.GET.__len__.side_effect = lambda: len(GET_PARAMETERS) request.GET.__getitem__.side_effect = lambda key: GET_PARAMETERS[key] request.GET.urlencode.side_effect = lambda: GET request.COOKIES = { settings.SESSION_COOKIE_NAME: 'test', } request.META = { 'HTTP_ACCEPT': 'application/json', 'SERVER_PROTOCOL': 'http', 'REMOTE_ADDR': '127.0.0.1', 'HTTP_HOST': 'localhost', 'HTTP_REFERER': referer, } if data is not None: request.method = 'POST' data = data.encode('utf-8') request.META['content_type'] = 'application/json' request.META['content_length'] = len(data) request.read.return_value = data else: request.method = 'GET' request.META['HTTP_FIWARE_OAUTH_TOKEN'] = 'true' request.META.update(extra_headers) if user is None: request.user = self.admin_mock else: request.user = user return request
def test_restriction_scope(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): jwt.encode(payload=self.jwt_loose_payload, key='dummy_jwt_secret').decode(), } self.middleware.process_request(request) response1 = self.dummy_view1(None, request) response2 = self.dummy_view2(None, request) self.assertIn('user_info', request.user.token_info.scope) self.assertIsInstance(response1, HttpResponse) self.assertEqual(response1.status_code, 200) self.assertEqual(response1.content.decode(), 'success1') self.assertIsInstance(response2, HttpResponseForbidden) self.assertEqual(response2.status_code, 403)
def test_cookie_monitoring_no_groups(self, mock_set_custom_attribute, mock_capture_cookie_sizes): mock_capture_cookie_sizes.is_enabled.return_value = True middleware = CookieMonitoringMiddleware() mock_request = Mock() mock_request.COOKIES = { "a": "." * 10, "b": "." * 15, } middleware.process_request(mock_request) mock_set_custom_attribute.assert_has_calls([ call('cookies.max.name', 'b'), call('cookies.max.size', 15), call('cookies.1.name', 'b'), call('cookies.1.size', 15), call('cookies.2.name', 'a'), call('cookies.2.size', 10), call('cookies_total_size', 25), ], any_order=True)
def test_all_scope(self): request = Mock() request.COOKIES = { RidiOAuth2Config.get_access_token_cookie_key(): jwt.encode(self.jwt_payload, self.private_key, algorithm='RS256', headers=self.headers).decode(), } with requests_mock.Mocker() as m: m.get( RidiOAuth2Config.get_key_url(), text=json.dumps({ 'keys': [{ 'kid': 'RS999', "alg": "RS256", "kty": "RSA", "use": "sig", "n": "1rL5PCEv2PaAASaGldzfnlo0MiMCglC-eFxYHgUfa6a7qJhjo0QX8LeAelBlQpMCAMVGX33jUJ2FCCP_QDk3NIu74AgP7F3Z7IdmVvOfkt2myF1n3ZDyCHKdyi7MnOBtHIQCqQRGZ4XH2Ss5bmg_FuplBFT82e14UVmZx4kP-HwDjaSpvYHoTr3b5j20Ebx7aIy_SVrWeY0wxeAdFf-EOuEBQ-QIIe5Npd49gzq4CGHeNJlPQjs0EjMZFtPutCrIRSoEaLwccKQEIHcMSbsBLCJIJ5OuTmtK2WaSh7VYCrJsCbPh5tYKF6akN7TSOtDwGQVKwJjjOsxkPdYXNoAnIQ==", "e": "AQAB", }] })) self.middleware.process_request(request=request) response1 = self.dummy_view1(None, request) response2 = self.dummy_view2(None, request) self.assertIn('all', request.user.token_info.scope) self.assertIsInstance(response1, HttpResponse) self.assertEqual(response1.status_code, 200) self.assertEqual(response1.content.decode(), 'success1') self.assertIsInstance(response2, HttpResponse) self.assertEqual(response2.status_code, 200) self.assertEqual(response2.content.decode(), 'success2')
def test_not_login(self): request = Mock() request.COOKIES = {} with requests_mock.Mocker() as m: m.get( RidiOAuth2Config.get_key_url(), text=json.dumps({ 'keys': [{ 'kid': 'RS999', "alg": "RS256", "kty": "RSA", "use": "sig", "n": "1rL5PCEv2PaAASaGldzfnlo0MiMCglC-eFxYHgUfa6a7qJhjo0QX8LeAelBlQpMCAMVGX33jUJ2FCCP_QDk3NIu74AgP7F3Z7IdmVvOfkt2myF1n3ZDyCHKdyi7MnOBtHIQCqQRGZ4XH2Ss5bmg_FuplBFT82e14UVmZx4kP-HwDjaSpvYHoTr3b5j20Ebx7aIy_SVrWeY0wxeAdFf-EOuEBQ-QIIe5Npd49gzq4CGHeNJlPQjs0EjMZFtPutCrIRSoEaLwccKQEIHcMSbsBLCJIJ5OuTmtK2WaSh7VYCrJsCbPh5tYKF6akN7TSOtDwGQVKwJjjOsxkPdYXNoAnIQ==", "e": "AQAB", }] })) response = self.middleware.process_request(request=request) self.assertIsNone(response) self.assertFalse(request.user.is_authenticated) self.assertIsInstance(request.user, AnonymousUser)
def _build_request(self, method: str, path: str, data: dict, request_params: dict): request = Mock() request.method = method request.path = path request.body = "" request.COOKIES = {} if "user" not in request_params: request.user.is_authenticated = False request.META = request_params.pop("META", {}) request.META.update( dict([(f"HTTP_{k}", v) for k, v in request_params.pop("headers", {}).items()])) if django.VERSION[:2] > (2, 1): from django.http.request import HttpHeaders request.headers = HttpHeaders(request.META) if isinstance(data, QueryDict): request.POST = data else: request.POST = QueryDict(mutable=True) for k, v in data.items(): request.POST[k] = v if "?" in path: request.GET = QueryDict(path.split("?")[1]) else: request.GET = QueryDict() for k, v in request_params.items(): setattr(request, k, v) return request
def test_process_request_no_cookie(self): request = Mock() request.COOKIES = {} assert self.middleware.process_request(request) is None request.get_signed_cookie.assert_not_called() assert request.{{ cookiecutter.project_name }}_feature_flags == set()
def test_process_request_no_cookie(self): request = Mock() request.COOKIES = {} assert self.middleware.process_request(request) is None request.get_signed_cookie.assert_not_called() assert request.course_catalog_feature_flags == set()