def test_expired_access_token(self):
auth_mixin = AuthMixin()
auth_mixin.service_context = ServiceContextMock(config=dict(
Authentication=dict(Domain='xcube-dev.eu.auth0.com',
Audience='https://xcube-dev/api/')))
expired_token = \
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6" \
"Ik5VSkdSVUV5UWpNeE16UTVRVGMzTnpRM05URkNRa1ky" \
"TURGRE5qQkJSak5ETlRBeVFrWXdOUSJ9.eyJpc3MiOiJ" \
"odHRwczovL3hjdWJlLWRldi5ldS5hdXRoMC5jb20vIiw" \
"ic3ViIjoidzJOb0RFcnlJcE5SdEFRVkgxVG9VNlhUdXJ" \
"FNTQ5RldAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8veGN" \
"1YmUtZGV2L2FwaS8iLCJpYXQiOjE1Nzk0NTUxMDMsImV" \
"4cCI6MTU3OTU0MTUwMywiYXpwIjoidzJOb0RFcnlJcE5" \
"SdEFRVkgxVG9VNlhUdXJFNTQ5RlciLCJndHkiOiJjbGl" \
"lbnQtY3JlZGVudGlhbHMiLCJwZXJtaXNzaW9ucyI6W11" \
"9.NtGuVp0yY8foR_eFiEmH0eXvCx85cvb5b1cPWCKs6L" \
"CNniUJJ3VnX5Fek08puW7Jidy-tj1UTzyG569dSHGDu3" \
"10Mf7xpQ9gyfZCWcaohERxsv9MrxHziqfGVnxv051rOB" \
"_c-fYyymrFnlsIqWeahcS7znvPoMovPO7E8MxVaIqxd_" \
"S4zKVlH025F-bDvytuwXD-rFmYVElCg7u2uOZKqjpF3l" \
"ZCWc50_F1jSGcEQZv4daQJY-3lfU6TnEQAuGWlOVRrCN" \
"u05nlUBFPz6G82tB_nsP1uTa8uElOzoalVttXufLIeU0" \
"FL8Sv-lC6wUJTZAFpykLNmpA-vhkSeTqMv4g"
auth_mixin.request = RequestMock(
headers={'Authorization': f'Bearer {expired_token}'})
with self.assertRaises(ServiceAuthError) as cm:
auth_mixin.get_id_token()
self.assertEqual('HTTP 401: Token expired (Token is expired)',
f'{cm.exception}')
def test_missing_auth_config(self):
auth_mixin = AuthMixin()
auth_mixin.service_context = ServiceContextMock(config={})
auth_mixin.request = RequestMock(
headers={'Authorization': f'Bearer my_t0k3n'})
with self.assertRaises(ServiceAuthError) as cm:
auth_mixin.get_id_token(require_auth=True)
self.assertEqual(
'HTTP 401: Invalid header (Received access token, '
'but this server doesn\'t support authentication.)',
f'{cm.exception}')
def test_ok(self):
access_token = self._fetch_access_token()
auth_mixin = AuthMixin()
auth_mixin.service_context = ServiceContextMock(config=dict(
Authentication=dict(Domain='xcube-dev.eu.auth0.com',
Audience='https://xcube-dev/api/')))
auth_mixin.request = RequestMock(
headers={'Authorization': f'Bearer {access_token}'})
id_token = auth_mixin.get_id_token()
self.assertEqual('https://xcube-dev.eu.auth0.com/',
id_token.get('iss'))
self.assertEqual('https://xcube-dev/api/', id_token.get('aud'))
self.assertEqual('w2NoDEryIpNRtAQVH1ToU6XTurE549FW',
id_token.get('azp'))
self.assertEqual('client-credentials', id_token.get('gty'))
self.assertEqual('w2NoDEryIpNRtAQVH1ToU6XTurE549FW@clients',
id_token.get('sub'))
self.assertEqual(['read:datasets'], id_token.get('permissions'))
exp = id_token.get('exp')
iat = id_token.get('iat')
self.assertIsInstance(exp, int)
self.assertIsInstance(iat, int)
self.assertEqual(86400, exp - iat)
def test_missing_access_token(self):
auth_mixin = AuthMixin()
auth_mixin.request = RequestMock(headers={})
self.assertEqual(None, auth_mixin.get_id_token())
