def test_get_also_api_scopes_list(api_client):
foo_scope = ApiScopeFactory(api=ApiFactory(domain=ApiDomainFactory(
identifier='https://foo.com')))
with switch_language(foo_scope, 'fi'):
foo_scope.name = 'nimi'
foo_scope.description = 'kuvaus'
foo_scope.save()
bar_scope = ApiScopeFactory(api=ApiFactory(domain=ApiDomainFactory(
identifier='https://bar.com')))
response = api_client.get(LIST_URL)
assert response.status_code == 200
results = response.data['results']
assert len(results) == len(EXPECTED_OIDC_SCOPES) + 2
foo_scope_data = results[len(EXPECTED_OIDC_SCOPES) + 1]
bar_scope_data = results[len(EXPECTED_OIDC_SCOPES)]
assert foo_scope_data['id'] == foo_scope.identifier
assert bar_scope_data['id'] == bar_scope.identifier
assert foo_scope_data['name'] == {'en': foo_scope.name, 'fi': 'nimi'}
assert foo_scope_data['description'] == {
'en': foo_scope.description,
'fi': 'kuvaus'
}
def test_api_scopes_are_added_to_user_consent_after_authorization(
client, api_scope_in_request):
oidc_client = OIDCClientFactory(require_consent=True)
user = UserFactory()
client.force_login(user)
api = ApiFactory(required_scopes=['github_username'])
api_scope = ApiScopeFactory(api=api)
response = client.post(
reverse('authorize'), {
'client_id':
oidc_client.client_id,
'redirect_uri':
oidc_client.redirect_uris[0],
'scope':
'{} github_username'.format(api_scope.identifier)
if api_scope_in_request else api_scope.identifier,
'response_type':
'code',
'allow':
True,
})
assert response.status_code == 302
user_consent = UserConsent.objects.get(user=user, client=oidc_client)
assert 'github_username' in user_consent.scope
def test_api_scopes_are_shown_in_and_returned_from_consent_screen(client):
oidc_client = OIDCClientFactory(require_consent=True)
user = UserFactory()
client.force_login(user)
api = ApiFactory(required_scopes=['github_username'])
api_scope = ApiScopeFactory(api=api)
response = client.get(
reverse('authorize'), {
'client_id': oidc_client.client_id,
'redirect_uri': oidc_client.redirect_uris[0],
'scope': api_scope.identifier,
'response_type': 'code',
})
assert response.status_code == 200
content = response.content.decode('utf-8')
expected_scope = '{} github_username'.format(api_scope.identifier)
assert '<input name="scope" type="hidden" value="{}" />'.format(
expected_scope) in content
assert api_scope.name in content
assert api_scope.description in content
def test_get(user_api_client, endpoint, scope_included, service):
foo_scope = ApiScopeFactory(api=ApiFactory(domain=ApiDomainFactory(
identifier='https://foo.com')))
with switch_language(foo_scope, 'en'):
foo_scope.name = 'name'
foo_scope.description = 'description'
foo_scope.save()
with switch_language(foo_scope, 'fi'):
foo_scope.name = 'nimi'
foo_scope.description = 'kuvaus'
foo_scope.save()
user_consent = UserConsentFactory(user=user_api_client.user,
client=service.client,
scope=['email', foo_scope.identifier])
url = LIST_URL if endpoint == 'list' else get_detail_url(user_consent)
if scope_included:
url += '?include=scope'
response = user_api_client.get(url)
assert response.status_code == 200
if endpoint == 'list':
assert len(response.data['results']) == 1
user_consent_data = response.data['results'][0]
else:
user_consent_data = response.data
assert set(user_consent_data.keys()) == {
'id', 'date_given', 'expires_at', 'service', 'scopes'
}
assert parse_datetime(
user_consent_data['date_given']) == user_consent.date_given
assert parse_datetime(
user_consent_data['expires_at']) == user_consent.expires_at
assert user_consent_data['service'] == user_consent.client.service.id
if scope_included:
scope_data = user_consent_data['scopes']
assert len(scope_data) == 2
oidc_scope = scope_data[0]
api_scope = scope_data[1]
assert oidc_scope.keys() == {'id', 'name', 'description'}
assert oidc_scope['id'] == 'email'
assert oidc_scope['name'] == {
'fi': 'Sähköposti',
'sv': 'E-postadress',
'en': 'Email'
}
assert 'en' in oidc_scope['description']
assert api_scope.keys() == {'id', 'name', 'description'}
assert api_scope['id'] == foo_scope.identifier
assert api_scope['name'] == {'fi': 'nimi', 'en': 'name'}
assert api_scope['description'] == {
'fi': 'kuvaus',
'en': 'description'
}
else:
assert user_consent_data['scopes'] == user_consent.scope