Exemplo n.º 1
0
def test_auth(client):
    """
    Test the Taskcluster authentication
    """
    # Test non authenticated endpoint
    resp = client.get('/')
    assert resp.status_code in (200, 302)

    # Test authenticated endpoint without header
    resp = client.get('/test-login')
    assert resp.status_code == 401

    # Test authenticated endpoint with header
    ext_data = {
        'scopes': [
            'project/test/*',
        ],
    }
    client_id = 'test/[email protected]'
    header = build_header(client_id, ext_data)
    resp = client.get('/test-login', headers=[('Authorization', header)])
    assert resp.status_code == 200
    data = json.loads(resp.data.decode('utf-8'))
    assert data['auth']
    assert data['user'] == client_id
    assert data['scopes'] == ext_data['scopes']
Exemplo n.º 2
0
def hawk_header(scopes):
    """"
    Helper to build an Hawk header
    for a set of TC scopes
    """
    client_id = 'test/[email protected]'
    ext_data = {
        'scopes': scopes,
    }
    return build_header(client_id, ext_data)
Exemplo n.º 3
0
def test_scopes_invalid(client):
    """
    Test the Taskcluster required scopes
    """
    client_id = "test/[email protected]"

    # Missing a scope to validate test
    ext_data = {"scopes": ["project/test/A", "project/test/C"]}
    header = build_header(client_id, ext_data)
    resp = client.get("/test-scopes", headers=[("Authorization", header)])
    assert resp.status_code == 401
Exemplo n.º 4
0
def test_scopes_admin(client):
    """
    Test the Taskcluster required scopes
    """
    client_id = 'test/[email protected]'

    # Validate with admin scopes
    ext_data = {'scopes': ['project/another/*', 'project/test-admin/*']}
    header = build_header(client_id, ext_data)
    resp = client.get('/test-scopes', headers=[('Authorization', header)])
    assert resp.status_code == 200
    assert resp.data == b'Your scopes are ok.'
Exemplo n.º 5
0
def test_scopes_admin(client):
    """
    Test the Taskcluster required scopes
    """
    client_id = "test/[email protected]"

    # Validate with admin scopes
    ext_data = {"scopes": ["project/another/*", "project/test-admin/*"]}
    header = build_header(client_id, ext_data)
    resp = client.get("/test-scopes", headers=[("Authorization", header)])
    assert resp.status_code == 200
    assert resp.data == b"Your scopes are ok."
Exemplo n.º 6
0
def test_scopes_invalid(client):
    """
    Test the Taskcluster required scopes
    """
    client_id = 'test/[email protected]'

    # Missing a scope to validate test
    ext_data = {
        'scopes': [
            'project/test/A',
            'project/test/C',
        ],
    }
    header = build_header(client_id, ext_data)
    resp = client.get('/test-scopes', headers=[('Authorization', header)])
    assert resp.status_code == 401
Exemplo n.º 7
0
def test_auth(client):
    """
    Test the Taskcluster authentication
    """
    # Test non authenticated endpoint
    resp = client.get("/")
    assert resp.status_code in (200, 302)

    # Test authenticated endpoint without header
    resp = client.get("/test-login")
    assert resp.status_code == 401

    # Test authenticated endpoint with header
    ext_data = {"scopes": ["project/test/*"]}
    client_id = "test/[email protected]"
    header = build_header(client_id, ext_data)
    resp = client.get("/test-login", headers=[("Authorization", header)])
    assert resp.status_code == 200
    data = json.loads(resp.data.decode("utf-8"))
    assert data["auth"]
    assert data["user"] == client_id
    assert data["scopes"] == ext_data["scopes"]