def test_login_whenCalledWithValidCodeAndInvalidUsernameAndPassword_returns200WithFailureMessage(
self):
storage.hset('clients', 'test-1', '0123456789')
storage.set('sessions_0123456789012345',
json.dumps(self.session_content_1))
with mock.patch('requests.post',
side_effect=self.mocked_requests_post_failed
) as mock_getuserdetails:
# with mock.patch('ldap_authenticator.ldap_authenticator.verify_user') as mock_verifyuser:
# mock_verifyuser.return_value = {'success': False, 'claims': {'givenName': 'Test', 'sn': 'User',
# 'mail': '*****@*****.**'}}
returned_result = self.app.post('/login?code=0123456789012345',
data={
'username': '******',
'password': '******'
})
body = returned_result.data.decode('utf-8')
self.assertEqual(200, returned_result.status_code)
self.assertIn(
'Incorrect username and/or password entered, please try again.',
body)
def test_token_whenCalledWithExpiredCode_returns400InvalidGrant(self):
storage.hset('clients', 'test-1', '0123456789')
storage.set('sessions_0123456789012345',
json.dumps(self.session_content_1))
storage.expire('sessions_0123456789012345', 1)
time.sleep(2)
returned_result = self.app.post('/token',
data={
'client_id':
'test-1',
'client_secret':
'0123456789',
'code':
'0123456789012345',
'grant_type':
'authorization_code',
'redirect_uri':
'http://test.app/redirectpath'
})
self.assertEqual(400, returned_result.status_code)
body = returned_result.data.decode('utf-8')
error_dict = json.loads(body)
self.assertIn('error', error_dict)
self.assertEqual(error_dict['error'], 'invalid_grant')
def test_token_whenCalledWithUserThatDoesNotHaveAnEmployeeNumber_returns400InvalidGrant(
self):
storage.hset('clients', 'test-1', '0123456789')
session = self.session_content_1.copy()
del (session['claims']['id_number'])
storage.set('sessions_0123456789012345',
json.dumps(self.session_content_1))
returned_result = self.app.post('/token',
data={
'client_id':
'test-1',
'client_secret':
'0123456789',
'code':
'0123456789012345',
'grant_type':
'authorization_code',
'redirect_uri':
'http://test.app/redirectpath'
})
self.assertEqual(400, returned_result.status_code)
body = returned_result.data.decode('utf-8')
error_dict = json.loads(body)
self.assertIn('error', error_dict)
self.assertEqual(error_dict['error'], 'invalid_grant')
def test_loginAndToken_whenCalledWithValidCodeTwice_returns400InvalidRequest(
self):
storage.hset('clients', 'test-1', '0123456789')
storage.set('sessions_0123456789012345',
json.dumps(self.session_content_1))
with mock.patch('requests.post',
side_effect=self.mocked_requests_post_success
) as mock_getuserdetails:
returned_result = self.app.post('/login?code=0123456789012345',
data={
'username': '******',
'password': '******'
})
body = returned_result.data.decode('utf-8')
self.assertEqual(302, returned_result.status_code)
returned_result = self.app.post('/token',
data={
'client_id':
'test-1',
'client_secret':
'0123456789',
'code':
'0123456789012345',
'grant_type':
'authorization_code',
'redirect_uri':
'http://test.app/redirectpath'
})
self.assertEqual(200, returned_result.status_code)
returned_result = self.app.post('/token',
data={
'client_id':
'test-1',
'client_secret':
'0123456789',
'code':
'0123456789012345',
'grant_type':
'authorization_code',
'redirect_uri':
'http://test.app/redirectpath'
})
self.assertEqual(400, returned_result.status_code)
body = returned_result.data.decode('utf-8')
error_dict = json.loads(body)
self.assertIn('error', error_dict)
self.assertEqual(error_dict['error'], 'invalid_request')
def test_login_whenCalledWithValidCodeUsernameAndPassword_return302RedirectToClient(
self):
storage.hset('clients', 'test-1', '0123456789')
storage.set('sessions_0123456789012345',
json.dumps(self.session_content_1))
with mock.patch('requests.post',
side_effect=self.mocked_requests_post_success
) as mock_getuserdetails:
returned_result = self.app.post('/login?code=0123456789012345',
data={
'username': '******',
'password': '******'
})
self.assertEqual(302, returned_result.status_code)
def test_token_whenCalledWithValidCode_returnsValidToken(self):
storage.hset('clients', 'test-1', '0123456789')
storage.set('sessions_0123456789012345',
json.dumps(self.session_content_1))
returned_result = self.app.post('/token',
data={
'client_id':
'test-1',
'client_secret':
'0123456789',
'code':
'0123456789012345',
'grant_type':
'authorization_code',
'redirect_uri':
'http://test.app/redirectpath'
})
self.assertEqual(200, returned_result.status_code)
def subscribe(user_id):
if storage.set(user_id):
return 'Ты подписался на рассылку. Для отписки напиши /unsub'
else:
return 'Я очень польщен, но дважды подписаться на рассылку нельзя'
def _persist(self):
storage.set('sessions_%s' % self.code, json.dumps(self.__dict__))
storage.expire(
'sessions_%s' % self.code,
600) # 10 minutes - RFC 6749 4.1.2 max lifetime for a code
