def test_twitter_login_registration(self, verify_credentials):
twitter_data = TWITTER_DATA.copy()
twitter_data["id"] = uuid.uuid4().hex
verify_credentials.return_value = type("U", (object,), {"AsDict": lambda s: twitter_data})()
with self.app.test_client() as client:
token_key, token_secret = "kkkkkkkk", "sssssss"
for registered in True, False:
r = client.post(
"/ws/login/external/",
headers=[get_client_auth_header()],
data=dict(external_system="twitter", external_token=token_key + ":" + token_secret),
)
self.assertEquals(200, r.status_code)
creds = json.loads(r.data)
self.assertEquals(creds["registered"], registered)
r = client.get(
creds["resource_url"], headers=[("Authorization", creds["token_type"] + " " + creds["access_token"])]
)
data = json.loads(r.data)
self.assertEquals(data["username"], TWITTER_DATA["screen_name"])
self.assertEquals(data["display_name"], TWITTER_DATA["name"])
self.assertTrue(data["avatar_thumbnail_url"])
token = ExternalToken.query.filter_by(user=creds["user_id"]).one()
self.assertEquals(token.external_uid, twitter_data["id"])
self.assertIn("read", token.permissions)
def test_facebook_login_registration(self, _get_external_data, get_new_token):
""" Registration and login is handled in the same view.
If a facebook token validates on their end, and we don't have a record
for it on our end, we register the user and return an access token.
If the user already exists on our system, we return and access token."""
data = FACEBOOK_GRAPH_DATA.copy()
data["id"] = uuid.uuid4().hex
_get_external_data.return_value = data
from rockpack.mainsite.services.oauth.api import FacebookUser
long_lived_fb_token = "fdsuioncf3w8ryl38yb7yfsfsdfsd4eius"
get_new_token.return_value = FacebookUser("facebook", long_lived_fb_token, 3600)
with self.app.test_client() as client:
self.app.test_request_context().push()
initial_fb_token = uuid.uuid4().hex
r = client.post(
"/ws/login/external/",
headers=[get_client_auth_header()],
data=dict(
external_system="facebook",
external_token=initial_fb_token,
token_expires=datetime.now().isoformat(),
),
)
creds = json.loads(r.data)
self.assertEquals(200, r.status_code)
self.assertNotEquals(None, creds["refresh_token"])
et = ExternalToken.query.filter_by(external_system="facebook", external_token=long_lived_fb_token)
self.assertEquals(1, et.count(), "should only be one token for user")
uid = et.one().user
self.assertEquals(User.query.get(uid).gender, "m")
# We pretend that the new token represents the same user,
# so we should still get a valid login
new_facebook_token = uuid.uuid4().hex
r = client.post(
"/ws/login/external/",
headers=[get_client_auth_header()],
data=dict(
external_system="facebook",
external_token=new_facebook_token,
token_expires=datetime.now().isoformat(),
),
)
self.assertEquals(200, r.status_code)
self.assertNotEquals(None, creds["refresh_token"])
et = ExternalToken.query.filter_by(user=uid)
self.assertEquals(1, et.count(), "should only be one token for user")
et = et.one()
self.assertEquals(long_lived_fb_token, et.external_token, "token should be updated")
def test_email_addresses(self):
with self.app.test_client() as client:
for email, status in [
(None, 400),
("", 400),
("foo", 400),
("foo@com", 400),
("*****@*****.**", 400),
("*****@*****.**", 400),
("[email protected].", 400),
("*****@*****.**", 200),
]:
username = uuid.uuid4().hex
r = client.post(
"/ws/register/",
headers=[get_client_auth_header()],
data=dict(
username=username,
password="******",
first_name="foo",
last_name="bar",
date_of_birth="1980-01-01",
locale="en-us",
email=email,
),
)
self.assertEquals(r.status_code, status, "%s: %d, %s" % (email, r.status_code, r.data))
def test_username_availability(self):
with self.app.test_client() as client:
self.app.test_request_context().push()
r = client.post(
"/ws/register/availability/",
headers=[get_client_auth_header()],
data=dict(username=UserData.test_user_a.username),
)
self.assertEquals(r.status_code, 200)
self.assertEquals(json.loads(r.data)["available"], False)
r = client.post(
"/ws/register/availability/",
headers=[get_client_auth_header()],
data=dict(username="******"),
)
self.assertEquals(r.status_code, 200)
self.assertEquals(json.loads(r.data)["available"], True)
def test_succesful_login(self, get_resource_url):
with self.app.test_client() as client:
r = client.post(
"/ws/login/",
headers=[get_client_auth_header()],
data=dict(grant_type="password", username="******", password="******"),
)
self.assertEquals(200, r.status_code)
get_resource_url.assert_called_with(own=True)
def test_invalid_external_system(self, _get_external_data):
_get_external_data.return_value = FACEBOOK_GRAPH_DATA
with self.app.test_client() as client:
facebook_token = uuid.uuid4().hex
r = client.post(
"/ws/login/external/",
headers=[get_client_auth_header()],
data=dict(external_system="PantsBake", external_token=facebook_token),
)
self.assertEquals(400, r.status_code)
def test_unauthorized_facebook_registration(self, _get_external_data):
_get_external_data.return_value = {}
with self.app.test_client() as client:
facebook_token = uuid.uuid4().hex
r = client.post(
"/ws/login/external/",
headers=[get_client_auth_header()],
data=dict(external_system="facebook", external_token=facebook_token),
)
error = json.loads(r.data)
self.assertEquals(400, r.status_code)
self.assertEquals("unauthorized_client", error["error"])
def test_naughty_username(self):
with self.app.test_client() as client:
for username, status in [("Scunthorpe", 200), ("HorIsACunt", 400)]:
r = client.post(
"/ws/register/",
headers=[get_client_auth_header()],
data=dict(
username=username,
password="******",
first_name="foo",
last_name="bar",
date_of_birth="2000-01-01",
locale="en-us",
email="*****@*****.**" % username,
),
)
self.assertEquals(status, r.status_code, r.data)
def test_failed_registration(self):
with self.app.test_client() as client:
r = client.post(
"/ws/register/",
headers=[get_client_auth_header()],
data=dict(
username="",
password="******",
first_name="foo",
last_name="bar",
date_of_birth="2000-01-01",
locale="en-us",
email="foo{}@bar.com".format(uuid.uuid4().hex),
),
)
response = json.loads(r.data)
self.assertEquals(response["form_errors"]["username"][0], "This field is required.")
def test_registration_gender(self, _get_external_data):
data = FACEBOOK_GRAPH_DATA.copy()
data["id"] = uuid.uuid4().hex
data["gender"] = "m"
_get_external_data.return_value = data
with self.app.test_client() as client:
facebook_token = uuid.uuid4().hex
r = client.post(
"/ws/login/external/",
headers=[get_client_auth_header()],
data=dict(
external_system="facebook", external_token=facebook_token, token_expires="2020-01-01T00:00:00"
),
)
creds = json.loads(r.data)
self.assertEquals(200, r.status_code)
self.assertIsNotNone(creds["refresh_token"])
user_gender = User.query.filter_by(id=creds["user_id"]).value("gender")
self.assertEquals(user_gender, data["gender"])
def test_birthdates(self):
with self.app.test_client() as client:
for dob, status in [
("1980-01-01", 200),
("1980-31-01", 400),
("1800-01-01", 400),
("2010-01-01", 400),
("2100-01-01", 400),
]:
username = uuid.uuid4().hex
r = client.post(
"/ws/register/",
headers=[get_client_auth_header()],
data=dict(
username=username,
password="******",
first_name="foo",
last_name="bar",
date_of_birth=dob,
locale="en-us",
email="*****@*****.**" % username,
),
)
self.assertEquals(r.status_code, status, "%s: %d, %s" % (dob, r.status_code, r.data))
def test_successful_registration(self):
viewing_user = self.create_test_user().id
with self.app.test_request_context():
with self.app.test_client() as client:
r = client.post(
"/ws/register/",
headers=[get_client_auth_header()],
data=dict(
username="******",
password="******",
first_name="foo",
last_name="bar",
date_of_birth="2000-01-01",
locale="en-us",
email="foo{}@bar.com".format(uuid.uuid4().hex),
),
)
creds = json.loads(r.data)
self.assertEquals(200, r.status_code)
self.assertNotEquals(None, creds["refresh_token"])
self.assertGreaterEqual(
Channel.query.filter_by(owner=creds["user_id"]).count(), 1, "default user channel should be created"
)
self.wait_for_es()
with self.app.test_client() as client:
r = client.get("/ws/{}/".format(creds["user_id"]), headers=[get_auth_header(viewing_user)])
self.assertGreaterEqual(json.loads(r.data)["channels"]["total"], 1)
creds = json.loads(r.data)
r = client.post(
"/ws/login/",
headers=[get_client_auth_header()],
data=dict(grant_type="password", username="******", password="******"),
)
creds = json.loads(r.data)
self.assertNotEquals(None, creds["refresh_token"])
r = client.post(
"/ws/token/",
headers=[get_client_auth_header()],
data=dict(refresh_token=creds["refresh_token"], grant_type="refresh_token"),
)
new_creds = json.loads(r.data)
self.assertEquals("Bearer", new_creds["token_type"], "token type should be Bearer")
self.assertEquals(new_creds["refresh_token"], creds["refresh_token"], "refresh tokens should be the same")
self.assertNotEquals(
new_creds["access_token"],
creds["access_token"],
"old access token should not be the same at the new one",
)
# Try and get a refresh token with an invalid token
r = client.post(
"/ws/token/",
headers=[get_client_auth_header()],
data=dict(refresh_token="7348957nev9o3874nqlvcfh47lmqa"),
)
self.assertEquals(400, r.status_code)
def test_fb():
from flask import render_template
from test.test_helpers import get_client_auth_header
return render_template('fb_test.html',
client_auth_headers=[get_client_auth_header()])