def test_successful_authentication(self):
# Use REST proxy for testing
rest = _RestProxyForTest()
auth = Auth(rest)
# Before authenticating, auth should reflect not logged in.
self.assertEqual(auth.get_user(), '')
self.assertEqual(auth.get_logged_in(), False)
# A successful authentication should store token and set user to returned value.
rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True})
auth.authenticate()
self.assertEqual(auth.get_user(), '*****@*****.**')
self.assertEqual(auth.get_logged_in(), True)
def test_unsuccessful_authentication(self):
# Use REST proxy for testing
rest = _RestProxyForTest()
auth = Auth(rest)
# Authenticate in order to fill in email/logged_in so that next test
# can verify that these are cleared.
rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True})
auth.authenticate()
# An unsuccessful authentication should clear token and other values.
# An example of the few ways that the server might reject a user. Others look
# like this with different messages.
server_error_on_bad_token = """
{
"error": {
"errors": [
{
"domain": "global",
"reason": "backendError",
"message": "org.apache.shiro.authc.IncorrectCredentialsException"
}
],
"code": 503,
"message": "org.apache.shiro.authc.IncorrectCredentialsException"
}
}
"""
rest.expect_get('/me', 503, json.loads(server_error_on_bad_token))
auth.authenticate()
self.assertEqual(auth.get_user(), '')
self.assertEqual(auth.get_logged_in(), False)
def test_authentication_empty_token(self):
# Use REST proxy for testing
rest = _RestProxyForTest()
auth = Auth(rest)
# Authenticate in order to fill in email/logged_in so that next test
# can verify that these are cleared.
rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True})
auth.authenticate()
# Authentication with an empty token should be no problem and result in an empty
# auth object.
rest.expect_get('/me', 200, {"loggedIn": False})
auth.authenticate()
self.assertEqual(auth.get_user(), '')
self.assertEqual(auth.get_logged_in(), False)
def test_authentication_server_error(self):
# Use REST proxy for testing
rest = _RestProxyForTest()
auth = Auth(rest)
# Authenticate in order to fill in email/logged_in/token so that next test
# can verify that these are not cleared.
rest.expect_get('/me', 200, {'email': '*****@*****.**', 'loggedIn': True})
auth.authenticate()
# Authentication should throw on a non-200 response and leave auth contents
# unchanged.
rest.expect_get('/me', 404, {})
with self.assertRaises(RuntimeError):
auth.authenticate()
self.assertEqual(auth.get_user(), '*****@*****.**')
self.assertEqual(auth.get_logged_in(), True)