def setUp(self):
self.user = self.create_user()
self.org = self.create_organization()
self.sentry_app = self.create_sentry_app(
name='nulldb',
organization=self.org,
)
self.install, self.grant = Creator.run(
organization=self.org,
slug='nulldb',
)
self.authorizer = Authorizer(
install=self.install,
grant_type='authorization_code',
code=self.grant.code,
client_id=self.sentry_app.application.client_id,
user=self.sentry_app.proxy_user,
)
def setUp(self):
self.user = self.create_user()
self.org = self.create_organization()
self.sentry_app = SentryAppCreator.run(
name='nulldb',
organization=self.org,
scopes=(),
webhook_url='http://example.com',
)
self.install, self.grant = Creator.run(
organization=self.org,
slug='nulldb',
)
self.authorizer = Authorizer(
install=self.install,
grant_type='authorization_code',
code=self.grant.code,
client_id=self.sentry_app.application.client_id,
user=self.sentry_app.proxy_user,
)
def post(self, request, install):
try:
token = Authorizer.run(
grant_type=request.json_body.get('grant_type'),
code=request.json_body.get('code'),
client_id=request.json_body.get('client_id'),
user=request.user,
install=install,
)
except APIUnauthorized:
return Response({'error': 'Unauthorized'}, status=403)
return Response(ApiTokenSerializer().serialize(
token,
{
'state': request.json_body.get('state'),
'application': None,
},
request.user,
),
status=201)
def setUp(self):
self.user = self.create_user()
self.org = self.create_organization()
self.sentry_app = SentryAppCreator.run(
name='nulldb',
organization=self.org,
scopes=(),
webhook_url='http://example.com',
)
self.install, self.grant = Creator.run(
organization=self.org,
slug='nulldb',
)
self.authorizer = Authorizer(
install=self.install,
grant_type='authorization_code',
code=self.grant.code,
client_id=self.sentry_app.application.client_id,
user=self.sentry_app.proxy_user,
)
class TestAuthorizer(TestCase):
def setUp(self):
self.user = self.create_user()
self.org = self.create_organization()
self.sentry_app = self.create_sentry_app(
name='nulldb',
organization=self.org,
)
self.install, self.grant = Creator.run(
organization=self.org,
slug='nulldb',
)
self.authorizer = Authorizer(
install=self.install,
grant_type='authorization_code',
code=self.grant.code,
client_id=self.sentry_app.application.client_id,
user=self.sentry_app.proxy_user,
)
def test_simple(self):
token = self.authorizer.call()
assert token is not None
def test_token_expires_in_eight_hours(self):
token = self.authorizer.call()
assert token.expires_at.hour == (datetime.now() +
timedelta(hours=8)).hour
def test_invalid_grant_type(self):
self.authorizer.grant_type = 'stuff'
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_non_owner(self):
self.authorizer.user = self.create_user(is_sentry_app=True)
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_non_sentry_app(self):
self.authorizer.user = self.create_user()
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_missing_grant(self):
self.authorizer.code = '123'
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_mismatching_client_id(self):
self.authorizer.client_id = '123'
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
class TestAuthorizer(TestCase):
def setUp(self):
self.user = self.create_user()
self.org = self.create_organization()
self.sentry_app = SentryAppCreator.run(
name='nulldb',
organization=self.org,
scopes=(),
webhook_url='http://example.com',
)
self.install, self.grant = Creator.run(
organization=self.org,
slug='nulldb',
)
self.authorizer = Authorizer(
install=self.install,
grant_type='authorization_code',
code=self.grant.code,
client_id=self.sentry_app.application.client_id,
user=self.sentry_app.proxy_user,
)
def test_simple(self):
token = self.authorizer.call()
assert token is not None
def test_token_expires_in_eight_hours(self):
token = self.authorizer.call()
assert token.expires_at.hour == (datetime.now() + timedelta(hours=8)).hour
def test_invalid_grant_type(self):
self.authorizer.grant_type = 'stuff'
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_non_owner(self):
self.authorizer.user = self.create_user(is_sentry_app=True)
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_non_sentry_app(self):
self.authorizer.user = self.create_user()
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_missing_grant(self):
self.authorizer.code = '123'
with self.assertRaises(APIUnauthorized):
self.authorizer.call()
def test_mismatching_client_id(self):
self.authorizer.client_id = '123'
with self.assertRaises(APIUnauthorized):
self.authorizer.call()