def test_token_auth(self):
auth = SubscriberTokenAuth()
with self.app.test_request_context():
self.assertFalse(auth.authorized([], None, 'GET'))
token = generate_subscriber_token(self.subscriber)
with self.app.test_request_context(headers={'Authorization': b'Bearer ' + token}):
self.assertTrue(auth.authorized([], None, 'GET'))
self.assertEqual(self.subscriber['_id'], g.get('user'))
def test_content_filtering_by_subscriber(self):
subscriber = {'_id': 'sub1'}
token = generate_subscriber_token(subscriber)
headers = {'Authorization': b'Bearer ' + token}
self.content_api.publish({'_id': 'foo', 'guid': 'foo', 'type': 'text'}, [subscriber])
self.content_api.publish({'_id': 'bar', 'guid': 'bar', 'type': 'text'}, [])
self.content_api.publish({'_id': 'pkg', 'guid': 'pkg', 'type': 'composite'}, [subscriber])
self.content_api.publish({'_id': 'pkg2', 'guid': 'pkg2', 'type': 'composite'}, [])
with self.capi.test_client() as c:
response = c.get('api/items')
self.assertEqual(401, response.status_code)
response = c.get('api/items', headers=headers)
self.assertEqual(200, response.status_code)
data = json.loads(response.data)
self.assertEqual(1, len(data['_items']))
self.assertNotIn('subscribers', data['_items'][0])
self.assertEqual('http://localhost:5400/items/foo', data['_items'][0]['uri'])
response = c.get('api/packages', headers=headers)
data = json.loads(response.data)
self.assertEqual(1, len(data['_items']))
self.assertEqual('http://localhost:5400/packages/pkg', data['_items'][0]['uri'])
def _auth_headers(self, sub=None):
if sub is None:
sub = self.subscriber
token = generate_subscriber_token(sub)
headers = {"Authorization": b"Bearer " + token}
return headers
def on_fetched(self, docs):
if content_api.is_enabled():
for subscriber in docs["_items"]:
if not subscriber.get("content_api_token"):
subscriber["content_api_token"] = generate_subscriber_token(subscriber)
def test_expired_token_auth(self):
auth = SubscriberTokenAuth()
with self.app.test_request_context():
token = generate_subscriber_token(self.subscriber, ttl_days=-1)
with self.app.test_request_context(headers={'Authorization': b'Bearer ' + token}):
self.assertFalse(auth.authorized([], None, 'GET'))
def test_decode_str_token(self):
with self.app.app_context():
token = generate_subscriber_token(self.subscriber)
token_str = token.decode('utf-8')
decoded = decode_subscriber_token(token_str)
self.assertEqual(self.subscriber['_id'], decoded['sub'])
def test_generate_token_for_subscriber(self):
with self.app.app_context():
token = generate_subscriber_token(self.subscriber)
decoded = decode_subscriber_token(token)
self.assertEqual(self.subscriber['_id'], decoded['sub'])
