def test_token_auth(self): auth = SubscriberTokenAuth() with self.app.test_request_context(): self.assertFalse(auth.authorized([], None, 'GET')) token = generate_subscriber_token(self.subscriber) with self.app.test_request_context(headers={'Authorization': b'Bearer ' + token}): self.assertTrue(auth.authorized([], None, 'GET')) self.assertEqual(self.subscriber['_id'], g.get('user'))
def test_content_filtering_by_subscriber(self): subscriber = {'_id': 'sub1'} token = generate_subscriber_token(subscriber) headers = {'Authorization': b'Bearer ' + token} self.content_api.publish({'_id': 'foo', 'guid': 'foo', 'type': 'text'}, [subscriber]) self.content_api.publish({'_id': 'bar', 'guid': 'bar', 'type': 'text'}, []) self.content_api.publish({'_id': 'pkg', 'guid': 'pkg', 'type': 'composite'}, [subscriber]) self.content_api.publish({'_id': 'pkg2', 'guid': 'pkg2', 'type': 'composite'}, []) with self.capi.test_client() as c: response = c.get('api/items') self.assertEqual(401, response.status_code) response = c.get('api/items', headers=headers) self.assertEqual(200, response.status_code) data = json.loads(response.data) self.assertEqual(1, len(data['_items'])) self.assertNotIn('subscribers', data['_items'][0]) self.assertEqual('http://localhost:5400/items/foo', data['_items'][0]['uri']) response = c.get('api/packages', headers=headers) data = json.loads(response.data) self.assertEqual(1, len(data['_items'])) self.assertEqual('http://localhost:5400/packages/pkg', data['_items'][0]['uri'])
def _auth_headers(self, sub=None): if sub is None: sub = self.subscriber token = generate_subscriber_token(sub) headers = {"Authorization": b"Bearer " + token} return headers
def on_fetched(self, docs): if content_api.is_enabled(): for subscriber in docs["_items"]: if not subscriber.get("content_api_token"): subscriber["content_api_token"] = generate_subscriber_token(subscriber)
def test_expired_token_auth(self): auth = SubscriberTokenAuth() with self.app.test_request_context(): token = generate_subscriber_token(self.subscriber, ttl_days=-1) with self.app.test_request_context(headers={'Authorization': b'Bearer ' + token}): self.assertFalse(auth.authorized([], None, 'GET'))
def test_decode_str_token(self): with self.app.app_context(): token = generate_subscriber_token(self.subscriber) token_str = token.decode('utf-8') decoded = decode_subscriber_token(token_str) self.assertEqual(self.subscriber['_id'], decoded['sub'])
def test_generate_token_for_subscriber(self): with self.app.app_context(): token = generate_subscriber_token(self.subscriber) decoded = decode_subscriber_token(token) self.assertEqual(self.subscriber['_id'], decoded['sub'])