def test_returns_auth_id_from_valid_auth_token(self): verify_id_token_swap = self.swap_to_always_return( firebase_admin.auth, 'verify_id_token', value={'sub': 'auth_id'}) request = self.make_request(auth_header='Bearer DUMMY_JWT') with verify_id_token_swap: auth_id = auth_services.authenticate_request(request) self.assertEqual(auth_id, 'auth_id')
def test_returns_claims_as_none_when_missing_essential_claims(self): verify_id_token_swap = self.swap_to_always_return( firebase_admin.auth, 'verify_id_token', value={}) request = self.make_request(auth_header='Bearer DUMMY_JWT') with verify_id_token_swap: auth_claims = firebase_auth_services.authenticate_request(request) self.assertIsNone(auth_claims)
def test_returns_none_when_auth_token_is_missing_subject_identifier(self): verify_id_token_swap = self.swap_to_always_return(firebase_admin.auth, 'verify_id_token', value={}) request = self.make_request(auth_header='Bearer DUMMY_JWT') with verify_id_token_swap: auth_id = auth_services.authenticate_request(request) self.assertIsNone(auth_id)
def test_returns_auth_claims_from_valid_auth_token(self): verify_id_token_swap = self.swap_to_always_return( firebase_admin.auth, 'verify_id_token', value={'sub': 'auth_id', 'email': '*****@*****.**'}) request = self.make_request(auth_header='Bearer DUMMY_JWT') with verify_id_token_swap: auth_claims = firebase_auth_services.authenticate_request(request) self.assertEqual( auth_claims, auth_domain.AuthClaims('auth_id', '*****@*****.**'))
def test_returns_none_when_auth_token_is_invalid(self): verify_id_token_swap = self.swap_to_always_raise( firebase_admin.auth, 'verify_id_token', error=firebase_exceptions.InvalidArgumentError('invalid token')) request = self.make_request(auth_header='Bearer DUMMY_JWT') with verify_id_token_swap, self.capture_logging() as errors: auth_claims = firebase_auth_services.authenticate_request(request) self.assertIsNone(auth_claims) self.assertEqual(len(errors), 1) self.assertIn('invalid token', errors[0])
def test_returns_none_when_firebase_init_fails(self): initialize_app_swap = self.swap_to_always_raise( firebase_admin, 'initialize_app', error=firebase_exceptions.UnknownError('could not init')) request = self.make_request(auth_header='Bearer DUMMY_JWT') with initialize_app_swap, self.capture_logging() as errors: auth_claims = firebase_auth_services.authenticate_request(request) self.assertIsNone(auth_claims) self.assertEqual(len(errors), 1) self.assertIn('could not init', errors[0])
def test_cleans_up_firebase_app(self): mock_app = python_utils.OBJECT() initialize_app_swap = self.swap_to_always_return( firebase_admin, 'initialize_app', value=mock_app) verify_id_token_swap = self.swap_to_always_return( firebase_admin.auth, 'verify_id_token', value={}) delete_app_swap = self.swap( firebase_admin, 'delete_app', lambda app: self.assertIs(app, mock_app)) request = self.make_request(auth_header='Bearer DUMMY_JWT') with contextlib2.ExitStack() as stack: stack.enter_context(initialize_app_swap) stack.enter_context(verify_id_token_swap) stack.enter_context(delete_app_swap) errors = stack.enter_context(self.capture_logging()) auth_claims = firebase_auth_services.authenticate_request(request) self.assertIsNone(auth_claims) self.assertEqual(errors, [])
def test_returns_none_when_auth_header_uses_wrong_scheme_type(self): request = self.make_request(auth_header='Basic password=123') auth_claims = firebase_auth_services.authenticate_request(request) self.assertIsNone(auth_claims)
def test_returns_none_when_auth_header_is_missing(self): request = self.make_request() auth_claims = firebase_auth_services.authenticate_request(request) self.assertIsNone(auth_claims)