def get_request(self, data=None): if data is None: data = {} request = RequestFactory().get('/', data) request.REGION = mkt.regions.RESTOFWORLD request.API = True request.user = AnonymousUser() return request
def test_500_options(self): req = RequestFactory().options('/') req.API = True resp = HttpResponse() resp.status_code = 500 res = self.mware.process_response(req, resp) eq_(res['Access-Control-Allow-Origin'], '*') eq_(res['Access-Control-Allow-Methods'], 'OPTIONS')
def test_fail(self): url = absolutify(reverse('app-list')) url, auth_header = self._oauth_request_info( url, client_key=self.access.key, client_secret="none") auth = authentication.RestOAuthAuthentication() req = RequestFactory().get( url, HTTP_HOST='testserver', HTTP_AUTHORIZATION=auth_header) req.API = True req.user = AnonymousUser() RestOAuthMiddleware().process_request(req) ok_(not auth.authenticate(Request(req))) ok_(not req.user.is_authenticated())
def test_fail(self): url = absolutify(reverse('app-list')) url, auth_header = self._oauth_request_info(url, client_key=self.access.key, client_secret="none") auth = authentication.RestOAuthAuthentication() req = RequestFactory().get(url, HTTP_HOST='testserver', HTTP_AUTHORIZATION=auth_header) req.API = True req.user = AnonymousUser() RestOAuthMiddleware().process_request(req) ok_(not auth.authenticate(Request(req))) ok_(not req.user.is_authenticated())
def test_bad_access_token(self): url = absolutify(reverse('app-list')) Token.generate_new(ACCESS_TOKEN, creds=self.access, user=self.user2) url, auth_header = self._oauth_request_info( url, client_key=self.access.key, client_secret=self.access.secret, resource_owner_key=generate(), resource_owner_secret=generate()) auth = authentication.RestOAuthAuthentication() req = RequestFactory().get( url, HTTP_HOST='testserver', HTTP_AUTHORIZATION=auth_header) req.API = True req.user = AnonymousUser() RestOAuthMiddleware().process_request(req) ok_(not auth.authenticate(Request(req))) ok_(not req.user.is_authenticated())
def test_bad_access_token(self): url = absolutify(reverse('app-list')) Token.generate_new(ACCESS_TOKEN, creds=self.access, user=self.user2) url, auth_header = self._oauth_request_info( url, client_key=self.access.key, client_secret=self.access.secret, resource_owner_key=generate(), resource_owner_secret=generate()) auth = authentication.RestOAuthAuthentication() req = RequestFactory().get(url, HTTP_HOST='testserver', HTTP_AUTHORIZATION=auth_header) req.API = True req.user = AnonymousUser() RestOAuthMiddleware().process_request(req) ok_(not auth.authenticate(Request(req))) ok_(not req.user.is_authenticated())
def test_session_not_used_api(self, process_request): req = RequestFactory().get('/') req.API = True NoVarySessionMiddleware().process_request(req) assert not process_request.called
def test_no_api_version(self): req = RequestFactory().get('/api/v2/') req.API = True res = self.api_version_middleware.process_response(req, HttpResponse()) eq_(self.header(res, 'API-Version'), '2') eq_(self.header(res, 'API-Status'), None)
def test_shared_secret_no_break_restoauth(self, mock_log): shared_secret = 'mkt-shared-secret [email protected],hash' request = RequestFactory(HTTP_AUTHORIZATION=shared_secret).get('/') request.API = True RestOAuthMiddleware().process_request(request) ok_(not mock_log.warning.called)