def test_request_auth_type_guess_session_attribute( self, mock_set_custom_attribute): self.request.user = UserFactory() self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call('request_auth_type_guess', 'session-or-other')
def test_authenticated_superuser(self, mock_set_custom_attribute): self.request.user = UserFactory(is_superuser=True) self.middleware.process_request(self.request) self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call( 'request_is_staff_or_superuser', 'superuser')
def test_request_auth_type_guess_token_attribute( self, token, expected_token_type, mock_set_custom_attribute): self.request.user = UserFactory() self.request.META['HTTP_AUTHORIZATION'] = token self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call('request_auth_type_guess', expected_token_type)
def test_authenticated_user_found_in_process_view( self, mock_set_custom_attribute): self.request.user = UserFactory() self.middleware.process_view(self.request, None, None, None) self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call( 'request_authenticated_user_found_in_middleware', 'process_view')
def test_request_auth_type_guess_jwt_cookie_attribute( self, mock_set_custom_attribute): self.request.user = UserFactory() self.request.META[USE_JWT_COOKIE_HEADER] = True self.request.COOKIES[jwt_cookie_name()] = 'reconstituted-jwt-cookie' self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call('request_auth_type_guess', 'jwt-cookie')
def test_authenticated_standard_user(self, mock_set_custom_attribute): self.request.user = UserFactory() self.middleware.process_request(self.request) self.middleware.process_response(self.request, None) attributes_called_with = [ c[0] for c in mock_set_custom_attribute.call_args_list ] assert 'request_is_staff_or_superuser' not in attributes_called_with
def test_request_user_id_attribute_with_exception( self, mock_set_custom_attribute): self.request.user = UserFactory() self.middleware.process_exception(self.request, None) mock_set_custom_attribute.assert_any_call('request_user_id', self.request.user.id) mock_set_custom_attribute.assert_any_call( 'request_authenticated_user_found_in_middleware', 'process_exception')
def test_get_decoded_jwt_from_existing_cookie(self): user = UserFactory() payload = generate_latest_version_payload(user) jwt = generate_jwt_token(payload) expected_decoded_jwt = jwt_decode_handler(jwt) mock_request_with_cookie = mock.Mock(COOKIES={'edx-jwt-cookie': jwt}) decoded_jwt = cookies.get_decoded_jwt(mock_request_with_cookie) self.assertEqual(expected_decoded_jwt, decoded_jwt)
def test_get_token(self): """ Ensure we can get a CSRF token. """ url = reverse('csrf_token') user = UserFactory() jwt = generate_jwt(user) self.client.credentials(HTTP_AUTHORIZATION='JWT {}'.format(jwt)) response = self.client.get(url, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertIn('csrfToken', response.data)
def authenticate(self, request): if request.COOKIES.get(jwt_cookie_name(), None) != 'header.payload.signature': return None # authenticate was failing on POST calls because it previously wasn't passing the # supported parsers into the new Request object. This retrieval of POST data # simulates the CSRF POST data checks in the non-test authenticate method. This # line lets us verify that the parsers are being correctly passed to the request request.POST.get('csrfmiddlewaretoken', '') user = UserFactory() return (user, None)
def test_authenticated_user_found_is_properly_reset( self, mock_set_custom_attribute): # set user before process_request self.request.user = UserFactory() self.middleware.process_request(self.request) self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call( 'request_authenticated_user_found_in_middleware', 'process_request') # set up new request and set user before process_response mock_set_custom_attribute.reset_mock() RequestCache.clear_all_namespaces() self.request = RequestFactory().get('/') self.request.user = UserFactory() self.middleware.process_response(self.request, None) mock_set_custom_attribute.assert_any_call( 'request_authenticated_user_found_in_middleware', 'process_response')
def setUp(self): super(JwtHasContentOrgFilterForRequestedCourseTests, self).setUp() self.user = UserFactory()
def setUp(self): super(JwtHasScopeTests, self).setUp() self.user = UserFactory()
def test_request_auth_type_session_metric(self, mock_set_custom_metric): self.request.user = UserFactory() self.middleware.process_response(self.request, None) mock_set_custom_metric.assert_called_once_with('request_auth_type', 'session-or-unknown')
def setUp(self): super().setUp() self.user = UserFactory() self.payload = generate_latest_version_payload(self.user) self.jwt = generate_jwt_token(self.payload)
def setUp(self): super(HasScopedTokenTests, self).setUp() self.user = UserFactory() self.payload = generate_jwt_payload(self.user) self.jwt = generate_jwt_token(self.payload) self.filters = {'content_org': ['edX', 'Microsoft'], 'user': ['me']}
def _create_request(self, user_filters, requested_username): url = f'/?username={requested_username}' request = RequestFactory().get(url) request.user = UserFactory(username='******') request.auth = generate_jwt(request.user, filters=user_filters) return request
def setUp(self): super(JWTDecodeHandlerTests, self).setUp() self.user = UserFactory() self.payload = generate_latest_version_payload(self.user) self.jwt = generate_jwt_token(self.payload)
def setUp(self): super(IsTokenVersionIncompatibleTests, self).setUp() self.user = UserFactory() self.payload = generate_jwt_payload(self.user) self.jwt = generate_jwt_token(self.payload) self.decoded_token = utils.jwt_decode_handler(self.jwt)
def setUp(self): super().setUp() self.user = UserFactory()
def authenticate(self, request): if request.COOKIES.get(jwt_cookie_name(), None) != 'header.payload.signature': return None user = UserFactory() return (user, None)
def _create_user(self, is_staff=False): return UserFactory(username='******', is_staff=is_staff)
def test_request_user_id_metric(self, mock_set_custom_metric): self.request.user = UserFactory() self.middleware.process_response(self.request, None) mock_set_custom_metric.assert_any_call('request_user_id', self.request.user.id)