def test_generate_ok(self):
'''This test case ensures an access token can be correctly generated.'''
creation_time = time.time()
time_provider = Mock()
time_provider.time = Mock(return_value=creation_time)
token_desc = {"client_id": "my-sample-app",
"user_id": 123,
"scopes": "scope1 scope2 scope3 scope4",
"expires_in": 3600}
expected_client = Client()
expected_client.scopes = [Scope(name=scope) for scope in token_desc["scopes"].split(" ")]
self._mock_client_search(expected_client)
token = self._generator.generate(token_desc, time_provider)
self.assertIsNotNone(token)
self.assertEqual(token_desc["client_id"], token.client_id)
self.assertEqual(token_desc["user_id"], token.user_id)
self.assertEqual(token_desc["scopes"].split(" "), token.scopes)
self.assertEqual(int(creation_time), token.creation_time)
self.assertEqual(int(creation_time) + token_desc["expires_in"], token.expiration_time)
def test_generate_ok(self):
'''This test case ensures an access token can be correctly generated.'''
creation_time = time.time()
time_provider = Mock()
time_provider.time = Mock(return_value=creation_time)
token_desc = {
"client_id": "my-sample-app",
"user_id": 123,
"scopes": "scope1 scope2 scope3 scope4",
"expires_in": 3600
}
expected_client = Client()
expected_client.scopes = [
Scope(name=scope) for scope in token_desc["scopes"].split(" ")
]
self._mock_client_search(expected_client)
token = self._generator.generate(token_desc, time_provider)
self.assertIsNotNone(token)
self.assertEqual(token_desc["client_id"], token.client_id)
self.assertEqual(token_desc["user_id"], token.user_id)
self.assertEqual(token_desc["scopes"].split(" "), token.scopes)
self.assertEqual(int(creation_time), token.creation_time)
self.assertEqual(
int(creation_time) + token_desc["expires_in"],
token.expiration_time)
def test_generate_client_invalidscopes(self):
'''This test case ensures an exception is raised if the client is not allowed to used requested scopes.'''
client_id = str(uuid.uuid4())
token_desc = {"client_id": client_id,
"user_id": 1,
"scopes": "scope1 scope2",
"expires_in": 3600}
expected_client = Client(client_id, name="simple app", revoked=False)
expected_client.scopes = []
self._mock_client_search(expected_client)
with self.assertRaises(OAuth2InvalidScopesError):
self._generator.generate(token_desc)
self._model_facade.find_by_pk.assert_called_once_with({Client.client_id: client_id})
def test_init_noargs(self):
'''This test case ensures a client can be instantiated without arguments.'''
obj = Client()
self.assertIsNone(obj.client_id)
self.assertIsNone(obj.name)
self.assertIsNone(obj.description)
self.assertIsNone(obj.grant_types)
self.assertIsNone(obj.token_iv)
self.assertIsNone(obj.token_key)
self.assertIsNone(obj.revoked)
def test_generate_client_invalidscopes(self):
'''This test case ensures an exception is raised if the client is not allowed to used requested scopes.'''
client_id = str(uuid.uuid4())
token_desc = {
"client_id": client_id,
"user_id": 1,
"scopes": "scope1 scope2",
"expires_in": 3600
}
expected_client = Client(client_id, name="simple app", revoked=False)
expected_client.scopes = []
self._mock_client_search(expected_client)
with self.assertRaises(OAuth2InvalidScopesError):
self._generator.generate(token_desc)
self._model_facade.find_by_pk.assert_called_once_with(
{Client.client_id: client_id})
def test_load_ok(self):
'''This test case ensures a client can be loaded correctly by client_id.'''
client_id = "abcd"
client = Client()
self._client_facade.find_by_pk = Mock(return_value=client)
result = self._repo.load(client_id)
self.assertEqual(client, result)
self._client_facade.find_by_pk.assert_called_once_with(
{Client.client_id: client_id})
def test_validate_ok(self):
'''This test case ensures a valid token passes validation.'''
creation_time = int(time.time())
expiration_time = creation_time + 3600
token = Token({
"client_id": "sample-app",
"type": "access",
"user_id": 1,
"creation_time": creation_time,
"expiration_time": expiration_time
})
expected_client = Client(client_id=token.client_id, revoked=False)
self._mock_client_search(expected_client)
self.assertTrue(self._generator.validate(token))
def test_validate_token_clientrevoked(self):
'''This test case ensures an expection is raised if the token client is not valid.'''
creation_time = int(time.time())
expiration_time = creation_time + 3600
token = Token({
"client_id": "sample-app",
"type": "access",
"user_id": 1,
"creation_time": creation_time,
"expiration_time": expiration_time
})
expected_client = Client(client_id=token.client_id, revoked=True)
self._mock_client_search(expected_client)
with self.assertRaises(OAuth2InvalidClientError):
self._generator.validate(token)
def test_generate_client_revoked(self):
'''This test case ensures a token can not be generated for a client which is revoked.'''
client_id = str(uuid.uuid4())
token_desc = {
"client_id": client_id,
"user_id": 1,
"scopes": "scope1 scope2",
"expires_in": 3600
}
expected_client = Client(client_id, name="simple app", revoked=True)
self._mock_client_search(expected_client)
with self.assertRaises(OAuth2InvalidClientError):
self._generator.generate(token_desc)
self._model_facade.find_by_pk.assert_called_once_with(
{Client.client_id: client_id})
def test_init_ok(self):
'''This test case ensures a client can be instantiated with arguments.'''
client_id = str(uuid.uuid4())
name = "simple app"
description = "simple app description."
grant_types = "token,code"
token_iv = "simple iv"
token_key = "simple key"
revoked = False
obj = Client(client_id, name, description, grant_types, token_iv,
token_key, revoked)
self.assertEqual(client_id, obj.client_id)
self.assertEqual(name, obj.name)
self.assertEqual(description, obj.description)
self.assertEqual(grant_types, obj.grant_types)
self.assertEqual(token_iv, obj.token_iv)
self.assertEqual(token_key, obj.token_key)
self.assertEqual(revoked, obj.revoked)
def test_encrypt_ex(self):
'''This test case ensures all encryption exceptions are bubbled up.'''
client_id = "mock client"
token_iv = "token iv".encode()
token_key = "token_key".encode()
token = Token({})
client = Client(token_iv=base64.b64encode(token_iv).decode(),
token_key=base64.b64encode(token_key).decode())
ex = Exception("Unexpected exception.")
self._client_repo.load = Mock(return_value=client)
self._encryptor.encrypt_token = Mock(side_effect=ex)
with self.assertRaises(Exception) as ctx:
self._tokens_service.encrypt(token, client_id)
self.assertEqual(ex, ctx.exception)
def test_encrypt_ok(self):
'''This test case ensures a token can be correctly encrypted.'''
client_id = "mock client"
token_iv = "token iv".encode()
token_key = "token_key".encode()
token = Token({})
encrypted_str = "abcd"
client = Client(token_iv=base64.b64encode(token_iv).decode(),
token_key=base64.b64encode(token_key).decode())
self._client_repo.load = Mock(return_value=client)
self._encryptor.encrypt_token = Mock(return_value=encrypted_str)
result = self._tokens_service.encrypt(token, client_id)
self.assertEqual(encrypted_str, result)
self._client_repo.load.assert_called_once_with(client_id)
self._encryptor.encrypt_token.assert_called_once_with(
token, token_iv, token_key)
def _test_load_clienturl_template(self,
return_url,
base_url=None,
client_id="abc"):
'''This method provides a template for testing load_client_by_returnurl success scenarios.'''
base_url = base_url or return_url
client = Client(client_id=client_id)
url = ClientReturnUrl()
url.client = client
self._url_facade.get_records_paged = Mock(return_value=[url])
result = self._repo.load_client_by_returnurl(return_url)
self.assertEqual(client, result)
self._url_facade.get_records_paged.assert_called_once_with(
start_record=0,
end_record=1,
filter_expr=ModelFilter(ClientReturnUrl.return_url, base_url,
ModelFilter.EQ))
