def test_no_verify_api_call(make_app, mocker):
app = make_app(
"foo",
"bar",
hostname="my-insecure-gitlab.com",
storage=MemoryStorage({"access_token": "fake-token"}),
verify_tls_certificates=False,
)
with responses.RequestsMock() as rsps:
mock_on_request = mocker.patch.object(rsps,
"_on_request",
wraps=rsps._on_request)
rsps.add(
method=responses.GET,
url="https://my-insecure-gitlab.com",
body="insecure but OK",
)
with app.test_request_context("/"):
app.preprocess_request()
gitlab.get("https://my-insecure-gitlab.com")
# check that `verify=False` in the API call
mock_on_request.assert_called()
call_verify = mock_on_request.call_args[1].get("verify", True)
assert call_verify is False
def logged_in(blueprint, token):
from .models import User
if blueprint.name == "facebook":
resp = facebook.get("/me?fields=name,first_name,email")
email = resp.json()["email"]
f_name = resp.json()["first_name"]
account_type = "facebook"
elif blueprint.name == "github":
user_info = github.get("/user")
user_email = github.get("/user/emails")
email = user_email.json()[0]["email"]
f_name = user_info.json()["name"]
account_type = "github"
elif blueprint.name == "gitlab":
resp = gitlab.get("user")
email = resp.json()["email"]
f_name = resp.json()["name"].split()[0]
account_type = "gitlab"
user = User.query.filter_by(email=email).first()
if not user:
user = User(email=email, f_name=f_name)
user.account_type = account_type
try:
db.session.add(user)
db.session.commit()
except Exception as err:
db.session.rollback()
print(err)
login_user(user)
g.user = user
flash(_("You have been logged in."), category="success")
def test_context_local(make_app):
responses.add(responses.GET, "https://google.com")
# set up two apps with two different set of auth tokens
app1 = make_app(
"foo1",
"bar1",
redirect_to="url1",
storage=MemoryStorage({"access_token": "app1"}),
)
app2 = make_app(
"foo2",
"bar2",
redirect_to="url2",
storage=MemoryStorage({"access_token": "app2"}),
)
# outside of a request context, referencing functions on the `gitlab` object
# will raise an exception
with pytest.raises(RuntimeError):
gitlab.get("https://google.com")
# inside of a request context, `gitlab` should be a proxy to the correct
# blueprint session
with app1.test_request_context("/"):
app1.preprocess_request()
gitlab.get("https://google.com")
request = responses.calls[0].request
assert request.headers["Authorization"] == "Bearer app1"
with app2.test_request_context("/"):
app2.preprocess_request()
gitlab.get("https://google.com")
request = responses.calls[1].request
assert request.headers["Authorization"] == "Bearer app2"
def test_context_local(make_app):
responses.add(responses.GET, "https://google.com")
# set up two apps with two different set of auth tokens
app1 = make_app(
"foo1",
"bar1",
redirect_to="url1",
storage=MemoryStorage({"access_token": "app1"}),
)
app2 = make_app(
"foo2",
"bar2",
redirect_to="url2",
storage=MemoryStorage({"access_token": "app2"}),
)
# outside of a request context, referencing functions on the `gitlab` object
# will raise an exception
with pytest.raises(RuntimeError):
gitlab.get("https://google.com")
# inside of a request context, `gitlab` should be a proxy to the correct
# blueprint session
with app1.test_request_context("/"):
app1.preprocess_request()
gitlab.get("https://google.com")
request = responses.calls[0].request
assert request.headers["Authorization"] == "Bearer app1"
with app2.test_request_context("/"):
app2.preprocess_request()
gitlab.get("https://google.com")
request = responses.calls[1].request
assert request.headers["Authorization"] == "Bearer app2"