def test_revoke_all():
global body
global TUPLE
global RS
# test revoke-all (as provider)
r = provider.get_token(body)
access_token = r['response']
assert r['success'] is True
assert None != access_token
assert 60 * 60 * 2 == access_token['expires-in']
token = access_token['token']
if type(token) == TUPLE:
token = token[0]
s = token.split("/")
assert len(s) == 3
assert s[0] == 'auth.iudx.org.in'
r = provider.audit_tokens(100)
assert r["success"] is True
audit_report = r['response']
as_provider = audit_report["as-provider"]
num_tokens = len(as_provider)
assert num_tokens >= 1
for a in as_provider:
if a["revoked"] is False and a['expired'] is False:
cert_serial = a["certificate-serial-number"]
cert_fingerprint = a["certificate-fingerprint"]
break
r = provider.revoke_all(cert_serial, cert_fingerprint)
assert r["success"] is True
assert r["response"]["num-tokens-revoked"] >= 1
r = provider.audit_tokens(100)
assert r["success"] is True
audit_report = r['response']
as_provider = audit_report["as-provider"]
for a in as_provider:
if a['certificate-serial-number'] == cert_serial and a[
'certificate-fingerprint'] == cert_fingerprint:
if a['expired'] is False:
assert a['revoked'] is True
assert s[0] == 'auth.iudx.org.in'
r = provider.audit_tokens(100)
assert r["success"] is True
audit_report = r['response']
as_provider = audit_report["as-provider"]
num_tokens = len(as_provider)
assert num_tokens >= 1
for a in as_provider:
if a["revoked"] is False and a['expired'] is False:
cert_serial = a["certificate-serial-number"]
cert_fingerprint = a["certificate-fingerprint"]
break
r = provider.revoke_all(cert_serial, cert_fingerprint)
assert r["success"] is True
assert r["response"]["num-tokens-revoked"] >= 1
r = provider.audit_tokens(100)
assert r["success"] is True
audit_report = r['response']
as_provider = audit_report["as-provider"]
for a in as_provider:
if a['certificate-serial-number'] == cert_serial and a[
'certificate-fingerprint'] == cert_fingerprint:
if a['expired'] is False:
assert a['revoked'] is True
# test revoke API