def test_get_request_without_portal_access(self):
request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key})
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_without_portal_parameters(self):
request = self.factory.get(reverse("lizard_auth_server.jwt"), )
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_without_portal_parameters(self):
request = self.factory.get(reverse("lizard_auth_server.jwt"))
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_as_anonymous_user(self):
request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key})
request.user = AnonymousUser()
response = JWTView.as_view()(request)
expected_status_code = 302
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
expected_url = reverse("django.contrib.auth.views.login")
self.assertTrue(response.url.startswith(expected_url))
def test_get_request_with_invalid_portal_parameter(self):
random_sso_key = GenKey("Portal", "sso_key")
request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": random_sso_key})
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_invalid_next_parameter(self):
request = self.factory.get(
reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key, "next": fake.uri_path()}
)
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_redirect_response(self):
next_ = fake.url()
request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key, "next": next_})
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 302
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
self.assertTrue(JWTView.is_url(response.url))
self.assertTrue(response.url.startswith(next_))
self.assertTrue("access_token=" in response.url)
def test_get_request_without_portal_access(self):
request = self.factory.get(
reverse("lizard_auth_server.jwt"),
{
"portal": self.portal.sso_key,
},
)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_as_anonymous_user(self):
request = self.factory.get(
reverse("lizard_auth_server.jwt"),
{
"portal": self.portal.sso_key,
},
)
request.user = AnonymousUser()
response = JWTView.as_view()(request)
expected_status_code = 302
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
expected_url = reverse("login")
self.assertTrue(response.url.startswith(expected_url))
def test_get_request_with_invalid_portal_parameter(self):
random_sso_key = GenKey("Portal", "sso_key")
request = self.factory.get(
reverse("lizard_auth_server.jwt"),
{
"portal": random_sso_key,
},
)
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_invalid_next_parameter(self):
request = self.factory.get(
reverse("lizard_auth_server.jwt"),
{
"portal": self.portal.sso_key,
"next": fake.uri_path(),
},
)
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 400
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
def test_get_request_with_text_response(self):
request = self.factory.get(reverse("lizard_auth_server.jwt"), {"portal": self.portal.sso_key})
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 200
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
expected_content_type = "text/plain"
actual_content_type = response.get("Content-Type")
self.assertEqual(expected_content_type, actual_content_type)
token = response.content
payload = jwt.decode(token, self.portal.sso_secret)
self.assertTrue(payload["username"] == self.user.username)
self.assertTrue("exp" in payload)
def test_get_request_with_redirect_response(self):
next_ = fake.url()
request = self.factory.get(
reverse("lizard_auth_server.jwt"),
{
"portal": self.portal.sso_key,
"next": next_,
},
)
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 302
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
self.assertTrue(JWTView.is_url(response.url))
self.assertTrue(response.url.startswith(next_))
self.assertTrue("access_token=" in response.url)
def test_get_request_with_text_response(self):
request = self.factory.get(
reverse('lizard_auth_server.jwt'), {
'portal': self.portal.sso_key,
},
)
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 200
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
expected_content_type = 'text/plain'
actual_content_type = response.get('Content-Type')
self.assertEqual(expected_content_type, actual_content_type)
token = response.content
payload = jwt.decode(token, self.portal.sso_secret)
self.assertTrue(payload['username'] == self.user.username)
self.assertTrue('exp' in payload)
def test_get_request_with_text_response(self):
request = self.factory.get(
reverse("lizard_auth_server.jwt"),
{
"portal": self.portal.sso_key,
},
)
self.user.user_profile.portals.add(self.portal)
request.user = self.user
response = JWTView.as_view()(request)
expected_status_code = 200
actual_status_code = response.status_code
self.assertEqual(expected_status_code, actual_status_code)
expected_content_type = "text/plain"
actual_content_type = response.get("Content-Type")
self.assertEqual(expected_content_type, actual_content_type)
token = response.content
payload = jwt.decode(token,
self.portal.sso_secret,
algorithms=["HS256"])
self.assertTrue(payload["username"] == self.user.username)
self.assertTrue("exp" in payload)
