def test_fail_401_sig_check_failure(self):
     # Return 401 if doesn't pass jwt signature check
     resp = self.client.get('/api/accounts/%s/sources?language_tag=en-US' %
                            ACCT_ID,
                            headers={"Authorization": MODIFIED_TOKEN})
     check_response(resp, 401)
     self.assertEqual(json.loads(resp.data)['detail'], "Invalid token")
    def test_fail_401_unparseable_token(self):
        # Return 401 if can't parse the jwt
        resp = self.client.get(
            '/api/accounts/%s/sources?language_tag=en-US' % ACCT_ID,
            headers={"Authorization": "Bearer boogaboogaboo"})

        check_response(resp, 401)
        self.assertEqual(json.loads(resp.data)['detail'], "Invalid token")
    def test_fail_401_no_headers(self):
        # Return 401 if no headers provided
        resp = self.client.get('/api/accounts/%s/sources?language_tag=en-US' %
                               ACCT_ID)

        check_response(resp, 401)
        self.assertEqual(
            json.loads(resp.data)['detail'], "No authorization token provided")
    def _help_test_mock_decode_token(self, fake_token, expected_code,
                                     expected_error_detail):
        with patch("jwt.decode") as mock_d:
            mock_d.side_effect = decode_fake_token

            resp = self.client.get(
                '/api/accounts/%s/sources?language_tag=en-US' % ACCT_ID,
                headers={"Authorization": "Bearer %s" % fake_token})

            check_response(resp, expected_code)
            self.assertEqual(
                json.loads(resp.data)['detail'], expected_error_detail)
    def test_fail_401_expired_token(self):
        # Return 401 if expired token
        resp = self.client.get('/api/accounts/%s/sources?language_tag=en-US' %
                               ACCT_ID,
                               headers={"Authorization": REPLAY_TOKEN})

        check_response(resp, 401)
        # TODO: Can replace with Invalid token after 6 hours when token expires
        self.assertIn(
            json.loads(resp.data)['detail'],
            [
                # If the token has expired
                "Invalid token",
                # Or if the token has not expired, but since it doesn't match
                # any account:
                "The server could not verify that you are authorized to access"
                " the URL requested. You either supplied the wrong credentials"
                " (e.g. a bad password), or your browser doesn't understand "
                "how to supply the credentials required."
            ])