def test_called_verify_client_id(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()

        verify_client_id = Mock()
        provider.verify_client_id = verify_client_id
        provider.verify_redirect_uri = Mock()

        provider.verify_auth_request('Foo', 'Foo1', redirect_uri='foo')

        verify_client_id.assert_called_with('Foo1')
    def test_no_redirect_uri(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()

        get_redirect_uri = Mock()
        provider.verify_client_id = Mock()
        provider.verify_redirect_uri = Mock()
        provider.get_redirect_uri = get_redirect_uri

        provider.verify_auth_request('Foo', 'client_id_1')

        get_redirect_uri.assert_called_with('client_id_1')
    def test_clean_url(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()

        verify_client_id = Mock(return_value = True)
        verify_redirect_uri = Mock(return_value = True)
        verify_scope = Mock(return_value = True)
        save_data = Mock()

        provider.verify_client_id = verify_client_id
        provider.verify_redirect_uri = verify_redirect_uri
        provider.verify_scope = verify_scope
        provider.save_data = save_data
        provider.generate_authorization_code = Mock(return_value='bar')

        redirect_uri = 'http://google.com?this=bad&so=is_this'
        client_id = 'client_id'
        scope = 'foo,bar'
        state = 'omgz'

        results = provider.verify_auth_request('code', client_id,
                redirect_uri=redirect_uri, scope=scope, state=state)


        save_data.assert_called_with(client_id, 'bar', scope, redirect_uri)

        assert state in results['redirect_uri']
        assert not 'this' in results['redirect_uri']
        assert not 'bad' in results['redirect_uri']
        assert not 'so' in results['redirect_uri']
    def test_client_id_invalid(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()

        verify_client_id = Mock(return_value = False)
        provider.verify_client_id = verify_client_id
        provider.verify_redirect_uri = Mock()

        results = provider.verify_auth_request('Foo', 'Foo1',
                redirect_uri='foo')

        assert results['error'] == 'unauthorized_client'
    def test_bad_response_type(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()

        verify_client_id = Mock(return_value = True)
        verify_redirect_uri = Mock(return_value = True)
        provider.verify_client_id = verify_client_id
        provider.verify_redirect_uri = verify_redirect_uri

        results = provider.verify_auth_request('BadCode', 'Foo1',
                redirect_uri='foo')

        assert results['error'] == 'unsupported_response_type'
    def test_scope_is_invalid(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()

        verify_client_id = Mock(return_value = True)
        verify_redirect_uri = Mock(return_value = True)
        verify_scope = Mock(return_value = False)

        provider.verify_client_id = verify_client_id
        provider.verify_redirect_uri = verify_redirect_uri
        provider.verify_scope = verify_scope

        results = provider.verify_auth_request('code', 'Foo1',
                redirect_uri='foo')

        assert results['error'] == 'invalid_scope'
    def test_no_response_type(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()
        results = provider.verify_auth_request(None, 'Foo')

        assert results['error'] == 'invalid_request'
    def test_no_client_id(self):
        from oauth2_provider.provider import AuthorizationProvider
        provider = AuthorizationProvider()
        results = provider.verify_auth_request('Foo', None)

        assert results['error'] == 'invalid_request'