def test_soft_auth_check_returns_true_when_not_authenticated(): auth_params = { "login": DEMO_USER_LOGIN, "password": DEMO_USER_PASSWORD } app = setup_application(force_recreate_database=True, force_initialize_database=True) resp = app.post("/auth/token", params=auth_params, expect_errors=False) assert resp.status_code == 200 assert resp.json is not None json_response = resp.json assert "access_token" in json_response assert "scope" in json_response assert "token_type" in json_response assert "expires_in" in json_response assert json_response["access_token"] is not None resp = app.get("/auth/soft_check") assert resp.status_code == 200 assert resp.json is not None json_response = resp.json assert "authenticated" in json_response assert json_response["authenticated"]
def test_returns_401_on_no_access_token_sent(): app = setup_application(force_recreate_database=True, force_initialize_database=False) resp = app.get("/view_all", expect_errors=True) assert resp.status_code == 401
def test_returns_200_when_checking_valid_jwt(): auth_params = { "login": DEMO_USER_LOGIN, "password": DEMO_USER_PASSWORD } app = setup_application(force_recreate_database=False, force_initialize_database=False) resp = app.post("/auth/token", params=auth_params, expect_errors=False) assert resp.status_code == 200 assert resp.json is not None json_response = resp.json token = json_response["access_token"] headers = { "Authorization": "Bearer " + token } resp = app.get("/auth/check", headers=headers, expect_errors=False) assert resp.status_code == 200 assert resp.json is not None json_resp = resp.json assert "ok" in json_resp assert "user_uid" in json_resp assert json_resp["ok"] == True assert json_resp["user_uid"] == DEMO_USER_UID
def test_returns_403_when_wrong_token_sent_in_request_header(): app = setup_application(force_recreate_database=True, force_initialize_database=False) headers = {"access_token": "bad"} resp = app.get("/view_all", headers=headers, expect_errors=True) assert resp.status_code == 403
def test_returns_403_when_wrong_token_sent_in_request_parameters(): app = setup_application(force_recreate_database=True, force_initialize_database=False) params = {"t": "bad"} resp = app.get("/view_all", params=params, expect_errors=True) assert resp.status_code == 403
def test_returns_403_when_checking_token_without_authentication(): headers = { "client_type": "json_api" } app = setup_application(force_recreate_database=False, force_initialize_database=False) resp = app.get("/auth/check", headers=headers, expect_errors=True) assert resp.status_code == 403
def test_soft_auth_check_returns_false_when_not_authenticated(): app = setup_application(force_recreate_database=False, force_initialize_database=False) resp = app.get("/auth/soft_check") assert resp.status_code == 200 assert resp.json is not None json_response = resp.json assert "authenticated" in json_response assert not json_response["authenticated"]
def test_returns_401_on_no_access_token_sent(): app = setup_application(force_recreate_database=False, force_initialize_database=False) params = { "foo": "bar", "bizz": "bazz", "boo": "poo" } resp = app.post("/collect", params=params, expect_errors=True) assert resp.status_code == 401
def test_returns_403_when_wrong_token_sent_in_request_parameters(): app = setup_application(force_recreate_database=True, force_initialize_database=False) params = { "foo": "bar", "bizz": "bazz", "boo": "poo", "t": "bad" } resp = app.post("/collect", params=params, expect_errors=True) assert resp.status_code == 403
def test_adds_and_returns_valid_events(): app = setup_application(force_recreate_database=True, force_initialize_database=True) headers = {"access_token": DEMO_DEVICE_WRITE_TOKEN} expected_uid = ksuid.ksuid().toBase62() params = { "id": expected_uid, "foo": "bar", "bizz": "bazz", "boo": "poo", "t": "special" } resp = app.post("/collect", params=params, headers=headers) assert resp.status_code == 200 assert resp.json is not None json_resp = resp.json requies_uid = json_resp["request"]["uid"] assert requies_uid is not None headers = {"access_token": DEMO_DEVICE_READ_TOKEN} resp = app.get("/view_all", headers=headers) assert resp.status_code == 200 assert resp.json is not None json_resp = resp.json assert "data" in json_resp json_data = json_resp["data"] assert type(json_data) == list found = False for item in json_data: assert "request_uid" in item assert "request_id" in item assert "request_uid" in item assert "adding_dts" in item assert "method" in item assert "parameters" in item if item["request_uid"] == requies_uid: v = {item["name"]: item["value"] for item in item["parameters"]} assert v == params found = True break assert found
def test_version_route_returns_valid_values(): app = setup_application(False, False) resp = app.get("/version") assert resp.status_code == 200 js_response = resp.json assert js_response is not None assert "version" in js_response assert "app_name" in js_response assert js_response["version"] == __version__ assert js_response["app_name"] == __app_name__
def test_successfully_adds_values_with_access_token_in_header(): app = setup_application() headers = { "access_token": DEMO_DEVICE_WRITE_TOKEN } expected_t_value = "foo_bar" params = { "foo": "bar", "bizz": "bazz", "boo": "poo", "t": expected_t_value } resp = app.post("/collect", params=params, headers=headers) assert resp.status_code == 200 assert resp.json is not None json_resp = resp.json assert "method" in json_resp assert "dcd_id" in json_resp assert "request" in json_resp request_info = json_resp["request"] assert type(request_info) == dict assert "id" in request_info assert "uid" in request_info assert "params" in request_info request_id = request_info["id"] assert request_id is not None assert str(request_id).isnumeric() assert request_id > 0 added_params = request_info["params"] assert "t" in added_params assert added_params["t"] == expected_t_value response_params = request_info["params"] for item in params: assert item in response_params
def test_authenticates_jwt_to_demo_user(): auth_params = { "login": DEMO_USER_LOGIN, "password": DEMO_USER_PASSWORD } app = setup_application(force_recreate_database=True, force_initialize_database=True) resp = app.post("/auth/token", params=auth_params, expect_errors=False) assert resp.status_code == 200 assert resp.json is not None json_response = resp.json assert "access_token" in json_response assert "scope" in json_response assert "token_type" in json_response assert "expires_in" in json_response assert json_response["access_token"] is not None # TODO: validate token assert "Authorization" in resp.headers assert "Authorization-Scope" in resp.headers assert "Authorization-Token-Type" in resp.headers assert "Authorization-Expires-In" in resp.headers assert resp.headers["Authorization"] == "Bearer " + json_response["access_token"] assert resp.headers["Authorization-Scope"] == json_response["scope"] assert resp.headers["Authorization-Token-Type"] == json_response["token_type"] assert str(resp.headers["Authorization-Expires-In"]) == str(json_response["expires_in"]) cookie_found = False for k, v in resp.headers.items(): v = str(v) if k == "Set-Cookie": if v.startswith("Authorization"): auth_cookie_value = v[v.index("=") + 2: v.index(";") - 1] assert auth_cookie_value is not None assert auth_cookie_value == "Bearer " + json_response["access_token"] cookie_found = True assert cookie_found
def test_successfully_adds_values_again(): app = setup_application(force_recreate_database=True, force_initialize_database=True) params = { "foo": "bar", "bizz": "bazz", "boo": "poo", "t": DEMO_DEVICE_WRITE_TOKEN } resp = app.post("/collect", params=params) assert resp.status_code == 200 assert resp.json is not None json_resp = resp.json request_id = json_resp["request"]["id"] assert str(request_id).isnumeric() assert request_id == 1
def test_successfully_adds_values(): app = setup_application() params = { "foo": "bar", "bizz": "bazz", "boo": "poo", "t": DEMO_DEVICE_WRITE_TOKEN } resp = app.post("/collect", params=params) assert resp.status_code == 200 assert resp.json is not None json_resp = resp.json assert "method" in json_resp assert "dcd_id" in json_resp assert "request" in json_resp request_info = json_resp["request"] assert type(request_info) == dict assert "id" in request_info assert "uid" in request_info assert "params" in request_info request_id = request_info["id"] assert request_id is not None assert str(request_id).isnumeric() assert request_id == 1 response_params = request_info["params"] for item in params: if item == "t": continue assert item in response_params
def test_version_route_returns_200(): app = setup_application(False, False) resp = app.get("/version") assert resp.status_code == 200
def test_returns_302_when_checking_token_without_authentication(): app = setup_application(force_recreate_database=False, force_initialize_database=False) resp = app.get("/auth/check", expect_errors=True) assert resp.status_code == 302