def test_access_endpoints_as_logged_in_user(logged_in_session, url, basic_auth): response = logged_in_session.get(url, allow_redirects=True, auth=basic_auth) assert response.status_code == HTTP_200_OK, status_error( HTTP_200_OK, response)
def test_get_login_dates_since_today(): today = str(datetime.date.today()) response = SSO_API_CLIENT.user.get_last_login( start=today, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response) assert "Access Denied" not in response.content.decode("UTF-8")
def test_forms_testapi_endpoints_are_not_present_on_prod(): response = FORMS_API_CLIENT.get( URLs.FORMS_API_TESTAPI.absolute, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_404_NOT_FOUND, status_error( HTTP_404_NOT_FOUND, response )
def test_forms_submissions_endpoint_accepts_only_post(): response = FORMS_API_CLIENT.get( URLs.FORMS_API_SUBMISSION.absolute, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_405_METHOD_NOT_ALLOWED, status_error( HTTP_405_METHOD_NOT_ALLOWED, response ) assert response.headers["Allow"] == "POST, OPTIONS"
def test_check_if_verify_endpoint_redirects_uk_tax_payer_to_correct_page( logged_in_session, url, basic_auth): response = logged_in_session.get(url, allow_redirects=True, auth=basic_auth) assert response.status_code == HTTP_200_OK, status_error( HTTP_200_OK, response) assert response.url == URLs.FAB_LANDING.absolute
def test_secure_cookie_flag_is_set_for_pages_behind_auth( url, basic_auth, logged_in_session): response = logged_in_session.get(url, allow_redirects=True, auth=basic_auth) assert response.status_code == HTTP_200_OK, status_error( HTTP_200_OK, response) assert_secure_cookie_flag_is_set(response)
def test_sso_authentication_using_api_client_and_stage_cookie(logged_in_session): user_session_id = logged_in_session.cookies.get("sso_stage_session") response = SSO_API_CLIENT.user.get_session_user( session_id=user_session_id, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response) assert "Access Denied" not in response.content.decode("UTF-8")
def test_check_invalid_password(logged_in_session, password): user_session_id = logged_in_session.cookies.get("directory_sso_dev_session") response = SSO_API_CLIENT.user.check_password( user_session_id, password, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_400_BAD_REQUEST, status_error( HTTP_400_BAD_REQUEST, response ) assert "Access Denied" not in response.content.decode("UTF-8")
def test_anonymous_request_to_verify_endpoint_redirects_to_login_page( url, basic_auth): response = requests.get(url, allow_redirects=True, auth=basic_auth) assert response.status_code == HTTP_200_OK, status_error( HTTP_200_OK, response) expected_url = URLs.SSO_LOGIN.absolute_template.format( next="/find-a-buyer/verify/") error = (f"Expected request to {url} to be redirected to " f"{expected_url} but was redirected to {response.url}") assert response.url == expected_url, error
def test_redirects_after_removing_trailing_slash_as_logged_in_user_tt_2287( logged_in_session, url, expected_status_code, basic_auth ): # get rid of trailing slash if url[-1] == "/": url = url[:-1] response = logged_in_session.get(url, allow_redirects=False, auth=basic_auth) assert response.status_code == expected_status_code, status_error( expected_status_code, response )
def test_check_password_using_stage_cookie(logged_in_session_and_user): session, user = logged_in_session_and_user user_session_id = session.cookies.get("sso_stage_session") assert user_session_id password = user["password"] response = SSO_API_CLIENT.user.check_password( user_session_id, password, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response) assert "Access Denied" not in response.content.decode("UTF-8")
def test_not_existing_page_return_404_user(logged_in_session, basic_auth, url): response = logged_in_session.get(url, allow_redirects=False, auth=basic_auth) assert response.status_code == HTTP_404_NOT_FOUND, status_error( HTTP_404_NOT_FOUND, response)
def test_sso_api_health_check_ping_with_sso_api_client(): """Use SSO-API client""" response = SSO_API_CLIENT.ping(authenticator=BASIC_AUTHENTICATOR) assert response.status_code == HTTP_200_OK, status_error( HTTP_200_OK, response) assert "Access Denied" not in response.content.decode("UTF-8")
def test_get_oauth2_user_profile(): token = USERS["verified"]["token"] response = SSO_API_CLIENT.user.get_oauth2_user_profile(bearer_token=token) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response) assert "Access Denied" not in response.content.decode("UTF-8")
def test_get_oauth2_user_profile_w_invalid_token(token): response = SSO_API_CLIENT.user.get_oauth2_user_profile(bearer_token=token) assert response.status_code == HTTP_401_UNAUTHORIZED, status_error( HTTP_401_UNAUTHORIZED, response ) assert "Access Denied" not in response.content.decode("UTF-8")
def test_forms_admin_is_not_available_for_unauthenticated_requests(): response = FORMS_API_CLIENT.get(URLs.FORMS_API_ADMIN.absolute) assert response.status_code == HTTP_403_FORBIDDEN, status_error( HTTP_403_FORBIDDEN, response )
def test_forms_admin_is_available_for_authenticated_requests(): response = FORMS_API_CLIENT.get( URLs.FORMS_API_ADMIN.absolute, authenticator=BASIC_AUTHENTICATOR ) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response)
def test_get_all_login_dates(): response = SSO_API_CLIENT.user.get_last_login(authenticator=BASIC_AUTHENTICATOR) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response) assert "Access Denied" not in response.content.decode("UTF-8")
def test_forms_testapi_endpoint_is_present_on_dev(email: str): response = FORMS_API_CLIENT.get( URLs.FORMS_API_TESTAPI.absolute.format(email=email), authenticator=BASIC_AUTHENTICATOR, ) assert response.status_code == HTTP_200_OK, status_error(HTTP_200_OK, response)
def test_cms_health_check_ping_endpoint_with_cms_api_client(endpoint): response = CMS_API_CLIENT.get(endpoint) assert response.status_code == HTTP_200_OK, status_error( HTTP_200_OK, response)