diff options
author | Ib Lundgren <ib.lundgren@gmail.com> | 2013-10-04 11:20:32 +0100 |
---|---|---|
committer | Ib Lundgren <ib.lundgren@gmail.com> | 2013-10-04 11:20:32 +0100 |
commit | 398c003b236f81c8bb9a98bd1ec817e70e7da8c9 (patch) | |
tree | 9bf6eae8e19ff76a51b984df188ac5cbfba76016 /tests/oauth2 | |
parent | 1eca3219ccf292b695381f956642e0130882651f (diff) | |
download | oauthlib-398c003b236f81c8bb9a98bd1ec817e70e7da8c9.tar.gz |
Restructure client tests per grant type.
Diffstat (limited to 'tests/oauth2')
-rw-r--r-- | tests/oauth2/rfc6749/clients/__init__.py | 0 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/clients/test_backend_application.py | 61 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/clients/test_base.py | 160 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/clients/test_legacy_application.py | 63 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/clients/test_mobile_application.py | 75 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/clients/test_web_application.py | 125 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/test_client.py | 460 |
7 files changed, 484 insertions, 460 deletions
diff --git a/tests/oauth2/rfc6749/clients/__init__.py b/tests/oauth2/rfc6749/clients/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/tests/oauth2/rfc6749/clients/__init__.py diff --git a/tests/oauth2/rfc6749/clients/test_backend_application.py b/tests/oauth2/rfc6749/clients/test_backend_application.py new file mode 100644 index 0000000..a87b016 --- /dev/null +++ b/tests/oauth2/rfc6749/clients/test_backend_application.py @@ -0,0 +1,61 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import, unicode_literals +from ....unittest import TestCase + +from oauthlib.oauth2 import BackendApplicationClient + + +class BackendApplicationClientTest(TestCase): + + client_id = "someclientid" + scope = ["/profile"] + kwargs = { + "some": "providers", + "require": "extra arguments" + } + + body = "not=empty" + + body_up = "not=empty&grant_type=client_credentials" + body_kwargs = body_up + "&some=providers&require=extra+arguments" + + token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' + ' "token_type":"example",' + ' "expires_in":3600,' + ' "scope":"/profile",' + ' "example_parameter":"example_value"}') + token = { + "access_token": "2YotnFZFEjr1zCsicMWpAA", + "token_type": "example", + "expires_in": 3600, + "scope": ["/profile"], + "example_parameter": "example_value" + } + + def test_request_body(self): + client = BackendApplicationClient(self.client_id) + + # Basic, no extra arguments + body = client.prepare_request_body(body=self.body) + self.assertFormBodyEqual(body, self.body_up) + + rclient = BackendApplicationClient(self.client_id) + body = rclient.prepare_request_body(body=self.body) + self.assertFormBodyEqual(body, self.body_up) + + # With extra parameters + body = client.prepare_request_body(body=self.body, **self.kwargs) + self.assertFormBodyEqual(body, self.body_kwargs) + + def test_parse_token_response(self): + client = BackendApplicationClient(self.client_id) + + # Parse code and state + response = client.parse_request_body_response(self.token_json, scope=self.scope) + self.assertEqual(response, self.token) + self.assertEqual(client.access_token, response.get("access_token")) + self.assertEqual(client.refresh_token, response.get("refresh_token")) + self.assertEqual(client.token_type, response.get("token_type")) + + # Mismatching state + self.assertRaises(Warning, client.parse_request_body_response, self.token_json, scope="invalid") diff --git a/tests/oauth2/rfc6749/clients/test_base.py b/tests/oauth2/rfc6749/clients/test_base.py new file mode 100644 index 0000000..301a53c --- /dev/null +++ b/tests/oauth2/rfc6749/clients/test_base.py @@ -0,0 +1,160 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import, unicode_literals +from ....unittest import TestCase + +import datetime +from oauthlib import common +from oauthlib.oauth2.rfc6749 import utils +from oauthlib.oauth2 import Client +from oauthlib.oauth2.rfc6749.clients import AUTH_HEADER, URI_QUERY, BODY + + +class ClientTest(TestCase): + + client_id = "someclientid" + uri = "https://example.com/path?query=world" + body = "not=empty" + headers = {} + access_token = "token" + mac_key = "secret" + + bearer_query = uri + "&access_token=" + access_token + bearer_header = { + "Authorization": "Bearer " + access_token + } + bearer_body = body + "&access_token=" + access_token + + mac_00_header = { + "Authorization": 'MAC id="' + access_token + '", nonce="0:abc123",' + + ' bodyhash="Yqyso8r3hR5Nm1ZFv+6AvNHrxjE=",' + + ' mac="0X6aACoBY0G6xgGZVJ1IeE8dF9k="' + } + mac_01_header = { + "Authorization": 'MAC id="' + access_token + '", ts="123456789",' + + ' nonce="abc123", mac="Xuk+9oqaaKyhitkgh1CD0xrI6+s="' + } + + def test_add_bearer_token(self): + """Test a number of bearer token placements""" + + # Invalid token type + client = Client(self.client_id, token_type="invalid") + self.assertRaises(ValueError, client.add_token, self.uri) + + # Case-insensitive token type + client = Client(self.client_id, access_token=self.access_token, token_type="bEAreR") + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers) + self.assertURLEqual(uri, self.uri) + self.assertFormBodyEqual(body, self.body) + self.assertEqual(headers, self.bearer_header) + + # Missing access token + client = Client(self.client_id) + self.assertRaises(ValueError, client.add_token, self.uri) + + # The default token placement, bearer in auth header + client = Client(self.client_id, access_token=self.access_token) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers) + self.assertURLEqual(uri, self.uri) + self.assertFormBodyEqual(body, self.body) + self.assertEqual(headers, self.bearer_header) + + # Setting default placements of tokens + client = Client(self.client_id, access_token=self.access_token, + default_token_placement=AUTH_HEADER) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers) + self.assertURLEqual(uri, self.uri) + self.assertFormBodyEqual(body, self.body) + self.assertEqual(headers, self.bearer_header) + + client = Client(self.client_id, access_token=self.access_token, + default_token_placement=URI_QUERY) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers) + self.assertURLEqual(uri, self.bearer_query) + self.assertFormBodyEqual(body, self.body) + self.assertEqual(headers, self.headers) + + client = Client(self.client_id, access_token=self.access_token, + default_token_placement=BODY) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers) + self.assertURLEqual(uri, self.uri) + self.assertFormBodyEqual(body, self.bearer_body) + self.assertEqual(headers, self.headers) + + # Asking for specific placement in the add_token method + client = Client(self.client_id, access_token=self.access_token) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers, token_placement=AUTH_HEADER) + self.assertURLEqual(uri, self.uri) + self.assertFormBodyEqual(body, self.body) + self.assertEqual(headers, self.bearer_header) + + client = Client(self.client_id, access_token=self.access_token) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers, token_placement=URI_QUERY) + self.assertURLEqual(uri, self.bearer_query) + self.assertFormBodyEqual(body, self.body) + self.assertEqual(headers, self.headers) + + client = Client(self.client_id, access_token=self.access_token) + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers, token_placement=BODY) + self.assertURLEqual(uri, self.uri) + self.assertFormBodyEqual(body, self.bearer_body) + self.assertEqual(headers, self.headers) + + # Invalid token placement + client = Client(self.client_id, access_token=self.access_token) + self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, + headers=self.headers, token_placement="invalid") + + client = Client(self.client_id, access_token=self.access_token, + default_token_placement="invalid") + self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, + headers=self.headers) + + def test_add_mac_token(self): + # Missing access token + client = Client(self.client_id, token_type="MAC") + self.assertRaises(ValueError, client.add_token, self.uri) + + # Invalid hash algorithm + client = Client(self.client_id, token_type="MAC", + access_token=self.access_token, mac_key=self.mac_key, + mac_algorithm="hmac-sha-2") + self.assertRaises(ValueError, client.add_token, self.uri) + + orig_generate_timestamp = common.generate_timestamp + orig_generate_nonce = common.generate_nonce + orig_generate_age = utils.generate_age + self.addCleanup(setattr, common, 'generage_timestamp', orig_generate_timestamp) + self.addCleanup(setattr, common, 'generage_nonce', orig_generate_nonce) + self.addCleanup(setattr, utils, 'generate_age', orig_generate_age) + common.generate_timestamp = lambda: '123456789' + common.generate_nonce = lambda: 'abc123' + utils.generate_age = lambda *args: 0 + + # Add the Authorization header (draft 00) + client = Client(self.client_id, token_type="MAC", + access_token=self.access_token, mac_key=self.mac_key, + mac_algorithm="hmac-sha-1") + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers, issue_time=datetime.datetime.now()) + self.assertEqual(uri, self.uri) + self.assertEqual(body, self.body) + self.assertEqual(headers, self.mac_00_header) + + # Add the Authorization header (draft 00) + client = Client(self.client_id, token_type="MAC", + access_token=self.access_token, mac_key=self.mac_key, + mac_algorithm="hmac-sha-1") + uri, headers, body = client.add_token(self.uri, body=self.body, + headers=self.headers, draft=1) + self.assertEqual(uri, self.uri) + self.assertEqual(body, self.body) + self.assertEqual(headers, self.mac_01_header) diff --git a/tests/oauth2/rfc6749/clients/test_legacy_application.py b/tests/oauth2/rfc6749/clients/test_legacy_application.py new file mode 100644 index 0000000..e330930 --- /dev/null +++ b/tests/oauth2/rfc6749/clients/test_legacy_application.py @@ -0,0 +1,63 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import, unicode_literals +from ....unittest import TestCase + +from oauthlib.oauth2 import LegacyApplicationClient + + +class LegacyApplicationClientTest(TestCase): + + client_id = "someclientid" + scope = ["/profile"] + kwargs = { + "some": "providers", + "require": "extra arguments" + } + + username = "foo" + password = "bar" + body = "not=empty" + + body_up = "not=empty&grant_type=password&username=%s&password=%s" % (username, password) + body_kwargs = body_up + "&some=providers&require=extra+arguments" + + token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' + ' "token_type":"example",' + ' "expires_in":3600,' + ' "scope":"/profile",' + ' "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",' + ' "example_parameter":"example_value"}') + token = { + "access_token": "2YotnFZFEjr1zCsicMWpAA", + "token_type": "example", + "expires_in": 3600, + "scope": scope, + "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", + "example_parameter": "example_value" + } + + def test_request_body(self): + client = LegacyApplicationClient(self.client_id) + + # Basic, no extra arguments + body = client.prepare_request_body(self.username, self.password, + body=self.body) + self.assertFormBodyEqual(body, self.body_up) + + # With extra parameters + body = client.prepare_request_body(self.username, self.password, + body=self.body, **self.kwargs) + self.assertFormBodyEqual(body, self.body_kwargs) + + def test_parse_token_response(self): + client = LegacyApplicationClient(self.client_id) + + # Parse code and state + response = client.parse_request_body_response(self.token_json, scope=self.scope) + self.assertEqual(response, self.token) + self.assertEqual(client.access_token, response.get("access_token")) + self.assertEqual(client.refresh_token, response.get("refresh_token")) + self.assertEqual(client.token_type, response.get("token_type")) + + # Mismatching state + self.assertRaises(Warning, client.parse_request_body_response, self.token_json, scope="invalid") diff --git a/tests/oauth2/rfc6749/clients/test_mobile_application.py b/tests/oauth2/rfc6749/clients/test_mobile_application.py new file mode 100644 index 0000000..4a56b72 --- /dev/null +++ b/tests/oauth2/rfc6749/clients/test_mobile_application.py @@ -0,0 +1,75 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import, unicode_literals +from ....unittest import TestCase + +from oauthlib.oauth2 import MobileApplicationClient + + +class MobileApplicationClientTest(TestCase): + + client_id = "someclientid" + uri = "https://example.com/path?query=world" + uri_id = uri + "&response_type=token&client_id=" + client_id + uri_redirect = uri_id + "&redirect_uri=http%3A%2F%2Fmy.page.com%2Fcallback" + redirect_uri = "http://my.page.com/callback" + scope = ["/profile"] + state = "xyz" + uri_scope = uri_id + "&scope=%2Fprofile" + uri_state = uri_id + "&state=" + state + kwargs = { + "some": "providers", + "require": "extra arguments" + } + uri_kwargs = uri_id + "&some=providers&require=extra+arguments" + + code = "zzzzaaaa" + + response_uri = ('https://client.example.com/cb?#' + 'access_token=2YotnFZFEjr1zCsicMWpAA&' + 'token_type=example&' + 'expires_in=3600&' + 'scope=%2Fprofile&' + 'example_parameter=example_value') + token = { + "access_token": "2YotnFZFEjr1zCsicMWpAA", + "token_type": "example", + "expires_in": "3600", + "scope": scope, + "example_parameter": "example_value" + } + + def test_implicit_token_uri(self): + client = MobileApplicationClient(self.client_id) + + # Basic, no extra arguments + uri = client.prepare_request_uri(self.uri) + self.assertURLEqual(uri, self.uri_id) + + # With redirection uri + uri = client.prepare_request_uri(self.uri, redirect_uri=self.redirect_uri) + self.assertURLEqual(uri, self.uri_redirect) + + # With scope + uri = client.prepare_request_uri(self.uri, scope=self.scope) + self.assertURLEqual(uri, self.uri_scope) + + # With state + uri = client.prepare_request_uri(self.uri, state=self.state) + self.assertURLEqual(uri, self.uri_state) + + # With extra parameters through kwargs + uri = client.prepare_request_uri(self.uri, **self.kwargs) + self.assertURLEqual(uri, self.uri_kwargs) + + def test_parse_token_response(self): + client = MobileApplicationClient(self.client_id) + + # Parse code and state + response = client.parse_request_uri_response(self.response_uri, scope=self.scope) + self.assertEqual(response, self.token) + self.assertEqual(client.access_token, response.get("access_token")) + self.assertEqual(client.refresh_token, response.get("refresh_token")) + self.assertEqual(client.token_type, response.get("token_type")) + + # Mismatching scope + self.assertRaises(Warning, client.parse_request_uri_response, self.response_uri, scope="invalid") diff --git a/tests/oauth2/rfc6749/clients/test_web_application.py b/tests/oauth2/rfc6749/clients/test_web_application.py new file mode 100644 index 0000000..e9c091f --- /dev/null +++ b/tests/oauth2/rfc6749/clients/test_web_application.py @@ -0,0 +1,125 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import, unicode_literals +from ....unittest import TestCase + +import datetime +from oauthlib import common +from oauthlib.oauth2.rfc6749 import utils, errors +from oauthlib.oauth2 import Client +from oauthlib.oauth2 import WebApplicationClient +from oauthlib.oauth2 import MobileApplicationClient +from oauthlib.oauth2 import LegacyApplicationClient +from oauthlib.oauth2 import BackendApplicationClient +from oauthlib.oauth2.rfc6749.clients import AUTH_HEADER, URI_QUERY, BODY + + +class WebApplicationClientTest(TestCase): + + client_id = "someclientid" + uri = "https://example.com/path?query=world" + uri_id = uri + "&response_type=code&client_id=" + client_id + uri_redirect = uri_id + "&redirect_uri=http%3A%2F%2Fmy.page.com%2Fcallback" + redirect_uri = "http://my.page.com/callback" + scope = ["/profile"] + state = "xyz" + uri_scope = uri_id + "&scope=%2Fprofile" + uri_state = uri_id + "&state=" + state + kwargs = { + "some": "providers", + "require": "extra arguments" + } + uri_kwargs = uri_id + "&some=providers&require=extra+arguments" + + code = "zzzzaaaa" + body = "not=empty" + + body_code = "not=empty&grant_type=authorization_code&code=%s&client_id=%s" % (code, client_id) + body_redirect = body_code + "&redirect_uri=http%3A%2F%2Fmy.page.com%2Fcallback" + body_kwargs = body_code + "&some=providers&require=extra+arguments" + + response_uri = "https://client.example.com/cb?code=zzzzaaaa&state=xyz" + response = {"code": "zzzzaaaa", "state": "xyz"} + + token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' + ' "token_type":"example",' + ' "expires_in":3600,' + ' "scope":"/profile",' + ' "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",' + ' "example_parameter":"example_value"}') + token = { + "access_token": "2YotnFZFEjr1zCsicMWpAA", + "token_type": "example", + "expires_in": 3600, + "scope": scope, + "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", + "example_parameter": "example_value" + } + + def test_auth_grant_uri(self): + client = WebApplicationClient(self.client_id) + + # Basic, no extra arguments + uri = client.prepare_request_uri(self.uri) + self.assertURLEqual(uri, self.uri_id) + + # With redirection uri + uri = client.prepare_request_uri(self.uri, redirect_uri=self.redirect_uri) + self.assertURLEqual(uri, self.uri_redirect) + + # With scope + uri = client.prepare_request_uri(self.uri, scope=self.scope) + self.assertURLEqual(uri, self.uri_scope) + + # With state + uri = client.prepare_request_uri(self.uri, state=self.state) + self.assertURLEqual(uri, self.uri_state) + + # With extra parameters through kwargs + uri = client.prepare_request_uri(self.uri, **self.kwargs) + self.assertURLEqual(uri, self.uri_kwargs) + + def test_request_body(self): + client = WebApplicationClient(self.client_id, code=self.code) + + # Basic, no extra arguments + body = client.prepare_request_body(body=self.body) + self.assertFormBodyEqual(body, self.body_code) + + rclient = WebApplicationClient(self.client_id) + body = rclient.prepare_request_body(code=self.code, body=self.body) + self.assertFormBodyEqual(body, self.body_code) + + # With redirection uri + body = client.prepare_request_body(body=self.body, redirect_uri=self.redirect_uri) + self.assertFormBodyEqual(body, self.body_redirect) + + # With extra parameters + body = client.prepare_request_body(body=self.body, **self.kwargs) + self.assertFormBodyEqual(body, self.body_kwargs) + + def test_parse_grant_uri_response(self): + client = WebApplicationClient(self.client_id) + + # Parse code and state + response = client.parse_request_uri_response(self.response_uri, state=self.state) + self.assertEqual(response, self.response) + self.assertEqual(client.code, self.code) + + # Mismatching state + self.assertRaises(errors.MismatchingStateError, + client.parse_request_uri_response, + self.response_uri, + state="invalid") + + def test_parse_token_response(self): + client = WebApplicationClient(self.client_id) + + # Parse code and state + response = client.parse_request_body_response(self.token_json, scope=self.scope) + self.assertEqual(response, self.token) + self.assertEqual(client.access_token, response.get("access_token")) + self.assertEqual(client.refresh_token, response.get("refresh_token")) + self.assertEqual(client.token_type, response.get("token_type")) + + # Mismatching state + self.assertRaises(Warning, client.parse_request_body_response, self.token_json, scope="invalid") diff --git a/tests/oauth2/rfc6749/test_client.py b/tests/oauth2/rfc6749/test_client.py deleted file mode 100644 index 9d08786..0000000 --- a/tests/oauth2/rfc6749/test_client.py +++ /dev/null @@ -1,460 +0,0 @@ -# -*- coding: utf-8 -*- -from __future__ import absolute_import, unicode_literals -from ...unittest import TestCase - -import datetime -from oauthlib import common -from oauthlib.oauth2.rfc6749 import utils, errors -from oauthlib.oauth2 import Client -from oauthlib.oauth2 import WebApplicationClient -from oauthlib.oauth2 import MobileApplicationClient -from oauthlib.oauth2 import LegacyApplicationClient -from oauthlib.oauth2 import BackendApplicationClient -from oauthlib.oauth2.rfc6749.clients import AUTH_HEADER, URI_QUERY, BODY - - -class ClientTest(TestCase): - - client_id = "someclientid" - uri = "https://example.com/path?query=world" - body = "not=empty" - headers = {} - access_token = "token" - mac_key = "secret" - - bearer_query = uri + "&access_token=" + access_token - bearer_header = { - "Authorization": "Bearer " + access_token - } - bearer_body = body + "&access_token=" + access_token - - mac_00_header = { - "Authorization": 'MAC id="' + access_token + '", nonce="0:abc123",' + - ' bodyhash="Yqyso8r3hR5Nm1ZFv+6AvNHrxjE=",' + - ' mac="0X6aACoBY0G6xgGZVJ1IeE8dF9k="' - } - mac_01_header = { - "Authorization": 'MAC id="' + access_token + '", ts="123456789",' + - ' nonce="abc123", mac="Xuk+9oqaaKyhitkgh1CD0xrI6+s="' - } - - def test_add_bearer_token(self): - """Test a number of bearer token placements""" - - # Invalid token type - client = Client(self.client_id, token_type="invalid") - self.assertRaises(ValueError, client.add_token, self.uri) - - # Case-insensitive token type - client = Client(self.client_id, access_token=self.access_token, token_type="bEAreR") - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers) - self.assertURLEqual(uri, self.uri) - self.assertFormBodyEqual(body, self.body) - self.assertEqual(headers, self.bearer_header) - - # Missing access token - client = Client(self.client_id) - self.assertRaises(ValueError, client.add_token, self.uri) - - # The default token placement, bearer in auth header - client = Client(self.client_id, access_token=self.access_token) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers) - self.assertURLEqual(uri, self.uri) - self.assertFormBodyEqual(body, self.body) - self.assertEqual(headers, self.bearer_header) - - # Setting default placements of tokens - client = Client(self.client_id, access_token=self.access_token, - default_token_placement=AUTH_HEADER) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers) - self.assertURLEqual(uri, self.uri) - self.assertFormBodyEqual(body, self.body) - self.assertEqual(headers, self.bearer_header) - - client = Client(self.client_id, access_token=self.access_token, - default_token_placement=URI_QUERY) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers) - self.assertURLEqual(uri, self.bearer_query) - self.assertFormBodyEqual(body, self.body) - self.assertEqual(headers, self.headers) - - client = Client(self.client_id, access_token=self.access_token, - default_token_placement=BODY) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers) - self.assertURLEqual(uri, self.uri) - self.assertFormBodyEqual(body, self.bearer_body) - self.assertEqual(headers, self.headers) - - # Asking for specific placement in the add_token method - client = Client(self.client_id, access_token=self.access_token) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers, token_placement=AUTH_HEADER) - self.assertURLEqual(uri, self.uri) - self.assertFormBodyEqual(body, self.body) - self.assertEqual(headers, self.bearer_header) - - client = Client(self.client_id, access_token=self.access_token) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers, token_placement=URI_QUERY) - self.assertURLEqual(uri, self.bearer_query) - self.assertFormBodyEqual(body, self.body) - self.assertEqual(headers, self.headers) - - client = Client(self.client_id, access_token=self.access_token) - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers, token_placement=BODY) - self.assertURLEqual(uri, self.uri) - self.assertFormBodyEqual(body, self.bearer_body) - self.assertEqual(headers, self.headers) - - # Invalid token placement - client = Client(self.client_id, access_token=self.access_token) - self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, - headers=self.headers, token_placement="invalid") - - client = Client(self.client_id, access_token=self.access_token, - default_token_placement="invalid") - self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, - headers=self.headers) - - def test_add_mac_token(self): - # Missing access token - client = Client(self.client_id, token_type="MAC") - self.assertRaises(ValueError, client.add_token, self.uri) - - # Invalid hash algorithm - client = Client(self.client_id, token_type="MAC", - access_token=self.access_token, mac_key=self.mac_key, - mac_algorithm="hmac-sha-2") - self.assertRaises(ValueError, client.add_token, self.uri) - - orig_generate_timestamp = common.generate_timestamp - orig_generate_nonce = common.generate_nonce - orig_generate_age = utils.generate_age - self.addCleanup(setattr, common, 'generage_timestamp', orig_generate_timestamp) - self.addCleanup(setattr, common, 'generage_nonce', orig_generate_nonce) - self.addCleanup(setattr, utils, 'generate_age', orig_generate_age) - common.generate_timestamp = lambda: '123456789' - common.generate_nonce = lambda: 'abc123' - utils.generate_age = lambda *args: 0 - - # Add the Authorization header (draft 00) - client = Client(self.client_id, token_type="MAC", - access_token=self.access_token, mac_key=self.mac_key, - mac_algorithm="hmac-sha-1") - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers, issue_time=datetime.datetime.now()) - self.assertEqual(uri, self.uri) - self.assertEqual(body, self.body) - self.assertEqual(headers, self.mac_00_header) - - # Add the Authorization header (draft 00) - client = Client(self.client_id, token_type="MAC", - access_token=self.access_token, mac_key=self.mac_key, - mac_algorithm="hmac-sha-1") - uri, headers, body = client.add_token(self.uri, body=self.body, - headers=self.headers, draft=1) - self.assertEqual(uri, self.uri) - self.assertEqual(body, self.body) - self.assertEqual(headers, self.mac_01_header) - - -class WebApplicationClientTest(TestCase): - - client_id = "someclientid" - uri = "https://example.com/path?query=world" - uri_id = uri + "&response_type=code&client_id=" + client_id - uri_redirect = uri_id + "&redirect_uri=http%3A%2F%2Fmy.page.com%2Fcallback" - redirect_uri = "http://my.page.com/callback" - scope = ["/profile"] - state = "xyz" - uri_scope = uri_id + "&scope=%2Fprofile" - uri_state = uri_id + "&state=" + state - kwargs = { - "some": "providers", - "require": "extra arguments" - } - uri_kwargs = uri_id + "&some=providers&require=extra+arguments" - - code = "zzzzaaaa" - body = "not=empty" - - body_code = "not=empty&grant_type=authorization_code&code=%s&client_id=%s" % (code, client_id) - body_redirect = body_code + "&redirect_uri=http%3A%2F%2Fmy.page.com%2Fcallback" - body_kwargs = body_code + "&some=providers&require=extra+arguments" - - response_uri = "https://client.example.com/cb?code=zzzzaaaa&state=xyz" - response = {"code": "zzzzaaaa", "state": "xyz"} - - token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' - ' "token_type":"example",' - ' "expires_in":3600,' - ' "scope":"/profile",' - ' "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",' - ' "example_parameter":"example_value"}') - token = { - "access_token": "2YotnFZFEjr1zCsicMWpAA", - "token_type": "example", - "expires_in": 3600, - "scope": scope, - "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", - "example_parameter": "example_value" - } - - def test_auth_grant_uri(self): - client = WebApplicationClient(self.client_id) - - # Basic, no extra arguments - uri = client.prepare_request_uri(self.uri) - self.assertURLEqual(uri, self.uri_id) - - # With redirection uri - uri = client.prepare_request_uri(self.uri, redirect_uri=self.redirect_uri) - self.assertURLEqual(uri, self.uri_redirect) - - # With scope - uri = client.prepare_request_uri(self.uri, scope=self.scope) - self.assertURLEqual(uri, self.uri_scope) - - # With state - uri = client.prepare_request_uri(self.uri, state=self.state) - self.assertURLEqual(uri, self.uri_state) - - # With extra parameters through kwargs - uri = client.prepare_request_uri(self.uri, **self.kwargs) - self.assertURLEqual(uri, self.uri_kwargs) - - def test_request_body(self): - client = WebApplicationClient(self.client_id, code=self.code) - - # Basic, no extra arguments - body = client.prepare_request_body(body=self.body) - self.assertFormBodyEqual(body, self.body_code) - - rclient = WebApplicationClient(self.client_id) - body = rclient.prepare_request_body(code=self.code, body=self.body) - self.assertFormBodyEqual(body, self.body_code) - - # With redirection uri - body = client.prepare_request_body(body=self.body, redirect_uri=self.redirect_uri) - self.assertFormBodyEqual(body, self.body_redirect) - - # With extra parameters - body = client.prepare_request_body(body=self.body, **self.kwargs) - self.assertFormBodyEqual(body, self.body_kwargs) - - def test_parse_grant_uri_response(self): - client = WebApplicationClient(self.client_id) - - # Parse code and state - response = client.parse_request_uri_response(self.response_uri, state=self.state) - self.assertEqual(response, self.response) - self.assertEqual(client.code, self.code) - - # Mismatching state - self.assertRaises(errors.MismatchingStateError, - client.parse_request_uri_response, - self.response_uri, - state="invalid") - - def test_parse_token_response(self): - client = WebApplicationClient(self.client_id) - - # Parse code and state - response = client.parse_request_body_response(self.token_json, scope=self.scope) - self.assertEqual(response, self.token) - self.assertEqual(client.access_token, response.get("access_token")) - self.assertEqual(client.refresh_token, response.get("refresh_token")) - self.assertEqual(client.token_type, response.get("token_type")) - - # Mismatching state - self.assertRaises(Warning, client.parse_request_body_response, self.token_json, scope="invalid") - - -class MobileApplicationClientTest(TestCase): - - client_id = "someclientid" - uri = "https://example.com/path?query=world" - uri_id = uri + "&response_type=token&client_id=" + client_id - uri_redirect = uri_id + "&redirect_uri=http%3A%2F%2Fmy.page.com%2Fcallback" - redirect_uri = "http://my.page.com/callback" - scope = ["/profile"] - state = "xyz" - uri_scope = uri_id + "&scope=%2Fprofile" - uri_state = uri_id + "&state=" + state - kwargs = { - "some": "providers", - "require": "extra arguments" - } - uri_kwargs = uri_id + "&some=providers&require=extra+arguments" - - code = "zzzzaaaa" - - response_uri = ('https://client.example.com/cb?#' - 'access_token=2YotnFZFEjr1zCsicMWpAA&' - 'token_type=example&' - 'expires_in=3600&' - 'scope=%2Fprofile&' - 'example_parameter=example_value') - token = { - "access_token": "2YotnFZFEjr1zCsicMWpAA", - "token_type": "example", - "expires_in": "3600", - "scope": scope, - "example_parameter": "example_value" - } - - def test_implicit_token_uri(self): - client = MobileApplicationClient(self.client_id) - - # Basic, no extra arguments - uri = client.prepare_request_uri(self.uri) - self.assertURLEqual(uri, self.uri_id) - - # With redirection uri - uri = client.prepare_request_uri(self.uri, redirect_uri=self.redirect_uri) - self.assertURLEqual(uri, self.uri_redirect) - - # With scope - uri = client.prepare_request_uri(self.uri, scope=self.scope) - self.assertURLEqual(uri, self.uri_scope) - - # With state - uri = client.prepare_request_uri(self.uri, state=self.state) - self.assertURLEqual(uri, self.uri_state) - - # With extra parameters through kwargs - uri = client.prepare_request_uri(self.uri, **self.kwargs) - self.assertURLEqual(uri, self.uri_kwargs) - - def test_parse_token_response(self): - client = MobileApplicationClient(self.client_id) - - # Parse code and state - response = client.parse_request_uri_response(self.response_uri, scope=self.scope) - self.assertEqual(response, self.token) - self.assertEqual(client.access_token, response.get("access_token")) - self.assertEqual(client.refresh_token, response.get("refresh_token")) - self.assertEqual(client.token_type, response.get("token_type")) - - # Mismatching scope - self.assertRaises(Warning, client.parse_request_uri_response, self.response_uri, scope="invalid") - - -class LegacyApplicationClientTest(TestCase): - - client_id = "someclientid" - scope = ["/profile"] - kwargs = { - "some": "providers", - "require": "extra arguments" - } - - username = "foo" - password = "bar" - body = "not=empty" - - body_up = "not=empty&grant_type=password&username=%s&password=%s" % (username, password) - body_kwargs = body_up + "&some=providers&require=extra+arguments" - - token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' - ' "token_type":"example",' - ' "expires_in":3600,' - ' "scope":"/profile",' - ' "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",' - ' "example_parameter":"example_value"}') - token = { - "access_token": "2YotnFZFEjr1zCsicMWpAA", - "token_type": "example", - "expires_in": 3600, - "scope": scope, - "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA", - "example_parameter": "example_value" - } - - def test_request_body(self): - client = LegacyApplicationClient(self.client_id) - - # Basic, no extra arguments - body = client.prepare_request_body(self.username, self.password, - body=self.body) - self.assertFormBodyEqual(body, self.body_up) - - # With extra parameters - body = client.prepare_request_body(self.username, self.password, - body=self.body, **self.kwargs) - self.assertFormBodyEqual(body, self.body_kwargs) - - def test_parse_token_response(self): - client = LegacyApplicationClient(self.client_id) - - # Parse code and state - response = client.parse_request_body_response(self.token_json, scope=self.scope) - self.assertEqual(response, self.token) - self.assertEqual(client.access_token, response.get("access_token")) - self.assertEqual(client.refresh_token, response.get("refresh_token")) - self.assertEqual(client.token_type, response.get("token_type")) - - # Mismatching state - self.assertRaises(Warning, client.parse_request_body_response, self.token_json, scope="invalid") - - -class BackendApplicationClientTest(TestCase): - - client_id = "someclientid" - scope = ["/profile"] - kwargs = { - "some": "providers", - "require": "extra arguments" - } - - body = "not=empty" - - body_up = "not=empty&grant_type=client_credentials" - body_kwargs = body_up + "&some=providers&require=extra+arguments" - - token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' - ' "token_type":"example",' - ' "expires_in":3600,' - ' "scope":"/profile",' - ' "example_parameter":"example_value"}') - token = { - "access_token": "2YotnFZFEjr1zCsicMWpAA", - "token_type": "example", - "expires_in": 3600, - "scope": ["/profile"], - "example_parameter": "example_value" - } - - def test_request_body(self): - client = BackendApplicationClient(self.client_id) - - # Basic, no extra arguments - body = client.prepare_request_body(body=self.body) - self.assertFormBodyEqual(body, self.body_up) - - rclient = BackendApplicationClient(self.client_id) - body = rclient.prepare_request_body(body=self.body) - self.assertFormBodyEqual(body, self.body_up) - - # With extra parameters - body = client.prepare_request_body(body=self.body, **self.kwargs) - self.assertFormBodyEqual(body, self.body_kwargs) - - def test_parse_token_response(self): - client = BackendApplicationClient(self.client_id) - - # Parse code and state - response = client.parse_request_body_response(self.token_json, scope=self.scope) - self.assertEqual(response, self.token) - self.assertEqual(client.access_token, response.get("access_token")) - self.assertEqual(client.refresh_token, response.get("refresh_token")) - self.assertEqual(client.token_type, response.get("token_type")) - - # Mismatching state - self.assertRaises(Warning, client.parse_request_body_response, self.token_json, scope="invalid") |