-
-
Notifications
You must be signed in to change notification settings - Fork 797
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f580e2e
commit 8af7670
Showing
18 changed files
with
235 additions
and
285 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -14,13 +14,10 @@ | |
|
|
||
|
|
||
| class BaseTest(TestCase): | ||
| def setUp(self): | ||
| self.foo_user = UserModel.objects.create_user("foo_user", "[email protected]", "123456") | ||
| self.bar_user = UserModel.objects.create_user("bar_user", "[email protected]", "123456") | ||
|
|
||
| def tearDown(self): | ||
| self.foo_user.delete() | ||
| self.bar_user.delete() | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| cls.foo_user = UserModel.objects.create_user("foo_user", "[email protected]", "123456") | ||
| cls.bar_user = UserModel.objects.create_user("bar_user", "[email protected]", "123456") | ||
|
|
||
|
|
||
| @pytest.mark.usefixtures("oauth2_settings") | ||
|
|
@@ -67,29 +64,26 @@ def test_application_registration_user(self): | |
|
|
||
|
|
||
| class TestApplicationViews(BaseTest): | ||
| def _create_application(self, name, user): | ||
| app = Application.objects.create( | ||
| @classmethod | ||
| def _create_application(cls, name, user): | ||
| return Application.objects.create( | ||
| name=name, | ||
| redirect_uris="http://example.com", | ||
| post_logout_redirect_uris="http://other_example.com", | ||
| client_type=Application.CLIENT_CONFIDENTIAL, | ||
| authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE, | ||
| user=user, | ||
| ) | ||
| return app | ||
|
|
||
| def setUp(self): | ||
| super().setUp() | ||
| self.app_foo_1 = self._create_application("app foo_user 1", self.foo_user) | ||
| self.app_foo_2 = self._create_application("app foo_user 2", self.foo_user) | ||
| self.app_foo_3 = self._create_application("app foo_user 3", self.foo_user) | ||
|
|
||
| self.app_bar_1 = self._create_application("app bar_user 1", self.bar_user) | ||
| self.app_bar_2 = self._create_application("app bar_user 2", self.bar_user) | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| super().setUpTestData() | ||
| cls.app_foo_1 = cls._create_application("app foo_user 1", cls.foo_user) | ||
| cls.app_foo_2 = cls._create_application("app foo_user 2", cls.foo_user) | ||
| cls.app_foo_3 = cls._create_application("app foo_user 3", cls.foo_user) | ||
|
|
||
| def tearDown(self): | ||
| super().tearDown() | ||
| get_application_model().objects.all().delete() | ||
| cls.app_bar_1 = cls._create_application("app bar_user 1", cls.bar_user) | ||
| cls.app_bar_2 = cls._create_application("app bar_user 2", cls.bar_user) | ||
|
|
||
| def test_application_list(self): | ||
| self.client.login(username="foo_user", password="123456") | ||
|
|
@@ -132,8 +126,8 @@ def test_application_udpate(self): | |
| self.assertRedirects(response, reverse("oauth2_provider:detail", args=(self.app_foo_1.pk,))) | ||
|
|
||
| self.app_foo_1.refresh_from_db() | ||
| self.assertEquals(self.app_foo_1.client_id, form_data["client_id"]) | ||
| self.assertEquals(self.app_foo_1.redirect_uris, form_data["redirect_uris"]) | ||
| self.assertEquals(self.app_foo_1.post_logout_redirect_uris, form_data["post_logout_redirect_uris"]) | ||
| self.assertEquals(self.app_foo_1.client_type, form_data["client_type"]) | ||
| self.assertEquals(self.app_foo_1.authorization_grant_type, form_data["authorization_grant_type"]) | ||
| self.assertEqual(self.app_foo_1.client_id, form_data["client_id"]) | ||
| self.assertEqual(self.app_foo_1.redirect_uris, form_data["redirect_uris"]) | ||
| self.assertEqual(self.app_foo_1.post_logout_redirect_uris, form_data["post_logout_redirect_uris"]) | ||
| self.assertEqual(self.app_foo_1.client_type, form_data["client_type"]) | ||
| self.assertEqual(self.app_foo_1.authorization_grant_type, form_data["authorization_grant_type"]) | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -24,23 +24,20 @@ class BaseTest(TestCase): | |
| Base class for cases in this module | ||
| """ | ||
|
|
||
| def setUp(self): | ||
| self.user = UserModel.objects.create_user("user", "[email protected]", "123456") | ||
| self.app = ApplicationModel.objects.create( | ||
| factory = RequestFactory() | ||
|
|
||
| @classmethod | ||
| def setUpTestData(cls): | ||
| cls.user = UserModel.objects.create_user("user", "[email protected]", "123456") | ||
| cls.app = ApplicationModel.objects.create( | ||
| name="app", | ||
| client_type=ApplicationModel.CLIENT_CONFIDENTIAL, | ||
| authorization_grant_type=ApplicationModel.GRANT_CLIENT_CREDENTIALS, | ||
| user=self.user, | ||
| user=cls.user, | ||
| ) | ||
| self.token = AccessTokenModel.objects.create( | ||
| user=self.user, token="tokstr", application=self.app, expires=now() + timedelta(days=365) | ||
| cls.token = AccessTokenModel.objects.create( | ||
| user=cls.user, token="tokstr", application=cls.app, expires=now() + timedelta(days=365) | ||
| ) | ||
| self.factory = RequestFactory() | ||
|
|
||
| def tearDown(self): | ||
| self.user.delete() | ||
| self.app.delete() | ||
| self.token.delete() | ||
|
|
||
|
|
||
| class TestOAuth2Backend(BaseTest): | ||
|
|
@@ -103,10 +100,6 @@ def test_get_user(self): | |
| } | ||
| ) | ||
| class TestOAuth2Middleware(BaseTest): | ||
| def setUp(self): | ||
| super().setUp() | ||
| self.anon_user = AnonymousUser() | ||
|
|
||
| def dummy_get_response(self, request): | ||
| return HttpResponse() | ||
|
|
||
|
|
@@ -131,7 +124,7 @@ def test_middleware_user_is_set(self): | |
| request.user = self.user | ||
| m(request) | ||
| self.assertIs(request.user, self.user) | ||
| request.user = self.anon_user | ||
| request.user = AnonymousUser() | ||
| m(request) | ||
| self.assertEqual(request.user.pk, self.user.pk) | ||
|
|
||
|
|
@@ -176,10 +169,6 @@ def test_middleware_response_header(self): | |
| } | ||
| ) | ||
| class TestOAuth2ExtraTokenMiddleware(BaseTest): | ||
| def setUp(self): | ||
| super().setUp() | ||
| self.anon_user = AnonymousUser() | ||
|
|
||
| def dummy_get_response(self, request): | ||
| return HttpResponse() | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -43,29 +43,27 @@ def get(self, request, *args, **kwargs): | |
|
|
||
| @pytest.mark.usefixtures("oauth2_settings") | ||
| class BaseTest(TestCase): | ||
| def setUp(self): | ||
| self.factory = RequestFactory() | ||
| self.test_user = UserModel.objects.create_user("test_user", "[email protected]", "123456") | ||
| self.dev_user = UserModel.objects.create_user("dev_user", "[email protected]", "123456") | ||
| factory = RequestFactory() | ||
|
|
||
| self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"] | ||
| self.oauth2_settings.PKCE_REQUIRED = False | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| cls.test_user = UserModel.objects.create_user("test_user", "[email protected]", "123456") | ||
| cls.dev_user = UserModel.objects.create_user("dev_user", "[email protected]", "123456") | ||
|
|
||
| self.application = Application.objects.create( | ||
| cls.application = Application.objects.create( | ||
| name="Test Application", | ||
| redirect_uris=( | ||
| "http://localhost http://example.com http://example.org custom-scheme://example.com" | ||
| ), | ||
| user=self.dev_user, | ||
| user=cls.dev_user, | ||
| client_type=Application.CLIENT_CONFIDENTIAL, | ||
| authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE, | ||
| client_secret=CLEARTEXT_SECRET, | ||
| ) | ||
|
|
||
| def tearDown(self): | ||
| self.application.delete() | ||
| self.test_user.delete() | ||
| self.dev_user.delete() | ||
| def setUp(self): | ||
| self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"] | ||
| self.oauth2_settings.PKCE_REQUIRED = False | ||
|
|
||
|
|
||
| class TestRegressionIssue315(BaseTest): | ||
|
|
@@ -1592,10 +1590,11 @@ def test_code_exchange_succeed_when_redirect_uri_match_with_multiple_query_param | |
|
|
||
| @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW) | ||
| class TestOIDCAuthorizationCodeTokenView(BaseAuthorizationCodeTokenView): | ||
| def setUp(self): | ||
| super().setUp() | ||
| self.application.algorithm = Application.RS256_ALGORITHM | ||
| self.application.save() | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| super().setUpTestData() | ||
| cls.application.algorithm = Application.RS256_ALGORITHM | ||
| cls.application.save() | ||
|
|
||
| def test_id_token_public(self): | ||
| """ | ||
|
|
@@ -1669,11 +1668,15 @@ def test_id_token_code_exchange_succeed_when_redirect_uri_match_with_multiple_qu | |
|
|
||
| @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW) | ||
| class TestOIDCAuthorizationCodeHSAlgorithm(BaseAuthorizationCodeTokenView): | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| super().setUpTestData() | ||
| cls.application.algorithm = Application.HS256_ALGORITHM | ||
| cls.application.save() | ||
|
|
||
| def setUp(self): | ||
| super().setUp() | ||
| self.oauth2_settings.OIDC_RSA_PRIVATE_KEY = None | ||
| self.application.algorithm = Application.HS256_ALGORITHM | ||
| self.application.save() | ||
|
|
||
| def test_id_token(self): | ||
| """ | ||
|
|
@@ -1765,10 +1768,11 @@ def test_resource_access_deny(self): | |
|
|
||
| @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW) | ||
| class TestOIDCAuthorizationCodeProtectedResource(BaseTest): | ||
| def setUp(self): | ||
| super().setUp() | ||
| self.application.algorithm = Application.RS256_ALGORITHM | ||
| self.application.save() | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| super().setUpTestData() | ||
| cls.application.algorithm = Application.RS256_ALGORITHM | ||
| cls.application.save() | ||
|
|
||
| def test_id_token_resource_access_allowed(self): | ||
| self.client.login(username="test_user", password="123456") | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -35,24 +35,21 @@ def get(self, request, *args, **kwargs): | |
| @pytest.mark.usefixtures("oauth2_settings") | ||
| @pytest.mark.oauth2_settings(presets.DEFAULT_SCOPES_RW) | ||
| class BaseTest(TestCase): | ||
| def setUp(self): | ||
| self.factory = RequestFactory() | ||
| self.test_user = UserModel.objects.create_user("test_user", "[email protected]", "123456") | ||
| self.dev_user = UserModel.objects.create_user("dev_user", "[email protected]", "123456") | ||
| factory = RequestFactory() | ||
|
|
||
| self.application = Application.objects.create( | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| cls.test_user = UserModel.objects.create_user("test_user", "[email protected]", "123456") | ||
| cls.dev_user = UserModel.objects.create_user("dev_user", "[email protected]", "123456") | ||
|
|
||
| cls.application = Application.objects.create( | ||
| name="test_client_credentials_app", | ||
| user=self.dev_user, | ||
| user=cls.dev_user, | ||
| client_type=Application.CLIENT_PUBLIC, | ||
| authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS, | ||
| client_secret=CLEARTEXT_SECRET, | ||
| ) | ||
|
|
||
| def tearDown(self): | ||
| self.application.delete() | ||
| self.test_user.delete() | ||
| self.dev_user.delete() | ||
|
|
||
|
|
||
| class TestClientCredential(BaseTest): | ||
| def test_client_credential_access_allowed(self): | ||
|
|
@@ -98,7 +95,7 @@ def test_client_credential_user_is_none_on_access_token(self): | |
| self.assertIsNone(access_token.user) | ||
|
|
||
|
|
||
| class TestView(OAuthLibMixin, View): | ||
| class ExampleView(OAuthLibMixin, View): | ||
| server_class = BackendApplicationServer | ||
| validator_class = OAuth2Validator | ||
| oauthlib_backend_class = OAuthLibCore | ||
|
|
@@ -132,7 +129,7 @@ def test_extended_request(self): | |
| request = self.request_factory.get("/fake-req", **auth_headers) | ||
| request.user = "fake" | ||
|
|
||
| test_view = TestView() | ||
| test_view = ExampleView() | ||
| self.assertIsInstance(test_view.get_server(), BackendApplicationServer) | ||
|
|
||
| valid, r = test_view.verify_request(request) | ||
|
|
@@ -145,7 +142,7 @@ def test_raises_error_with_invalid_hex_in_query_params(self): | |
| request = self.request_factory.get("/fake-req?auth_token=%%7A") | ||
|
|
||
| with pytest.raises(SuspiciousOperation): | ||
| TestView().verify_request(request) | ||
| ExampleView().verify_request(request) | ||
|
|
||
| @patch("oauth2_provider.views.mixins.OAuthLibMixin.get_oauthlib_core") | ||
| def test_reraises_value_errors_as_is(self, patched_core): | ||
|
|
@@ -154,7 +151,7 @@ def test_reraises_value_errors_as_is(self, patched_core): | |
| request = self.request_factory.get("/fake-req") | ||
|
|
||
| with pytest.raises(ValueError): | ||
| TestView().verify_request(request) | ||
| ExampleView().verify_request(request) | ||
|
|
||
|
|
||
| class TestClientResourcePasswordBased(BaseTest): | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -14,26 +14,24 @@ | |
|
|
||
|
|
||
| class TestProtectedResourceDecorator(TestCase): | ||
| @classmethod | ||
| def setUpClass(cls): | ||
| cls.request_factory = RequestFactory() | ||
| super().setUpClass() | ||
| request_factory = RequestFactory() | ||
|
|
||
| def setUp(self): | ||
| self.user = UserModel.objects.create_user("test_user", "[email protected]", "123456") | ||
| self.application = Application.objects.create( | ||
| @classmethod | ||
| def setUpTestData(cls): | ||
| cls.user = UserModel.objects.create_user("test_user", "[email protected]", "123456") | ||
| cls.application = Application.objects.create( | ||
| name="test_client_credentials_app", | ||
| user=self.user, | ||
| user=cls.user, | ||
| client_type=Application.CLIENT_PUBLIC, | ||
| authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS, | ||
| ) | ||
|
|
||
| self.access_token = AccessToken.objects.create( | ||
| user=self.user, | ||
| cls.access_token = AccessToken.objects.create( | ||
| user=cls.user, | ||
| scope="read write", | ||
| expires=timezone.now() + timedelta(seconds=300), | ||
| token="secret-access-token-key", | ||
| application=self.application, | ||
| application=cls.application, | ||
| ) | ||
|
|
||
| def test_access_denied(self): | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -48,30 +48,29 @@ def get(self, request, *args, **kwargs): | |
|
|
||
| @pytest.mark.usefixtures("oauth2_settings") | ||
| class BaseTest(TestCase): | ||
| def setUp(self): | ||
| self.factory = RequestFactory() | ||
| self.hy_test_user = UserModel.objects.create_user("hy_test_user", "[email protected]", "123456") | ||
| self.hy_dev_user = UserModel.objects.create_user("hy_dev_user", "[email protected]", "123456") | ||
| self.oauth2_settings.PKCE_REQUIRED = False | ||
| self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"] | ||
| factory = RequestFactory() | ||
|
|
||
| @classmethod | ||
| def setUpTestData(cls): | ||
| cls.hy_test_user = UserModel.objects.create_user("hy_test_user", "[email protected]", "123456") | ||
| cls.hy_dev_user = UserModel.objects.create_user("hy_dev_user", "[email protected]", "123456") | ||
|
|
||
| self.application = Application( | ||
| cls.application = Application( | ||
| name="Hybrid Test Application", | ||
| redirect_uris=( | ||
| "http://localhost http://example.com http://example.org custom-scheme://example.com" | ||
| ), | ||
| user=self.hy_dev_user, | ||
| user=cls.hy_dev_user, | ||
| client_type=Application.CLIENT_CONFIDENTIAL, | ||
| authorization_grant_type=Application.GRANT_OPENID_HYBRID, | ||
| algorithm=Application.RS256_ALGORITHM, | ||
| client_secret=CLEARTEXT_SECRET, | ||
| ) | ||
| self.application.save() | ||
| cls.application.save() | ||
|
|
||
| def tearDown(self): | ||
| self.application.delete() | ||
| self.hy_test_user.delete() | ||
| self.hy_dev_user.delete() | ||
| def setUp(self): | ||
| self.oauth2_settings.PKCE_REQUIRED = False | ||
| self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"] | ||
|
|
||
|
|
||
| @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW) | ||
|
|
||
Oops, something went wrong.