django-oidc-provider/openid_provider/tests/test_code_flow.py

from django.core.urlresolvers import reverse
from django.test import RequestFactory
from django.test import TestCase
from openid_provider.tests.utils import *
from openid_provider.views import *
import urllib


class CodeFlowTestCase(TestCase):

    def setUp(self):
        self.factory = RequestFactory()
        self.user = create_fake_user()
        self.client = create_fake_client(response_type='code')

    def test_authorize_invalid_parameters(self):
        """
        If the request fails due to a missing, invalid, or mismatching
        redirection URI, or if the client identifier is missing or invalid,
        the authorization server SHOULD inform the resource owner of the error.

        See: https://tools.ietf.org/html/rfc6749#section-4.1.2.1
        """
        url = reverse('openid_provider:authorize')
        request = self.factory.get(url)

        response = AuthorizeView.as_view()(request)

        self.assertEqual(response.status_code, 200)
        self.assertEqual(bool(response.content), True)

    def test_authorize_invalid_response_type(self):
        """
        The OP informs the RP by using the Error Response parameters defined
        in Section 4.1.2.1 of OAuth 2.0.

        See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError
        """
        # Create an authorize request with an unsupported response_type.
        url = reverse('openid_provider:authorize')
        url += '?client_id={0}&response_type=code%20id_token&scope=openid%20email' \
               '&redirect_uri={1}&state=abcdefg'.format(
                    self.client.client_id,
                    urllib.quote(self.client.default_redirect_uri),
                )
        request = self.factory.get(url)

        response = AuthorizeView.as_view()(request)

        self.assertEqual(response.status_code, 302)
        self.assertEqual(response.has_header('Location'), True)

        # Check query component in the redirection URI.
        correct_query = 'error=' in response['Location']
        self.assertEqual(correct_query, True)
Add some tests. 2015-02-11 18:37:51 +00:00			`from django.core.urlresolvers import reverse`
			`from django.test import RequestFactory`
			`from django.test import TestCase`
			`from openid_provider.tests.utils import *`
			`from openid_provider.views import *`
Add another test for Code Flow. 2015-02-11 20:38:37 +00:00			`import urllib`
Add some tests. 2015-02-11 18:37:51 +00:00

			`class CodeFlowTestCase(TestCase):`

			`def setUp(self):`
			`self.factory = RequestFactory()`
			`self.user = create_fake_user()`
			`self.client = create_fake_client(response_type='code')`

			`def test_authorize_invalid_parameters(self):`
			`"""`
			`If the request fails due to a missing, invalid, or mismatching`
			`redirection URI, or if the client identifier is missing or invalid,`
			`the authorization server SHOULD inform the resource owner of the error.`

			`See: https://tools.ietf.org/html/rfc6749#section-4.1.2.1`
			`"""`
			`url = reverse('openid_provider:authorize')`
			`request = self.factory.get(url)`

			`response = AuthorizeView.as_view()(request)`

			`self.assertEqual(response.status_code, 200)`
Add another test for Code Flow. 2015-02-11 20:38:37 +00:00			`self.assertEqual(bool(response.content), True)`

			`def test_authorize_invalid_response_type(self):`
			`"""`
			`The OP informs the RP by using the Error Response parameters defined`
			`in Section 4.1.2.1 of OAuth 2.0.`

			`See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError`
			`"""`
			`# Create an authorize request with an unsupported response_type.`
			`url = reverse('openid_provider:authorize')`
			`url += '?client_id={0}&response_type=code%20id_token&scope=openid%20email' \`
			`'&redirect_uri={1}&state=abcdefg'.format(`
			`self.client.client_id,`
			`urllib.quote(self.client.default_redirect_uri),`
			`)`
			`request = self.factory.get(url)`

			`response = AuthorizeView.as_view()(request)`

			`self.assertEqual(response.status_code, 302)`
			`self.assertEqual(response.has_header('Location'), True)`

			`# Check query component in the redirection URI.`
			`correct_query = 'error=' in response['Location']`
			`self.assertEqual(correct_query, True)`