Add tests for userinfo endpoint.
This commit is contained in:
parent
06fb967bf8
commit
03634f90e9
1 changed files with 78 additions and 0 deletions
78
oidc_provider/tests/test_userinfo_endpoint.py
Normal file
78
oidc_provider/tests/test_userinfo_endpoint.py
Normal file
|
@ -0,0 +1,78 @@
|
|||
from datetime import timedelta
|
||||
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.test import RequestFactory
|
||||
from django.test import TestCase
|
||||
from django.utils import timezone
|
||||
|
||||
from oidc_provider.lib.utils.token import *
|
||||
from oidc_provider.models import *
|
||||
from oidc_provider.tests.utils import *
|
||||
from oidc_provider.views import userinfo
|
||||
|
||||
|
||||
class UserInfoTestCase(TestCase):
|
||||
|
||||
def setUp(self):
|
||||
self.factory = RequestFactory()
|
||||
self.user = create_fake_user()
|
||||
self.client = create_fake_client(response_type='code')
|
||||
|
||||
def _create_token(self):
|
||||
"""
|
||||
Generate a valid token.
|
||||
"""
|
||||
id_token_dic = create_id_token(self.user, self.client.client_id)
|
||||
|
||||
token = create_token(
|
||||
user=self.user,
|
||||
client=self.client,
|
||||
id_token_dic=id_token_dic,
|
||||
scope=['openid', 'email'])
|
||||
token.save()
|
||||
|
||||
return token
|
||||
|
||||
def _post_request(self, access_token):
|
||||
"""
|
||||
Makes a request to the userinfo endpoint by sending the
|
||||
`post_data` parameters using the 'multipart/form-data'
|
||||
format.
|
||||
"""
|
||||
url = reverse('oidc_provider:userinfo')
|
||||
|
||||
request = self.factory.post(url,
|
||||
data={},
|
||||
content_type='multipart/form-data')
|
||||
|
||||
request.META['HTTP_AUTHORIZATION'] = 'Bearer ' + access_token
|
||||
|
||||
response = userinfo(request)
|
||||
|
||||
return response
|
||||
|
||||
def test_response_with_valid_token(self):
|
||||
token = self._create_token()
|
||||
|
||||
# Test a valid request to the userinfo endpoint.
|
||||
response = self._post_request(token.access_token)
|
||||
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(bool(response.content), True)
|
||||
|
||||
def test_response_with_expired_token(self):
|
||||
token = self._create_token()
|
||||
|
||||
# Make token expired.
|
||||
token.expires_at = timezone.now() - timedelta(hours=1)
|
||||
token.save()
|
||||
|
||||
response = self._post_request(token.access_token)
|
||||
|
||||
self.assertEqual(response.status_code, 401)
|
||||
|
||||
try:
|
||||
is_header_field_ok = 'invalid_token' in response['WWW-Authenticate']
|
||||
except KeyError:
|
||||
is_header_field_ok = False
|
||||
self.assertEqual(is_header_field_ok, True)
|
Loading…
Reference in a new issue