Fix tests for end session endpoint.
This commit is contained in:
parent
e458542be2
commit
59db79b65c
|
@ -18,7 +18,7 @@ from oidc_provider.models import (
|
||||||
from oidc_provider import settings
|
from oidc_provider import settings
|
||||||
|
|
||||||
|
|
||||||
def create_id_token(user, aud, nonce, at_hash=None, request=None, scope=[]):
|
def create_id_token(user, aud, nonce='', at_hash='', request=None, scope=[]):
|
||||||
"""
|
"""
|
||||||
Creates the id_token dictionary.
|
Creates the id_token dictionary.
|
||||||
See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken
|
See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
import random
|
import random
|
||||||
import string
|
import string
|
||||||
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
from urlparse import parse_qs, urlsplit
|
from urlparse import parse_qs, urlsplit
|
||||||
except ImportError:
|
except ImportError:
|
||||||
|
|
|
@ -1,29 +1,46 @@
|
||||||
|
from django.core.management import call_command
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
|
|
||||||
from oidc_provider.tests.app.utils import create_fake_user
|
from oidc_provider.lib.utils.token import (
|
||||||
|
create_id_token,
|
||||||
|
encode_id_token,
|
||||||
|
)
|
||||||
|
from oidc_provider import settings
|
||||||
|
from oidc_provider.tests.app.utils import (
|
||||||
|
create_fake_client,
|
||||||
|
create_fake_user,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class EndSessionTestCase(TestCase):
|
class EndSessionTestCase(TestCase):
|
||||||
|
"""
|
||||||
|
See: http://openid.net/specs/openid-connect-session-1_0.html#RPLogout
|
||||||
|
"""
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
|
call_command('creatersakey')
|
||||||
self.user = create_fake_user()
|
self.user = create_fake_user()
|
||||||
|
|
||||||
|
self.oidc_client = create_fake_client('id_token')
|
||||||
|
self.LOGOUT_URL = 'http://example.com/logged-out/'
|
||||||
|
self.oidc_client.post_logout_redirect_uris = [self.LOGOUT_URL]
|
||||||
|
self.oidc_client.save()
|
||||||
|
|
||||||
self.url = reverse('oidc_provider:end-session')
|
self.url = reverse('oidc_provider:end-session')
|
||||||
|
|
||||||
def test_shows_logged_out_page(self):
|
|
||||||
response = self.client.get(self.url)
|
|
||||||
|
|
||||||
self.assertEqual(response.status_code, 200)
|
|
||||||
self.assertTemplateUsed(response, 'registration/logged_out.html')
|
|
||||||
|
|
||||||
def test_redirects(self):
|
def test_redirects(self):
|
||||||
response = self.client.get(self.url, data={'post_logout_redirect_uri': 'http://example.com/logged_out.html'})
|
query_params = {
|
||||||
|
'post_logout_redirect_uri': self.LOGOUT_URL,
|
||||||
|
}
|
||||||
|
response = self.client.get(self.url, query_params)
|
||||||
|
# With no id_token the OP MUST NOT redirect to the requested redirect_uri.
|
||||||
|
self.assertRedirects(response, settings.get('LOGIN_URL'), fetch_redirect_response=False)
|
||||||
|
|
||||||
self.assertRedirects(response, 'http://example.com/logged_out.html',
|
id_token_dic = create_id_token(user=self.user, aud=self.oidc_client.client_id)
|
||||||
fetch_redirect_response=False)
|
id_token = encode_id_token(id_token_dic, self.oidc_client)
|
||||||
|
|
||||||
def test_user_is_logged_out(self):
|
query_params['id_token_hint'] = id_token
|
||||||
self.assertTrue(self.client.login(username=self.user.username, password='1234'))
|
|
||||||
self.assertGreater(len(self.client.session.keys()), 0)
|
response = self.client.get(self.url, query_params)
|
||||||
self.client.get(self.url)
|
self.assertRedirects(response, self.LOGOUT_URL, fetch_redirect_response=False)
|
||||||
self.assertEqual(len(self.client.session.keys()), 0)
|
|
||||||
|
|
Loading…
Reference in a new issue