add OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE test

Missing test exposed as part of 0750429 bug fix.
This commit is contained in:
Andy Clayton 2018-07-03 13:37:14 -05:00
parent 0750429992
commit 6900e637ab

View file

@ -46,6 +46,20 @@ class IntrospectionTestCase(TestCase):
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
self.assertJSONEqual(force_text(response.content), {'active': False}) self.assertJSONEqual(force_text(response.content), {'active': False})
def _assert_active(self, response, **kwargs):
self.assertEqual(response.status_code, 200)
expected_content = {
'active': True,
'aud': self.resource.client_id,
'client_id': self.client.client_id,
'sub': str(self.user.pk),
'iat': int(self.now),
'exp': int(self.now + 600),
'iss': 'http://localhost:8000/openid',
}
expected_content.update(kwargs)
self.assertJSONEqual(force_text(response.content), expected_content)
def _make_request(self, **kwargs): def _make_request(self, **kwargs):
url = reverse('oidc_provider:token-introspection') url = reverse('oidc_provider:token-introspection')
data = { data = {
@ -89,28 +103,16 @@ class IntrospectionTestCase(TestCase):
def test_valid_request_returns_default_properties(self): def test_valid_request_returns_default_properties(self):
response = self._make_request() response = self._make_request()
self.assertEqual(response.status_code, 200) self._assert_active(response)
self.assertJSONEqual(force_text(response.content), {
'active': True,
'aud': self.resource.client_id,
'client_id': self.client.client_id,
'sub': str(self.user.pk),
'iat': int(self.now),
'exp': int(self.now + 600),
'iss': 'http://localhost:8000/openid',
})
@override_settings(OIDC_INTROSPECTION_PROCESSING_HOOK='oidc_provider.tests.app.utils.fake_introspection_processing_hook') # NOQA @override_settings(OIDC_INTROSPECTION_PROCESSING_HOOK='oidc_provider.tests.app.utils.fake_introspection_processing_hook') # NOQA
def test_custom_introspection_hook_called_on_valid_request(self): def test_custom_introspection_hook_called_on_valid_request(self):
response = self._make_request() response = self._make_request()
self.assertEqual(response.status_code, 200) self._assert_active(response, test_introspection_processing_hook=FAKE_RANDOM_STRING)
self.assertJSONEqual(force_text(response.content), {
'active': True, @override_settings(OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE=False)
'aud': self.resource.client_id, def test_disable_audience_validation(self):
'client_id': self.client.client_id, self.resource.scope = ['token_introspection']
'sub': str(self.user.pk), self.resource.save()
'iat': int(self.now), response = self._make_request()
'exp': int(self.now + 600), self._assert_active(response)
'iss': 'http://localhost:8000/openid',
'test_introspection_processing_hook': FAKE_RANDOM_STRING
})