Add more test for the Auth Code Flow.

2015-02-12 15:04:58 -03:00 · 2015-02-12 15:04:58 -03:00 · 7583ac403b
parent a3c1317766
commit 7583ac403b
1 changed files with 47 additions and 9 deletions
--- a/openid_provider/tests/test_code_flow.py
+++ b/openid_provider/tests/test_code_flow.py
@ -1,6 +1,9 @@
+from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.contrib.auth.models import AnonymousUser
 from django.core.urlresolvers import reverse
 from django.test import RequestFactory
 from django.test import TestCase
+from openid_provider import settings
 from openid_provider.tests.utils import *
 from openid_provider.views import *
 import urllib
@ -13,6 +16,18 @@ class CodeFlowTestCase(TestCase):
        self.user = create_fake_user()
        self.client = create_fake_client(response_type='code')

+    def _create_authorize_url(self, response_type, scope=['openid', 'email']):
+        url = reverse('openid_provider:authorize')
+        url += '?client_id={0}&response_type={1}&scope={2}' \
+               '&redirect_uri={3}&state=abcdefg'.format(
+                    self.client.client_id,
+                    urllib.quote(response_type),
+                    urllib.quote(' '.join(scope)),
+                    urllib.quote(self.client.default_redirect_uri),
+                )
+
+        return url
+
    def test_authorize_invalid_parameters(self):
        """
        If the request fails due to a missing, invalid, or mismatching
@ -37,12 +52,8 @@ class CodeFlowTestCase(TestCase):
        See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError
        """
        # Create an authorize request with an unsupported response_type.
-        url = reverse('openid_provider:authorize')
-        url += '?client_id={0}&response_type=code%20id_token&scope=openid%20email' \
-               '&redirect_uri={1}&state=abcdefg'.format(
-                    self.client.client_id,
-                    urllib.quote(self.client.default_redirect_uri),
-                )
+        url = self._create_authorize_url(response_type='code id_token')
+
        request = self.factory.get(url)

        response = AuthorizeView.as_view()(request)
@ -50,6 +61,33 @@ class CodeFlowTestCase(TestCase):
        self.assertEqual(response.status_code, 302)
        self.assertEqual(response.has_header('Location'), True)

-        # Check query component in the redirection URI.
-        correct_query = 'error=' in response['Location']
-        self.assertEqual(correct_query, True)
+        # Should be an 'error' component in query.
+        query_exists = 'error=' in response['Location']
+        self.assertEqual(query_exists, True)
+
+    def test_authorize_user_not_logged(self):
+        """
+        The Authorization Server attempts to Authenticate the End-User by
+        redirecting to the login view.
+
+        See: http://openid.net/specs/openid-connect-core-1_0.html#Authenticates
+        """
+        url = self._create_authorize_url(response_type='code')
+
+        request = self.factory.get(url)
+        request.user = AnonymousUser()
+
+        response = AuthorizeView.as_view()(request)
+
+        # Check if user was redirected to the login view.
+        login_url_exists = settings.get('LOGIN_URL') in response['Location']
+        self.assertEqual(login_url_exists, True)
+
+        # Check if the login will redirect to a valid url.
+        try:
+            next_value = response['Location'].split(REDIRECT_FIELD_NAME + '=')[1]
+            next_url = urllib.unquote(next_value)
+            is_next_ok = next_url == url
+        except:
+            is_next_ok = False
+        self.assertEqual(is_next_ok, True)