kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add more test for the Auth Code Flow.

Browse source
This commit is contained in:
juanifioren 2015-02-12 15:04:58 -03:00
parent a3c1317766
commit 7583ac403b
1 changed files with 47 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
openid_provider/tests/test_code_flow.py
View file

@ -1,6 +1,9 @@
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.models import AnonymousUser
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.test import RequestFactory from django.test import RequestFactory
from django.test import TestCase from django.test import TestCase
from openid_provider import settings
from openid_provider.tests.utils import * from openid_provider.tests.utils import *
from openid_provider.views import * from openid_provider.views import *
import urllib import urllib
@ -13,6 +16,18 @@ class CodeFlowTestCase(TestCase):
self.user = create_fake_user() self.user = create_fake_user()
self.client = create_fake_client(response_type='code') self.client = create_fake_client(response_type='code')
def _create_authorize_url(self, response_type, scope=['openid', 'email']):
url = reverse('openid_provider:authorize')
url += '?client_id={0}&response_type={1}&scope={2}' \
'&redirect_uri={3}&state=abcdefg'.format(
self.client.client_id,
urllib.quote(response_type),
urllib.quote(' '.join(scope)),
urllib.quote(self.client.default_redirect_uri),
)
return url
def test_authorize_invalid_parameters(self): def test_authorize_invalid_parameters(self):
""" """
If the request fails due to a missing, invalid, or mismatching If the request fails due to a missing, invalid, or mismatching
@ -37,12 +52,8 @@ class CodeFlowTestCase(TestCase):
See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError
""" """
# Create an authorize request with an unsupported response_type. # Create an authorize request with an unsupported response_type.
url = reverse('openid_provider:authorize') url = self._create_authorize_url(response_type='code id_token')
url += '?client_id={0}&response_type=code%20id_token&scope=openid%20email' \
'&redirect_uri={1}&state=abcdefg'.format(
self.client.client_id,
urllib.quote(self.client.default_redirect_uri),
)
request = self.factory.get(url) request = self.factory.get(url)
response = AuthorizeView.as_view()(request) response = AuthorizeView.as_view()(request)
@ -50,6 +61,33 @@ class CodeFlowTestCase(TestCase):
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
self.assertEqual(response.has_header('Location'), True) self.assertEqual(response.has_header('Location'), True)
# Check query component in the redirection URI. # Should be an 'error' component in query.
correct_query = 'error=' in response['Location'] query_exists = 'error=' in response['Location']
self.assertEqual(correct_query, True) self.assertEqual(query_exists, True)
def test_authorize_user_not_logged(self):
"""
The Authorization Server attempts to Authenticate the End-User by
redirecting to the login view.
See: http://openid.net/specs/openid-connect-core-1_0.html#Authenticates
"""
url = self._create_authorize_url(response_type='code')
request = self.factory.get(url)
request.user = AnonymousUser()
response = AuthorizeView.as_view()(request)
# Check if user was redirected to the login view.
login_url_exists = settings.get('LOGIN_URL') in response['Location']
self.assertEqual(login_url_exists, True)
# Check if the login will redirect to a valid url.
try:
next_value = response['Location'].split(REDIRECT_FIELD_NAME + '=')[1]
next_url = urllib.unquote(next_value)
is_next_ok = next_url == url
except:
is_next_ok = False
self.assertEqual(is_next_ok, True)