kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add protected_resource_view test using client_credentials.

Browse source
This commit is contained in:
Juan Ignacio Fiorentino 2018-04-09 20:20:33 -03:00
parent 42df40c16d
commit ac7bd336a8
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
oidc_provider/tests/cases/test_token_endpoint.py
View file

@ -9,6 +9,7 @@ except ImportError:
from urllib import urlencode from urllib import urlencode
from django.core.management import call_command from django.core.management import call_command
from django.http import JsonResponse
try: try:
from django.urls import reverse from django.urls import reverse
except ImportError: except ImportError:
@ -18,11 +19,13 @@ from django.test import (
override_settings, override_settings,
) )
from django.test import TestCase from django.test import TestCase
from django.views.decorators.http import require_http_methods
from jwkest.jwk import KEYS from jwkest.jwk import KEYS
from jwkest.jws import JWS from jwkest.jws import JWS
from jwkest.jwt import JWT from jwkest.jwt import JWT
from mock import patch from mock import patch
from oidc_provider.lib.utils.oauth2 import protected_resource_view
from oidc_provider.lib.utils.token import create_code from oidc_provider.lib.utils.token import create_code
from oidc_provider.models import Token from oidc_provider.models import Token
from oidc_provider.tests.app.utils import ( from oidc_provider.tests.app.utils import (
@ -743,6 +746,24 @@ class TokenTestCase(TestCase):
self.assertTrue('access_token' in response_dict) self.assertTrue('access_token' in response_dict)
self.assertEqual(' '.join(fake_scopes_list), response_dict['scope']) self.assertEqual(' '.join(fake_scopes_list), response_dict['scope'])
# Create a protected resource and test the access_token.
@require_http_methods(['GET'])
@protected_resource_view(fake_scopes_list)
def protected_api(request, *args, **kwargs):
return JsonResponse({'protected': 'information'}, status=200)
# Deploy view on some url. So, base url could be anything.
request = self.factory.get(
'/api/protected/?access_token={0}'.format(response_dict['access_token']))
response = protected_api(request)
response_dict = json.loads(response.content.decode('utf-8'))
self.assertEqual(response.status_code, 200)
self.assertTrue('protected' in response_dict)
# Protected resource test ends here.
# Clean scopes for this client. # Clean scopes for this client.
self.client.scope = '' self.client.scope = ''
self.client.save() self.client.save()