55 lines
No EOL
2 KiB
Python
55 lines
No EOL
2 KiB
Python
from django.core.urlresolvers import reverse
|
|
from django.test import RequestFactory
|
|
from django.test import TestCase
|
|
from openid_provider.tests.utils import *
|
|
from openid_provider.views import *
|
|
import urllib
|
|
|
|
|
|
class CodeFlowTestCase(TestCase):
|
|
|
|
def setUp(self):
|
|
self.factory = RequestFactory()
|
|
self.user = create_fake_user()
|
|
self.client = create_fake_client(response_type='code')
|
|
|
|
def test_authorize_invalid_parameters(self):
|
|
"""
|
|
If the request fails due to a missing, invalid, or mismatching
|
|
redirection URI, or if the client identifier is missing or invalid,
|
|
the authorization server SHOULD inform the resource owner of the error.
|
|
|
|
See: https://tools.ietf.org/html/rfc6749#section-4.1.2.1
|
|
"""
|
|
url = reverse('openid_provider:authorize')
|
|
request = self.factory.get(url)
|
|
|
|
response = AuthorizeView.as_view()(request)
|
|
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertEqual(bool(response.content), True)
|
|
|
|
def test_authorize_invalid_response_type(self):
|
|
"""
|
|
The OP informs the RP by using the Error Response parameters defined
|
|
in Section 4.1.2.1 of OAuth 2.0.
|
|
|
|
See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError
|
|
"""
|
|
# Create an authorize request with an unsupported response_type.
|
|
url = reverse('openid_provider:authorize')
|
|
url += '?client_id={0}&response_type=code%20id_token&scope=openid%20email' \
|
|
'&redirect_uri={1}&state=abcdefg'.format(
|
|
self.client.client_id,
|
|
urllib.quote(self.client.default_redirect_uri),
|
|
)
|
|
request = self.factory.get(url)
|
|
|
|
response = AuthorizeView.as_view()(request)
|
|
|
|
self.assertEqual(response.status_code, 302)
|
|
self.assertEqual(response.has_header('Location'), True)
|
|
|
|
# Check query component in the redirection URI.
|
|
correct_query = 'error=' in response['Location']
|
|
self.assertEqual(correct_query, True) |