Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: b1860f19a3
Branches Tags
ydb
/
contrib
/
python
/
oauthlib
/
tests
/
oauth1
/
rfc5849
/
endpoints
/
test_resource.py

test_resource.py 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 
  1. from unittest.mock import ANY, MagicMock
    2. 

  2. 

  3. from oauthlib.oauth1 import RequestValidator
    4. 

  4. from oauthlib.oauth1.rfc5849 import Client
    5. 

  5. from oauthlib.oauth1.rfc5849.endpoints import ResourceEndpoint
    6. 

  6. 

  7. from tests.unittest import TestCase
    8. 

  8. 

  9. 

  10. class ResourceEndpointTest(TestCase):
    11. 

  11. 

  12.     def setUp(self):
    13. 

  13.         self.validator = MagicMock(wraps=RequestValidator())
    14. 

  14.         self.validator.check_client_key.return_value = True
    15. 

  15.         self.validator.check_access_token.return_value = True
    16. 

  16.         self.validator.allowed_signature_methods = ['HMAC-SHA1']
    17. 

  17.         self.validator.get_client_secret.return_value = 'bar'
    18. 

  18.         self.validator.get_access_token_secret.return_value = 'secret'
    19. 

  19.         self.validator.timestamp_lifetime = 600
    20. 

  20.         self.validator.validate_client_key.return_value = True
    21. 

  21.         self.validator.validate_access_token.return_value = True
    22. 

  22.         self.validator.validate_timestamp_and_nonce.return_value = True
    23. 

  23.         self.validator.validate_realms.return_value = True
    24. 

  24.         self.validator.dummy_client = 'dummy'
    25. 

  25.         self.validator.dummy_secret = 'dummy'
    26. 

  26.         self.validator.dummy_access_token = 'dummy'
    27. 

  27.         self.endpoint = ResourceEndpoint(self.validator)
    28. 

  28.         self.client = Client('foo',
    29. 

  29.                 client_secret='bar',
    30. 

  30.                 resource_owner_key='token',
    31. 

  31.                 resource_owner_secret='secret')
    32. 

  32.         self.uri, self.headers, self.body = self.client.sign(
    33. 

  33.                 'https://i.b/protected_resource')
    34. 

  34. 

  35.     def test_missing_parameters(self):
    36. 

  36.         self.validator.check_access_token.return_value = False
    37. 

  37.         v, r = self.endpoint.validate_protected_resource_request(
    38. 

  38.                 self.uri)
    39. 

  39.         self.assertFalse(v)
    40. 

  40. 

  41.     def test_check_access_token(self):
    42. 

  42.         self.validator.check_access_token.return_value = False
    43. 

  43.         v, r = self.endpoint.validate_protected_resource_request(
    44. 

  44.                 self.uri, headers=self.headers)
    45. 

  45.         self.assertFalse(v)
    46. 

  46. 

  47.     def test_validate_client_key(self):
    48. 

  48.         self.validator.validate_client_key.return_value = False
    49. 

  49.         v, r = self.endpoint.validate_protected_resource_request(
    50. 

  50.                 self.uri, headers=self.headers)
    51. 

  51.         self.assertFalse(v)
    52. 

  52.         # the validator log should have `False` values
    53. 

  53.         self.assertFalse(r.validator_log['client'])
    54. 

  54.         self.assertTrue(r.validator_log['realm'])
    55. 

  55.         self.assertTrue(r.validator_log['resource_owner'])
    56. 

  56.         self.assertTrue(r.validator_log['signature'])
    57. 

  57. 

  58.     def test_validate_access_token(self):
    59. 

  59.         self.validator.validate_access_token.return_value = False
    60. 

  60.         v, r = self.endpoint.validate_protected_resource_request(
    61. 

  61.                 self.uri, headers=self.headers)
    62. 

  62.         self.assertFalse(v)
    63. 

  63.         # the validator log should have `False` values
    64. 

  64.         self.assertTrue(r.validator_log['client'])
    65. 

  65.         self.assertTrue(r.validator_log['realm'])
    66. 

  66.         self.assertFalse(r.validator_log['resource_owner'])
    67. 

  67.         self.assertTrue(r.validator_log['signature'])
    68. 

  68. 

  69.     def test_validate_realms(self):
    70. 

  70.         self.validator.validate_realms.return_value = False
    71. 

  71.         v, r = self.endpoint.validate_protected_resource_request(
    72. 

  72.                 self.uri, headers=self.headers)
    73. 

  73.         self.assertFalse(v)
    74. 

  74.         # the validator log should have `False` values
    75. 

  75.         self.assertTrue(r.validator_log['client'])
    76. 

  76.         self.assertFalse(r.validator_log['realm'])
    77. 

  77.         self.assertTrue(r.validator_log['resource_owner'])
    78. 

  78.         self.assertTrue(r.validator_log['signature'])
    79. 

  79. 

  80.     def test_validate_signature(self):
    81. 

  81.         client = Client('foo',
    82. 

  82.                 resource_owner_key='token',
    83. 

  83.                 resource_owner_secret='secret')
    84. 

  84.         _, headers, _ = client.sign(self.uri + '/extra')
    85. 

  85.         v, r = self.endpoint.validate_protected_resource_request(
    86. 

  86.                 self.uri, headers=headers)
    87. 

  87.         self.assertFalse(v)
    88. 

  88.         # the validator log should have `False` values
    89. 

  89.         self.assertTrue(r.validator_log['client'])
    90. 

  90.         self.assertTrue(r.validator_log['realm'])
    91. 

  91.         self.assertTrue(r.validator_log['resource_owner'])
    92. 

  92.         self.assertFalse(r.validator_log['signature'])
    93. 

  93. 

  94.     def test_valid_request(self):
    95. 

  95.         v, r = self.endpoint.validate_protected_resource_request(
    96. 

  96.                 self.uri, headers=self.headers)
    97. 

  97.         self.assertTrue(v)
    98. 

  98.         self.validator.validate_timestamp_and_nonce.assert_called_once_with(
    99. 

  99.              self.client.client_key, ANY, ANY, ANY,
    100. 

  100.              access_token=self.client.resource_owner_key)
    101. 

  101.         # everything in the validator_log should be `True`
    102. 

  102.         self.assertTrue(all(r.validator_log.items()))
    103.