summaryrefslogtreecommitdiffstats
path: root/python/tests/web_auth.py
blob: 1238275ea6f362cca511e486f93de7330286c83d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
import responses
from fixtures import *


@responses.activate
def test_ia_xauth_fail(full_app):

    # failed login
    with full_app.test_client() as app:

        rv = app.get("/auth/ia/login")
        assert rv.status_code == 200

        responses.add(
            responses.POST,
            full_app.config["IA_XAUTH_URI"] + "?op=authenticate",
            status=401,
            json=dict(success=False),
        )
        rv = app.post(
            "/auth/ia/login",
            follow_redirects=True,
            data=dict(email="abcd@example.com", password="god"),
        )
        assert rv.status_code == 401

        rv = app.get("/auth/account", follow_redirects=False)
        assert rv.status_code == 302


@responses.activate
def test_ia_xauth(full_app):

    # successful login
    with full_app.test_client() as app:

        rv = app.get("/auth/token_login")
        assert rv.status_code == 200

        responses.add(
            responses.POST,
            full_app.config["IA_XAUTH_URI"] + "?op=authenticate",
            status=200,
            json={"success": True},
        )
        responses.add(
            responses.POST,
            full_app.config["IA_XAUTH_URI"] + "?op=info",
            status=200,
            json={
                "success": True,
                "values": {"screenname": "user123", "itemname": "user_item123"},
            },
        )
        rv = app.post(
            "/auth/ia/login",
            follow_redirects=True,
            data=dict(email="abcd@example.com", password="god"),
        )
        assert rv.status_code == 200

        rv = app.get("/auth/account", follow_redirects=False)
        assert rv.status_code == 200


def test_basic_auth_views(app):

    rv = app.get("/auth/login")
    assert rv.status_code == 200

    rv = app.get("/auth/logout")
    assert rv.status_code == 200


def test_auth_token(app_admin):

    rv = app_admin.get("/auth/account", follow_redirects=False)
    assert rv.status_code == 200

    rv = app_admin.post("/auth/create_token", follow_redirects=False)
    assert rv.status_code == 200