Revision b806a15a snf-astakos-app/astakos/oa2/tests/djangobackend.py
| b/snf-astakos-app/astakos/oa2/tests/djangobackend.py | ||
|---|---|---|
| 315 | 315 |
self.assertCount(AuthorizationCode, 1) |
| 316 | 316 |
|
| 317 | 317 |
# redirect is valid |
| 318 |
redirect1 = self.get_redirect_url(r) |
|
| 319 |
self.assertParam(redirect1, "code") |
|
| 320 |
self.assertNoParam(redirect1, "extra_param") |
|
| 321 |
self.assertHost(redirect1, "server.com") |
|
| 322 |
self.assertPath(redirect1, "/handle_code") |
|
| 318 |
redirect = self.get_redirect_url(r) |
|
| 319 |
self.assertParam(redirect, "code") |
|
| 320 |
self.assertNoParam(redirect, "extra_param") |
|
| 321 |
self.assertHost(redirect, "server.com") |
|
| 322 |
self.assertPath(redirect, "/handle_code") |
|
| 323 |
|
|
| 324 |
code = AuthorizationCode.objects.get(code=redirect.params['code'][0]) |
|
| 325 |
#self.assertEqual(code.state, '') |
|
| 326 |
self.assertEqual(code.state, None) |
|
| 327 |
self.assertEqual(code.redirect_uri, self.client1_redirect_uri) |
|
| 323 | 328 |
|
| 324 | 329 |
params['state'] = 'csrfstate' |
| 325 | 330 |
params['scope'] = 'resource1' |
| 326 | 331 |
r = self.client.authorize_code('client1', urlparams=params)
|
| 327 |
redirect2 = self.get_redirect_url(r)
|
|
| 328 |
self.assertParamEqual(redirect2, "state", 'csrfstate')
|
|
| 332 |
redirect = self.get_redirect_url(r) |
|
| 333 |
self.assertParamEqual(redirect, "state", 'csrfstate') |
|
| 329 | 334 |
self.assertCount(AuthorizationCode, 2) |
| 330 | 335 |
|
| 331 |
code1 = AuthorizationCode.objects.get(code=redirect1.params['code'][0]) |
|
| 332 |
#self.assertEqual(code1.state, '') |
|
| 333 |
self.assertEqual(code1.state, None) |
|
| 334 |
self.assertEqual(code1.redirect_uri, self.client1_redirect_uri) |
|
| 335 |
|
|
| 336 |
code2 = AuthorizationCode.objects.get(code=redirect2.params['code'][0]) |
|
| 337 |
self.assertEqual(code2.state, 'csrfstate') |
|
| 338 |
self.assertEqual(code2.redirect_uri, self.client1_redirect_uri) |
|
| 336 |
code = AuthorizationCode.objects.get(code=redirect.params['code'][0]) |
|
| 337 |
self.assertEqual(code.state, 'csrfstate') |
|
| 338 |
self.assertEqual(code.redirect_uri, self.client1_redirect_uri) |
|
| 339 | 339 |
|
| 340 | 340 |
# valid request: trusted client |
| 341 | 341 |
params = {'redirect_uri': self.client3_redirect_uri,
|
| ... | ... | |
| 347 | 347 |
self.assertCount(AuthorizationCode, 3) |
| 348 | 348 |
|
| 349 | 349 |
# redirect is valid |
| 350 |
redirect3 = self.get_redirect_url(r)
|
|
| 351 |
self.assertParam(redirect1, "code")
|
|
| 352 |
self.assertNoParam(redirect3, "state")
|
|
| 353 |
self.assertNoParam(redirect3, "extra_param")
|
|
| 354 |
self.assertHost(redirect3, "server3.com")
|
|
| 355 |
self.assertPath(redirect3, "/handle_code")
|
|
| 350 |
redirect = self.get_redirect_url(r) |
|
| 351 |
self.assertParam(redirect, "code") |
|
| 352 |
self.assertNoParam(redirect, "state") |
|
| 353 |
self.assertNoParam(redirect, "extra_param") |
|
| 354 |
self.assertHost(redirect, "server3.com") |
|
| 355 |
self.assertPath(redirect, "/handle_code") |
|
| 356 | 356 |
|
| 357 |
code3 = AuthorizationCode.objects.get(code=redirect3.params['code'][0])
|
|
| 358 |
self.assertEqual(code3.state, None)
|
|
| 359 |
self.assertEqual(code3.redirect_uri, self.client3_redirect_uri)
|
|
| 357 |
code = AuthorizationCode.objects.get(code=redirect.params['code'][0])
|
|
| 358 |
self.assertEqual(code.state, None) |
|
| 359 |
self.assertEqual(code.redirect_uri, self.client3_redirect_uri) |
|
| 360 | 360 |
|
| 361 | 361 |
# valid request: trusted client |
| 362 | 362 |
params['state'] = 'csrfstate' |
| ... | ... | |
| 366 | 366 |
self.assertCount(AuthorizationCode, 4) |
| 367 | 367 |
|
| 368 | 368 |
# redirect is valid |
| 369 |
redirect4 = self.get_redirect_url(r)
|
|
| 370 |
self.assertParam(redirect4, "code")
|
|
| 371 |
self.assertParamEqual(redirect4, "state", 'csrfstate')
|
|
| 372 |
self.assertNoParam(redirect4, "extra_param")
|
|
| 373 |
self.assertHost(redirect4, "server3.com")
|
|
| 374 |
self.assertPath(redirect4, "/handle_code")
|
|
| 369 |
redirect = self.get_redirect_url(r) |
|
| 370 |
self.assertParam(redirect, "code") |
|
| 371 |
self.assertParamEqual(redirect, "state", 'csrfstate') |
|
| 372 |
self.assertNoParam(redirect, "extra_param") |
|
| 373 |
self.assertHost(redirect, "server3.com") |
|
| 374 |
self.assertPath(redirect, "/handle_code") |
|
| 375 | 375 |
|
| 376 |
code4 = AuthorizationCode.objects.get(code=redirect4.params['code'][0])
|
|
| 377 |
self.assertEqual(code4.state, 'csrfstate')
|
|
| 378 |
self.assertEqual(code4.redirect_uri, self.client3_redirect_uri)
|
|
| 376 |
code = AuthorizationCode.objects.get(code=redirect.params['code'][0])
|
|
| 377 |
self.assertEqual(code.state, 'csrfstate') |
|
| 378 |
self.assertEqual(code.redirect_uri, self.client3_redirect_uri) |
|
| 379 | 379 |
|
| 380 | 380 |
# redirect uri startswith the client's registered redirect url |
| 381 | 381 |
params['redirect_uri'] = '%smore' % self.client3_redirect_uri |
| ... | ... | |
| 392 | 392 |
self.assertCount(AuthorizationCode, 5) |
| 393 | 393 |
|
| 394 | 394 |
# redirect is valid |
| 395 |
redirect5 = self.get_redirect_url(r)
|
|
| 396 |
self.assertParam(redirect5, "code")
|
|
| 397 |
self.assertParamEqual(redirect5, "state", 'csrfstate')
|
|
| 398 |
self.assertNoParam(redirect5, "extra_param")
|
|
| 399 |
self.assertHost(redirect5, "server3.com")
|
|
| 400 |
self.assertPath(redirect5, urlparse.urlparse(redirect_uri).path)
|
|
| 401 |
|
|
| 402 |
code5 = AuthorizationCode.objects.get(code=redirect5.params['code'][0])
|
|
| 403 |
self.assertEqual(code5.state, 'csrfstate')
|
|
| 404 |
self.assertEqual(code5.redirect_uri,
|
|
| 395 |
redirect = self.get_redirect_url(r) |
|
| 396 |
self.assertParam(redirect, "code") |
|
| 397 |
self.assertParamEqual(redirect, "state", 'csrfstate') |
|
| 398 |
self.assertNoParam(redirect, "extra_param") |
|
| 399 |
self.assertHost(redirect, "server3.com") |
|
| 400 |
self.assertPath(redirect, urlparse.urlparse(redirect_uri).path) |
|
| 401 |
|
|
| 402 |
code = AuthorizationCode.objects.get(code=redirect.params['code'][0])
|
|
| 403 |
self.assertEqual(code.state, 'csrfstate') |
|
| 404 |
self.assertEqual(code.redirect_uri, |
|
| 405 | 405 |
'%s/more' % self.client3_redirect_uri) |
| 406 | 406 |
|
| 407 | 407 |
# too long redirect uri |
| 408 |
redirect_uri = '%s/%s' % (self.client3_redirect_uri, 'a'*2000)
|
|
| 408 |
redirect_uri = '%s?foo=%s' % (self.client3_redirect_uri, 'a'*10000)
|
|
| 409 | 409 |
params['redirect_uri'] = redirect_uri |
| 410 | 410 |
self.client.set_credentials('client3', 'secret')
|
| 411 | 411 |
r = self.client.authorize_code('client3', urlparams=params)
|
| 412 |
self.assertEqual(r.status_code, 302) |
|
| 413 |
self.assertCount(AuthorizationCode, 6) |
|
| 414 |
|
|
| 415 |
# redirect is valid |
|
| 416 |
redirect6 = self.get_redirect_url(r) |
|
| 417 |
self.assertParam(redirect6, "code") |
|
| 418 |
self.assertParamEqual(redirect6, "state", 'csrfstate') |
|
| 419 |
self.assertNoParam(redirect6, "extra_param") |
|
| 420 |
self.assertHost(redirect6, "server3.com") |
|
| 421 |
self.assertPath(redirect6, urlparse.urlparse(redirect_uri).path) |
|
| 422 |
|
|
| 423 |
code6 = AuthorizationCode.objects.get(code=redirect6.params['code'][0]) |
|
| 424 |
self.assertEqual(code6.state, 'csrfstate') |
|
| 425 |
self.assertEqual(code6.redirect_uri, redirect_uri) |
|
| 412 |
self.assertEqual(r.status_code, 400) |
|
| 426 | 413 |
|
| 427 | 414 |
def test_get_token(self): |
| 428 | 415 |
# invalid method |
Also available in: Unified diff