Revision ed9223c7 snf-astakos-app/astakos/oa2/tests/djangobackend.py

b/snf-astakos-app/astakos/oa2/tests/djangobackend.py
377 377 
        self.assertEqual(code4.state, 'csrfstate')
378 378 
        self.assertEqual(code4.redirect_uri, self.client3_redirect_uri)
379 379 

  		





  380
  
  
    
        params['redirect_uri'] = '%s/more' % self.client3_redirect_uri


  		





  
  380
  
    
        # redirect uri startswith the client's registered redirect url


  		





  
  381
  
    
        params['redirect_uri'] = '%smore' % self.client3_redirect_uri


  		





  
  382
  
    
        self.client.set_credentials('client3', 'secret')


  		





  
  383
  
    
        r = self.client.authorize_code('client3', urlparams=params)


  		





  
  384
  
    
        self.assertEqual(r.status_code, 400)


  		





  
  385
  
    

  		





  
  386
  
    
        # redirect uri descendant


  		





  
  387
  
    
        redirect_uri = '%s/more' % self.client3_redirect_uri


  		





  
  388
  
    
        params['redirect_uri'] = redirect_uri


  		





  381
  389
  
    
        self.client.set_credentials('client3', 'secret')


  		





  382
  390
  
    
        r = self.client.authorize_code('client3', urlparams=params)


  		





  383
  391
  
    
        self.assertEqual(r.status_code, 302)


  		





  ......




  389
  397
  
    
        self.assertParamEqual(redirect5, "state", 'csrfstate')


  		





  390
  398
  
    
        self.assertNoParam(redirect5, "extra_param")


  		





  391
  399
  
    
        self.assertHost(redirect5, "server3.com")


  		





  392
  
  
    
        self.assertPath(redirect5, "/handle_code/more")


  		





  
  400
  
    
        self.assertPath(redirect5, urlparse.urlparse(redirect_uri).path)


  		





  393
  401
  
    

  		





  394
  
  
    
        code4 = AuthorizationCode.objects.get(code=redirect5.params['code'][0])


  		





  395
  
  
    
        self.assertEqual(code4.state, 'csrfstate')


  		





  396
  
  
    
        self.assertEqual(code4.redirect_uri,


  		





  
  402
  
    
        code5 = AuthorizationCode.objects.get(code=redirect5.params['code'][0])


  		





  
  403
  
    
        self.assertEqual(code5.state, 'csrfstate')


  		





  
  404
  
    
        self.assertEqual(code5.redirect_uri,


  		





  397
  405
  
    
                         '%s/more' % self.client3_redirect_uri)


  		





  398
  406
  
    

  		





  
  407
  
    
        # too long redirect uri


  		





  
  408
  
    
        redirect_uri = '%s/%s' % (self.client3_redirect_uri, 'a'*2000)


  		





  
  409
  
    
        params['redirect_uri'] = redirect_uri


  		





  
  410
  
    
        self.client.set_credentials('client3', 'secret')


  		





  
  411
  
    
        r = self.client.authorize_code('client3', urlparams=params)


  		





  
  412
  
    
        self.assertEqual(r.status_code, 302)


  		





  
  413
  
    
        self.assertCount(AuthorizationCode, 6)


  		





  
  414
  
    

  		





  
  415
  
    
        # redirect is valid


  		





  
  416
  
    
        redirect6 = self.get_redirect_url(r)


  		





  
  417
  
    
        self.assertParam(redirect6, "code")


  		





  
  418
  
    
        self.assertParamEqual(redirect6, "state", 'csrfstate')


  		





  
  419
  
    
        self.assertNoParam(redirect6, "extra_param")


  		





  
  420
  
    
        self.assertHost(redirect6, "server3.com")


  		





  
  421
  
    
        self.assertPath(redirect6, urlparse.urlparse(redirect_uri).path)


  		





  
  422
  
    

  		





  
  423
  
    
        code6 = AuthorizationCode.objects.get(code=redirect6.params['code'][0])


  		





  
  424
  
    
        self.assertEqual(code6.state, 'csrfstate')


  		





  
  425
  
    
        self.assertEqual(code6.redirect_uri, redirect_uri)


  		





  
  426
  
    

  		





  399
  427
  
    
    def test_get_token(self):


  		





  400
  428
  
    
        # invalid method


  		





  401
  429
  
    
        r = self.client.get(self.client.token_url)


  		





  ......




  483
  511
  
    
                    'scope': self.client3_redirect_uri,


  		





  484
  512
  
    
                    'state': None}


  		





  485
  513
  
    
        self.assert_access_token_response(r, expected)


  		





  
  514
  
    

  		





  
  515
  
    
        # generate authorization code with too long redirect_uri


  		





  
  516
  
    
        redirect_uri = '%s/%s' % (self.client3_redirect_uri, 'a'*2000)


  		





  
  517
  
    
        params = {'redirect_uri': redirect_uri}


  		





  
  518
  
    
        r = self.client.authorize_code('client3', urlparams=params)


  		





  
  519
  
    
        self.assertCount(AuthorizationCode, 1)


  		





  
  520
  
    
        redirect = self.get_redirect_url(r)


  		





  
  521
  
    
        code_instance = AuthorizationCode.objects.get(


  		





  
  522
  
    
            code=redirect.params['code'][0])


  		





  
  523
  
    

  		





  
  524
  
    
        # valid request


  		





  
  525
  
    
        self.client.set_credentials('client3', 'secret')


  		





  
  526
  
    
        r = self.client.access_token(code_instance.code,


  		





  
  527
  
    
                                     redirect_uri=redirect_uri)


  		





  
  528
  
    
        self.assertCount(AuthorizationCode, 0)  # assert code is consumed


  		





  
  529
  
    
        self.assertCount(Token, 2)


  		





  
  530
  
    
        expected = {'redirect_uri': redirect_uri,


  		





  
  531
  
    
                    'scope': redirect_uri,


  		





  
  532
  
    
                    'state': None}


  		





  
  533
  
    
        self.assert_access_token_response(r, expected)


  		












Also available in:
  Unified diff