Revision ed9223c7 snf-astakos-app/astakos/oa2/tests/djangobackend.py
b/snf-astakos-app/astakos/oa2/tests/djangobackend.py | ||
---|---|---|
377 | 377 |
self.assertEqual(code4.state, 'csrfstate') |
378 | 378 |
self.assertEqual(code4.redirect_uri, self.client3_redirect_uri) |
379 | 379 |
|
380 |
params['redirect_uri'] = '%s/more' % self.client3_redirect_uri |
|
380 |
# redirect uri startswith the client's registered redirect url |
|
381 |
params['redirect_uri'] = '%smore' % self.client3_redirect_uri |
|
382 |
self.client.set_credentials('client3', 'secret') |
|
383 |
r = self.client.authorize_code('client3', urlparams=params) |
|
384 |
self.assertEqual(r.status_code, 400) |
|
385 |
|
|
386 |
# redirect uri descendant |
|
387 |
redirect_uri = '%s/more' % self.client3_redirect_uri |
|
388 |
params['redirect_uri'] = redirect_uri |
|
381 | 389 |
self.client.set_credentials('client3', 'secret') |
382 | 390 |
r = self.client.authorize_code('client3', urlparams=params) |
383 | 391 |
self.assertEqual(r.status_code, 302) |
... | ... | |
389 | 397 |
self.assertParamEqual(redirect5, "state", 'csrfstate') |
390 | 398 |
self.assertNoParam(redirect5, "extra_param") |
391 | 399 |
self.assertHost(redirect5, "server3.com") |
392 |
self.assertPath(redirect5, "/handle_code/more")
|
|
400 |
self.assertPath(redirect5, urlparse.urlparse(redirect_uri).path)
|
|
393 | 401 |
|
394 |
code4 = AuthorizationCode.objects.get(code=redirect5.params['code'][0])
|
|
395 |
self.assertEqual(code4.state, 'csrfstate')
|
|
396 |
self.assertEqual(code4.redirect_uri,
|
|
402 |
code5 = AuthorizationCode.objects.get(code=redirect5.params['code'][0])
|
|
403 |
self.assertEqual(code5.state, 'csrfstate')
|
|
404 |
self.assertEqual(code5.redirect_uri,
|
|
397 | 405 |
'%s/more' % self.client3_redirect_uri) |
398 | 406 |
|
407 |
# too long redirect uri |
|
408 |
redirect_uri = '%s/%s' % (self.client3_redirect_uri, 'a'*2000) |
|
409 |
params['redirect_uri'] = redirect_uri |
|
410 |
self.client.set_credentials('client3', 'secret') |
|
411 |
r = self.client.authorize_code('client3', urlparams=params) |
|
412 |
self.assertEqual(r.status_code, 302) |
|
413 |
self.assertCount(AuthorizationCode, 6) |
|
414 |
|
|
415 |
# redirect is valid |
|
416 |
redirect6 = self.get_redirect_url(r) |
|
417 |
self.assertParam(redirect6, "code") |
|
418 |
self.assertParamEqual(redirect6, "state", 'csrfstate') |
|
419 |
self.assertNoParam(redirect6, "extra_param") |
|
420 |
self.assertHost(redirect6, "server3.com") |
|
421 |
self.assertPath(redirect6, urlparse.urlparse(redirect_uri).path) |
|
422 |
|
|
423 |
code6 = AuthorizationCode.objects.get(code=redirect6.params['code'][0]) |
|
424 |
self.assertEqual(code6.state, 'csrfstate') |
|
425 |
self.assertEqual(code6.redirect_uri, redirect_uri) |
|
426 |
|
|
399 | 427 |
def test_get_token(self): |
400 | 428 |
# invalid method |
401 | 429 |
r = self.client.get(self.client.token_url) |
... | ... | |
483 | 511 |
'scope': self.client3_redirect_uri, |
484 | 512 |
'state': None} |
485 | 513 |
self.assert_access_token_response(r, expected) |
514 |
|
|
515 |
# generate authorization code with too long redirect_uri |
|
516 |
redirect_uri = '%s/%s' % (self.client3_redirect_uri, 'a'*2000) |
|
517 |
params = {'redirect_uri': redirect_uri} |
|
518 |
r = self.client.authorize_code('client3', urlparams=params) |
|
519 |
self.assertCount(AuthorizationCode, 1) |
|
520 |
redirect = self.get_redirect_url(r) |
|
521 |
code_instance = AuthorizationCode.objects.get( |
|
522 |
code=redirect.params['code'][0]) |
|
523 |
|
|
524 |
# valid request |
|
525 |
self.client.set_credentials('client3', 'secret') |
|
526 |
r = self.client.access_token(code_instance.code, |
|
527 |
redirect_uri=redirect_uri) |
|
528 |
self.assertCount(AuthorizationCode, 0) # assert code is consumed |
|
529 |
self.assertCount(Token, 2) |
|
530 |
expected = {'redirect_uri': redirect_uri, |
|
531 |
'scope': redirect_uri, |
|
532 |
'state': None} |
|
533 |
self.assert_access_token_response(r, expected) |
Also available in: Unified diff