Home Explore Help
Sign In
221V
/
Misago
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1ab4e6e82d
Branches Tags
Misago
/
misago
/
sso
/
tests
/
test_sso_sync_api.py

test_sso_sync_api.py 2.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. import jwt
    2. 

  2. from django.contrib.auth import get_user_model
    3. 

  3. from django.urls import reverse
    4. 

  4. 

  5. from ...conf.test import override_dynamic_settings
    6. 

  6. from .utils import TEST_SSO_SETTINGS
    7. 

  7. 

  8. User = get_user_model()
    9. 

  9. api_link = reverse("simple-sso-sync")
    10. 

  10. 

  11. 

  12. @override_dynamic_settings(enable_sso=False)
    13. 

  13. def test_sso_api_returns_404_if_sso_is_disabled(db, client):
    14. 

  14.     response = client.post(api_link)
    15. 

  15.     assert response.status_code == 404
    16. 

  16. 

  17. 

  18. @override_dynamic_settings(**TEST_SSO_SETTINGS)
    19. 

  19. def test_sso_api_returns_400_if_api_request_is_missing_access_token(db, client):
    20. 

  20.     response = client.post(api_link)
    21. 

  21.     assert response.status_code == 400
    22. 

  22. 

  23. 

  24. @override_dynamic_settings(**TEST_SSO_SETTINGS)
    25. 

  25. def test_sso_api_returns_400_if_access_token_is_invalid(db, client):
    26. 

  26.     response = client.post(api_link, {"access_token": "invalid"})
    27. 

  27.     assert response.status_code == 400
    28. 

  28. 

  29. 

  30. @override_dynamic_settings(**TEST_SSO_SETTINGS)
    31. 

  31. def test_sso_api_returns_400_if_user_data_in_token_is_invalid(db, client):
    32. 

  32.     token = jwt.encode(
    33. 

  33.         {"username": "jkowalski", "email": "jkowalski@example.com"},
    34. 

  34.         TEST_SSO_SETTINGS["sso_private_key"],
    35. 

  35.         algorithm="HS256",
    36. 

  36.     ).decode("ascii")
    37. 

  37. 

  38.     response = client.post(api_link, {"access_token": token})
    39. 

  39.     assert response.status_code == 400
    40. 

  40. 

  41. 

  42. @override_dynamic_settings(**TEST_SSO_SETTINGS)
    43. 

  43. def test_sso_api_creates_user_account_if_user_data_is_valid(db, client):
    44. 

  44.     token = jwt.encode(
    45. 

  45.         {"id": 1, "username": "jkowalski", "email": "jkowalski@example.com"},
    46. 

  46.         TEST_SSO_SETTINGS["sso_private_key"],
    47. 

  47.         algorithm="HS256",
    48. 

  48.     ).decode("ascii")
    49. 

  49. 

  50.     response = client.post(api_link, {"access_token": token})
    51. 

  51.     assert response.status_code == 200
    52. 

  52. 

  53.     user = User.objects.get(sso_id=1)
    54. 

  54.     assert user.username == "jkowalski"
    55. 

  55.     assert user.email == "jkowalski@example.com"
    56. 

  56. 

  57. 

  58. @override_dynamic_settings(**TEST_SSO_SETTINGS)
    59. 

  59. def test_sso_api_returns_user_id_if_user_data_is_valid(db, client):
    60. 

  60.     token = jwt.encode(
    61. 

  61.         {"id": 1, "username": "jkowalski", "email": "jkowalski@example.com"},
    62. 

  62.         TEST_SSO_SETTINGS["sso_private_key"],
    63. 

  63.         algorithm="HS256",
    64. 

  64.     ).decode("ascii")
    65. 

  65. 

  66.     response = client.post(api_link, {"access_token": token})
    67. 

  67. 

  68.     user = User.objects.get(sso_id=1)
    69. 

  69.     assert response.json() == {"id": user.pk}
    70.