221V
/
Misago


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504
							from unittest.mock import Mock, patch

import pytest
from requests.exceptions import Timeout

from ...conf.test import override_dynamic_settings
from .. import exceptions
from ..client import REQUESTS_TIMEOUT, get_user_data

ACCESS_TOKEN = "acc3ss-t0k3n"


@pytest.fixture
def mock_request(dynamic_settings):
    return Mock(settings=dynamic_settings)


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="GET",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_get_request_with_token_in_query_string(
    mock_request,
):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    get_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.get", get_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        get_mock.assert_called_once_with(
            f"https://example.com/oauth2/user?atoken={ACCESS_TOKEN}",
            headers={},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="GET",
    oauth2_user_token_name="Authentication",
    oauth2_user_token_location="HEADER",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_get_request_with_token_in_header(mock_request):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    get_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.get", get_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        get_mock.assert_called_once_with(
            f"https://example.com/oauth2/user",
            headers={"Authentication": ACCESS_TOKEN},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="GET",
    oauth2_user_token_name="Authentication",
    oauth2_user_token_location="HEADER_BEARER",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_get_request_with_bearer_token_in_header(
    mock_request,
):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    get_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.get", get_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        get_mock.assert_called_once_with(
            f"https://example.com/oauth2/user",
            headers={"Authentication": f"Bearer {ACCESS_TOKEN}"},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="POST",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_post_request_with_token_in_query_string(
    mock_request,
):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    post_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.post", post_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        post_mock.assert_called_once_with(
            f"https://example.com/oauth2/user?atoken={ACCESS_TOKEN}",
            headers={},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="POST",
    oauth2_user_token_name="Authentication",
    oauth2_user_token_location="HEADER",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_post_request_with_token_in_header(mock_request):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    post_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.post", post_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        post_mock.assert_called_once_with(
            f"https://example.com/oauth2/user",
            headers={"Authentication": ACCESS_TOKEN},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="POST",
    oauth2_user_token_name="Authentication",
    oauth2_user_token_location="HEADER_BEARER",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_post_request_with_bearer_token_in_header(
    mock_request,
):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    post_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.post", post_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        post_mock.assert_called_once_with(
            f"https://example.com/oauth2/user",
            headers={"Authentication": f"Bearer {ACCESS_TOKEN}"},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/user",
    oauth2_user_method="POST",
    oauth2_user_token_name="Authentication",
    oauth2_user_token_location="HEADER_BEARER",
    oauth2_user_extra_headers="Accept: application/json\nApi-Ver:1234",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_is_returned_using_post_request_with_extra_headers(
    mock_request,
):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    post_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.post", post_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        post_mock.assert_called_once_with(
            f"https://example.com/oauth2/user",
            headers={
                "Authentication": f"Bearer {ACCESS_TOKEN}",
                "Accept": "application/json",
                "Api-Ver": "1234",
            },
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data?type=user",
    oauth2_user_method="GET",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
    oauth2_json_id_path="id",
    oauth2_json_name_path="name",
    oauth2_json_email_path="email",
    oauth2_json_avatar_path="avatar",
)
def test_user_data_request_with_token_in_url_respects_existing_querystring(
    mock_request,
):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    get_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=user_data,
            ),
        ),
    )

    with patch("requests.get", get_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        get_mock.assert_called_once_with(
            f"https://example.com/oauth2/data?type=user&atoken={ACCESS_TOKEN}",
            headers={},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data?type=user",
    oauth2_user_method="GET",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
    oauth2_json_id_path="id",
    oauth2_json_name_path="user.profile.name",
    oauth2_json_email_path="user.profile.email",
    oauth2_json_avatar_path="user.profile.avatar",
)
def test_user_data_json_values_are_mapped_to_result(mock_request):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": "https://example.com/avatar.png",
    }

    get_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value={
                    "id": user_data["id"],
                    "user": {
                        "profile": {
                            "name": user_data["name"],
                            "email": user_data["email"],
                            "avatar": user_data["avatar"],
                        }
                    },
                },
            ),
        ),
    )

    with patch("requests.get", get_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        get_mock.assert_called_once_with(
            f"https://example.com/oauth2/data?type=user&atoken={ACCESS_TOKEN}",
            headers={},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data?type=user",
    oauth2_user_method="GET",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
    oauth2_json_id_path="id",
    oauth2_json_name_path="user.profile.name",
    oauth2_json_email_path="user.profile.email",
    oauth2_json_avatar_path="",
)
def test_user_data_skips_avatar_if_path_is_not_set(mock_request):
    user_data = {
        "id": "7dds8a7dd89sa",
        "name": "Aerith",
        "email": "aerith@example.com",
        "avatar": None,
    }

    get_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value={
                    "id": user_data["id"],
                    "user": {
                        "profile": {
                            "name": user_data["name"],
                            "email": user_data["email"],
                            "avatar": "https://example.com/avatar.png",
                        }
                    },
                },
            ),
        ),
    )

    with patch("requests.get", get_mock):
        assert get_user_data(mock_request, ACCESS_TOKEN) == user_data

        get_mock.assert_called_once_with(
            f"https://example.com/oauth2/data?type=user&atoken={ACCESS_TOKEN}",
            headers={},
            timeout=REQUESTS_TIMEOUT,
        )


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data",
    oauth2_user_method="POST",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
)
def test_exception_is_raised_if_user_data_request_times_out(mock_request):
    post_mock = Mock(side_effect=Timeout())

    with patch("requests.post", post_mock):
        with pytest.raises(exceptions.OAuth2UserDataRequestError):
            get_user_data(mock_request, ACCESS_TOKEN)

        post_mock.assert_called_once()


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data",
    oauth2_user_method="POST",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
)
def test_exception_is_raised_if_user_data_request_response_is_not_200(mock_request):
    post_mock = Mock(
        return_value=Mock(
            status_code=400,
        ),
    )

    with patch("requests.post", post_mock):
        with pytest.raises(exceptions.OAuth2UserDataResponseError):
            get_user_data(mock_request, ACCESS_TOKEN)

        post_mock.assert_called_once()


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data",
    oauth2_user_method="POST",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
)
def test_exception_is_raised_if_user_data_request_response_is_not_json(mock_request):
    post_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                side_effect=ValueError(),
            ),
        ),
    )

    with patch("requests.post", post_mock):
        with pytest.raises(exceptions.OAuth2UserDataJSONError):
            get_user_data(mock_request, ACCESS_TOKEN)

        post_mock.assert_called_once()


@override_dynamic_settings(
    oauth2_user_url="https://example.com/oauth2/data",
    oauth2_user_method="POST",
    oauth2_user_token_name="atoken",
    oauth2_user_token_location="QUERY",
)
def test_exception_is_raised_if_user_data_request_response_json_is_not_object(
    mock_request,
):
    post_mock = Mock(
        return_value=Mock(
            status_code=200,
            json=Mock(
                return_value=["json", "list"],
            ),
        ),
    )

    with patch("requests.post", post_mock):
        with pytest.raises(exceptions.OAuth2UserDataJSONError):
            get_user_data(mock_request, ACCESS_TOKEN)

        post_mock.assert_called_once()