Commit 223f5e59 authored by lukas.burgey's avatar lukas.burgey
Browse files

Move view tests

parent f98aa014
......@@ -138,8 +138,9 @@ class DeploymentsViewTest(LoggedInTest):
def test_vo_deployment(self):
vo = self.group_one
assert vo is not None
for target in (DEPLOYED, NOT_DEPLOYED):
for target in [DEPLOYED, NOT_DEPLOYED]:
response = self.client.patch(
make_path('deployment/vo/{}', vo.id),
data={
......
import logging
import base64
from django.test import Client
from feudal.backend.tests import BaseTestCase
from feudal.backend.models.users import User
LOGGER = logging.getLogger(__name__)
# a upstream client is logged in using session authentication
class UpstreamClientTest(BaseTestCase):
CLIENT_NAME = ''
CLIENT_PASSWORD = ''
client = None
@classmethod
def setUpTestData(cls):
super().setUpTestData()
cls.CLIENT_NAME = 'test_upstream_client'
cls.CLIENT_PASSWORD = 'test1234'
cls.api_client = User.construct_client(
cls.CLIENT_NAME,
cls.CLIENT_PASSWORD,
user_type=User.TYPE_CHOICE_UPSTREAM,
idp=cls.idp,
)
cls.api_client.save()
def setUp(self):
self.client = Client()
def tearDown(self):
self.api_client.idp = self.idp
self.api_client.save()
@property
def auth_headers(self):
auth_str = '{}:{}'.format(
self.CLIENT_NAME,
self.CLIENT_PASSWORD,
)
return {
'HTTP_AUTHORIZATION': 'Basic ' + base64.b64encode(auth_str.encode()).decode(),
}
def _request_helper(self, path, data):
return self.client.put(
path,
data,
content_type='application/json',
**self.auth_headers,
)
# MALFORMED REQUESTS ---
def test_at_empty(self):
response = self._request_helper(
'/upstream/userinfo',
{}, # missing 'at' field
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 400)
def test_userinfo_empty(self):
response = self._request_helper(
'/upstream/userinfo',
{}, # missing 'userinfo' field
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 400)
def test_userinfo_bad_sub(self):
response = self._request_helper(
'/upstream/userinfo',
{
'userinfo': {
'sub': 'non-existent-sub', # this sub is invalid
},
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 400)
def test_userinfo_bad_iss(self):
response = self._request_helper(
'/upstream/userinfo',
{
'userinfo': {
'iss': 'bad issuer uri', # this issuer uri is invalid
},
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 400)
def test_userinfo_missing_sub(self):
response = self._request_helper(
'/upstream/userinfo',
{
'userinfo': {
'iss': self.TEST_ISSUER,
},
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 400)
def test_userinfo_missing_issuer(self):
response = self._request_helper(
'/upstream/userinfo',
{
'userinfo': {
'sub': self.TEST_SUB,
},
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 400)
# SUCCESSFUL REQUEST
# It would be nice to test the AccessTokenView more thoroughly, but for this we would have to mock and IdP :/
def test_userinfo_success(self):
new_email = 'new@foo.de'
new_userinfo = self.TEST_USERINFO
new_userinfo['email'] = new_email
response = self._request_helper(
'/upstream/userinfo',
{
'userinfo': new_userinfo,
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 200)
self.user.refresh_from_db()
self.assertEqual(self.user.email, new_email)
# REQUESTS WITH BROKEN BACKEND CONFIG
def test_at_no_idp(self):
self.api_client.idp = None
self.api_client.save()
response = self._request_helper(
'/upstream/at',
{
'at': 'some_at aoeuaoeu',
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 500)
def test_userinfo_no_idp(self):
self.api_client.idp = None
self.api_client.save()
response = self._request_helper(
'/upstream/userinfo',
{
'userinfo': self.TEST_USERINFO,
},
)
LOGGER.debug('response: %s %s', response, response.content)
self.assertEqual(response.status_code, 500)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment