Skip to content

Commit

Permalink
Add simple tests showing token auth works
Browse files Browse the repository at this point in the history
Signed-off-by: Rick Elrod <[email protected]>
  • Loading branch information
relrod committed Apr 27, 2024
1 parent 0b49678 commit 92b105e
Show file tree
Hide file tree
Showing 3 changed files with 140 additions and 1 deletion.
17 changes: 16 additions & 1 deletion test_app/tests/oauth2_provider/conftest.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
from datetime import datetime, timezone

import pytest
from oauthlib.common import generate_token

from ansible_base.oauth2_provider.models import OAuth2Application
from ansible_base.oauth2_provider.models import OAuth2AccessToken, OAuth2Application


@pytest.fixture
Expand All @@ -12,3 +15,15 @@ def oauth2_application(randname):
authorization_grant_type="authorization-code",
client_type="confidential",
)


@pytest.fixture
def oauth2_admin_access_token(oauth2_application, admin_user):
return OAuth2AccessToken.objects.get_or_create(
user=admin_user,
application=oauth2_application,
description="Test Access Token",
# This has to be timezone aware
expires=datetime(2088, 1, 1, tzinfo=timezone.utc),
token=generate_token(),
)[0]
118 changes: 118 additions & 0 deletions test_app/tests/oauth2_provider/test_authentication.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
import pytest
from django.urls import reverse
from oauthlib.common import generate_token


def test_oauth2_bearer_get_user_correct(unauthenticated_api_client, oauth2_admin_access_token):
"""
Perform a GET with a bearer token and ensure the authed user is correct.
"""
url = reverse("user-me")
response = unauthenticated_api_client.get(
url,
headers={'Authorization': f'Bearer {oauth2_admin_access_token.token}'},
)
assert response.status_code == 200
assert response.data['username'] == oauth2_admin_access_token.user.username


@pytest.mark.parametrize(
'token, expected',
[
('fixture', 200),
('bad', 401),
],
)
def test_oauth2_bearer_get(unauthenticated_api_client, oauth2_admin_access_token, animal, token, expected):
"""
GET an animal with a bearer token.
"""
url = reverse("animal-detail", kwargs={"pk": animal.pk})
token = oauth2_admin_access_token.token if token == 'fixture' else generate_token()
response = unauthenticated_api_client.get(
url,
headers={'Authorization': f'Bearer {token}'},
)
assert response.status_code == expected
if expected != 401:
assert response.data['name'] == animal.name


@pytest.mark.parametrize(
'token, expected',
[
('fixture', 201),
('bad', 401),
],
)
def test_oauth2_bearer_post(unauthenticated_api_client, oauth2_admin_access_token, admin_user, token, expected):
"""
POST an animal with a bearer token.
"""
url = reverse("animal-list")
token = oauth2_admin_access_token.token if token == 'fixture' else generate_token()
data = {
"name": "Fido",
"owner": admin_user.pk,
}
response = unauthenticated_api_client.post(
url,
data=data,
headers={'Authorization': f'Bearer {token}'},
)
assert response.status_code == expected
if expected != 401:
assert response.data['name'] == 'Fido'


@pytest.mark.parametrize(
'token, expected',
[
('fixture', 200),
('bad', 401),
],
)
def test_oauth2_bearer_patch(unauthenticated_api_client, oauth2_admin_access_token, animal, admin_user, token, expected):
"""
PATCH an animal with a bearer token.
"""
url = reverse("animal-detail", kwargs={"pk": animal.pk})
token = oauth2_admin_access_token.token if token == 'fixture' else generate_token()
data = {
"name": "Fido",
}
response = unauthenticated_api_client.patch(
url,
data=data,
headers={'Authorization': f'Bearer {token}'},
)
assert response.status_code == expected
if expected != 401:
assert response.data['name'] == 'Fido'


@pytest.mark.parametrize(
'token, expected',
[
('fixture', 200),
('bad', 401),
],
)
def test_oauth2_bearer_put(unauthenticated_api_client, oauth2_admin_access_token, animal, admin_user, token, expected):
"""
PUT an animal with a bearer token.
"""
url = reverse("animal-detail", kwargs={"pk": animal.pk})
token = oauth2_admin_access_token.token if token == 'fixture' else generate_token()
data = {
"name": "Fido",
"owner": admin_user.pk,
}
response = unauthenticated_api_client.put(
url,
data=data,
headers={'Authorization': f'Bearer {token}'},
)
assert response.status_code == expected
if expected != 401:
assert response.data['name'] == 'Fido'
6 changes: 6 additions & 0 deletions test_app/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,12 @@ def filter_queryset(self, qs):
qs = self.apply_optimizations(qs)
return qs

@action(detail=False, methods=['get'])
def me(self, request, pk=None):
user = request.user
serializer = self.get_serializer(user)
return Response(serializer.data)


class EncryptionModelViewSet(TestAppViewSet):
serializer_class = serializers.EncryptionModelSerializer
Expand Down

0 comments on commit 92b105e

Please sign in to comment.