54 lines
1.7 KiB
Python
54 lines
1.7 KiB
Python
import uuid
|
|
from unittest.mock import Mock, patch
|
|
|
|
from authlib.integrations.base_client import OAuthError
|
|
from django.conf import settings
|
|
from django.test import TestCase
|
|
from django.urls import reverse
|
|
|
|
from vbv_lernwelt.core.models import User
|
|
|
|
|
|
def decoded_token(email, oid=None, given_name="Bobby", family_name="Table"):
|
|
return {
|
|
"emails": [email],
|
|
"oid": oid or uuid.uuid4(),
|
|
"given_name": given_name,
|
|
"family_name": family_name,
|
|
}
|
|
|
|
|
|
class TestSSOFlow(TestCase):
|
|
@patch("vbv_lernwelt.sso.views.oauth")
|
|
@patch("vbv_lernwelt.sso.views.decode_jwt")
|
|
def test_authorize_redirects_on_success(self, mock_decode_jwt, _):
|
|
# GIVEN
|
|
email = "bobby@drop.table"
|
|
mock_decode_jwt.return_value = decoded_token(email)
|
|
|
|
# WHEN
|
|
response = self.client.get(reverse("sso:authorize"))
|
|
|
|
# THEN
|
|
self.assertTrue(User.objects.filter(email=email).exists())
|
|
self.assertEqual(response.status_code, 302)
|
|
self.assertEqual(response.url, "/") # noqa
|
|
|
|
@patch("vbv_lernwelt.sso.views.oauth")
|
|
def test_authorize_on_tampered_token(self, mock_oauth_service):
|
|
# GIVEN
|
|
client_name = settings.OAUTH["client_name"]
|
|
client_mock = Mock()
|
|
client_mock.authorize_access_token.side_effect = OAuthError()
|
|
setattr(mock_oauth_service, client_name, client_mock)
|
|
|
|
# WHEN
|
|
response = self.client.get(reverse("sso:authorize"))
|
|
|
|
# THEN
|
|
# sanity check that the mock was called (-> setup is correct)
|
|
self.assertEqual(client_mock.authorize_access_token.call_count, 1)
|
|
|
|
self.assertEqual(response.status_code, 302)
|
|
self.assertEqual(response.url, "/login-error?state=someerror") # noqa
|