You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

113 lines
4.7 KiB

  1. # -*- coding: utf-8 -*-
  2. # Copyright 2016 SYLEAM
  3. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
  4. import logging
  5. from .common_test_controller import OAuthProviderControllerTransactionCase
  6. from .common_test_oauth_provider_controller import \
  7. TestOAuthProviderAurhorizeController, \
  8. TestOAuthProviderTokeninfoController, \
  9. TestOAuthProviderUserinfoController, \
  10. TestOAuthProviderOtherinfoController, \
  11. TestOAuthProviderRevokeTokenController
  12. _logger = logging.getLogger(__name__)
  13. try:
  14. import oauthlib
  15. except ImportError:
  16. _logger.debug('Cannot `import oauthlib`.')
  17. class TestOAuthProviderController(
  18. OAuthProviderControllerTransactionCase,
  19. TestOAuthProviderAurhorizeController,
  20. TestOAuthProviderTokeninfoController,
  21. TestOAuthProviderUserinfoController,
  22. TestOAuthProviderOtherinfoController,
  23. TestOAuthProviderRevokeTokenController):
  24. def setUp(self):
  25. super(TestOAuthProviderController, self).setUp('mobile application')
  26. def test_authorize_skip_authorization(self):
  27. """ Call /oauth2/authorize while skipping the authorization page """
  28. # Configure the client to skip the authorization page
  29. self.client.skip_authorization = True
  30. # Login as demo user
  31. self.login(self.user.login, self.user.login)
  32. # Call the authorize method with good values
  33. state = 'Some custom state'
  34. self.login('demo', 'demo')
  35. response = self.get_request('/oauth2/authorize', data={
  36. 'client_id': self.client.identifier,
  37. 'response_type': self.client.response_type,
  38. 'redirect_uri': self.redirect_uri_base,
  39. 'scope': self.client.scope_ids[0].code,
  40. 'state': state,
  41. })
  42. # A new token should have been generated
  43. # We can safely pick the latest generated token here, because no other
  44. # token could have been generated during the test
  45. token = self.env['oauth.provider.token'].search([
  46. ('client_id', '=', self.client.id),
  47. ], order='id DESC', limit=1)
  48. # The response should be a redirect to the redirect URI, with the
  49. # authorization_code added as GET parameter
  50. self.assertEqual(response.status_code, 302)
  51. query_string = oauthlib.common.urlencode({
  52. 'state': state,
  53. 'access_token': token.token,
  54. 'token_type': token.token_type,
  55. 'expires_in': 3600,
  56. 'scope': token.scope_ids.code,
  57. }.items())
  58. self.assertEqual(
  59. response.headers['Location'], '{uri_base}#{query_string}'.format(
  60. uri_base=self.redirect_uri_base, query_string=query_string))
  61. self.assertEqual(token.user_id, self.user)
  62. def test_successful_token_retrieval(self):
  63. """ Check the full process for a MobileApplication
  64. GET, then POST, token and informations retrieval
  65. """
  66. # Call the authorize method with good values to fill the session scopes
  67. # and credentials variables
  68. state = 'Some custom state'
  69. self.login('demo', 'demo')
  70. response = self.get_request('/oauth2/authorize', data={
  71. 'client_id': self.client.identifier,
  72. 'response_type': self.client.response_type,
  73. 'redirect_uri': self.redirect_uri_base,
  74. 'scope': self.client.scope_ids[0].code,
  75. 'state': state,
  76. })
  77. self.assertEqual(response.status_code, 200)
  78. self.assertTrue(self.client.name in response.data)
  79. self.assertTrue(self.client.scope_ids[0].name in response.data)
  80. self.assertTrue(self.client.scope_ids[0].description in response.data)
  81. # Then, call the POST route to validate the authorization
  82. response = self.post_request('/oauth2/authorize')
  83. # A new token should have been generated
  84. # We can safely pick the latest generated token here, because no other
  85. # token could have been generated during the test
  86. token = self.env['oauth.provider.token'].search([
  87. ('client_id', '=', self.client.id),
  88. ], order='id DESC', limit=1)
  89. # The response should be a redirect to the redirect URI, with the
  90. # token added as GET parameter
  91. self.assertEqual(response.status_code, 302)
  92. query_string = oauthlib.common.urlencode({
  93. 'state': state,
  94. 'access_token': token.token,
  95. 'token_type': token.token_type,
  96. 'expires_in': 3600,
  97. 'scope': token.scope_ids.code,
  98. }.items())
  99. self.assertEqual(
  100. response.headers['Location'], '{uri_base}#{query_string}'.format(
  101. uri_base=self.redirect_uri_base, query_string=query_string))
  102. self.assertEqual(token.user_id, self.user)