server-tools/oauth_provider/tests/test_oauth_provider_control...


								# -*- coding: utf-8 -*-

								# Copyright 2016 SYLEAM

								# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).


								import logging

								from .common_test_controller import OAuthProviderControllerTransactionCase

								from .common_test_oauth_provider_controller import \

								    TestOAuthProviderAurhorizeController, \

								    TestOAuthProviderTokeninfoController, \

								    TestOAuthProviderUserinfoController, \

								    TestOAuthProviderOtherinfoController, \

								    TestOAuthProviderRevokeTokenController


								_logger = logging.getLogger(__name__)


								try:

								    import oauthlib

								except ImportError:

								    _logger.debug('Cannot `import oauthlib`.')


								class TestOAuthProviderController(

								        OAuthProviderControllerTransactionCase,

								        TestOAuthProviderAurhorizeController,

								        TestOAuthProviderTokeninfoController,

								        TestOAuthProviderUserinfoController,

								        TestOAuthProviderOtherinfoController,

								        TestOAuthProviderRevokeTokenController):

								    def setUp(self):

								        super(TestOAuthProviderController, self).setUp('mobile application')


								    def test_authorize_skip_authorization(self):

								        """ Call /oauth2/authorize while skipping the authorization page """

								        # Configure the client to skip the authorization page

								        self.client.skip_authorization = True


								        # Login as demo user

								        self.login(self.user.login, self.user.login)


								        # Call the authorize method with good values

								        state = 'Some custom state'

								        self.login('demo', 'demo')

								        response = self.get_request('/oauth2/authorize', data={

								            'client_id': self.client.identifier,

								            'response_type': self.client.response_type,

								            'redirect_uri': self.redirect_uri_base,

								            'scope': self.client.scope_ids[0].code,

								            'state': state,

								        })

								        # A new token should have been generated

								        # We can safely pick the latest generated token here, because no other

								        # token could have been generated during the test

								        token = self.env['oauth.provider.token'].search([

								            ('client_id', '=', self.client.id),

								        ], order='id DESC', limit=1)

								        # The response should be a redirect to the redirect URI, with the

								        # authorization_code added as GET parameter

								        self.assertEqual(response.status_code, 302)

								        query_string = oauthlib.common.urlencode({

								            'state': state,

								            'access_token': token.token,

								            'token_type': token.token_type,

								            'expires_in': 3600,

								            'scope': token.scope_ids.code,

								        }.items())

								        self.assertEqual(

								            response.headers['Location'], '{uri_base}#{query_string}'.format(

								                uri_base=self.redirect_uri_base, query_string=query_string))

								        self.assertEqual(token.user_id, self.user)


								    def test_successful_token_retrieval(self):

								        """ Check the full process for a MobileApplication


								        GET, then POST, token and informations retrieval

								        """

								        # Call the authorize method with good values to fill the session scopes

								        # and credentials variables

								        state = 'Some custom state'

								        self.login('demo', 'demo')

								        response = self.get_request('/oauth2/authorize', data={

								            'client_id': self.client.identifier,

								            'response_type': self.client.response_type,

								            'redirect_uri': self.redirect_uri_base,

								            'scope': self.client.scope_ids[0].code,

								            'state': state,

								        })

								        self.assertEqual(response.status_code, 200)

								        self.assertTrue(self.client.name in response.data)

								        self.assertTrue(self.client.scope_ids[0].name in response.data)

								        self.assertTrue(self.client.scope_ids[0].description in response.data)


								        # Then, call the POST route to validate the authorization

								        response = self.post_request('/oauth2/authorize')

								        # A new token should have been generated

								        # We can safely pick the latest generated token here, because no other

								        # token could have been generated during the test

								        token = self.env['oauth.provider.token'].search([

								            ('client_id', '=', self.client.id),

								        ], order='id DESC', limit=1)

								        # The response should be a redirect to the redirect URI, with the

								        # token added as GET parameter

								        self.assertEqual(response.status_code, 302)

								        query_string = oauthlib.common.urlencode({

								            'state': state,

								            'access_token': token.token,

								            'token_type': token.token_type,

								            'expires_in': 3600,

								            'scope': token.scope_ids.code,

								        }.items())

								        self.assertEqual(

								            response.headers['Location'], '{uri_base}#{query_string}'.format(

								                uri_base=self.redirect_uri_base, query_string=query_string))

								        self.assertEqual(token.user_id, self.user)