diff options
| author | alexv-smirnov <alex@ydb.tech> | 2023-12-01 12:02:50 +0300 |
|---|---|---|
| committer | alexv-smirnov <alex@ydb.tech> | 2023-12-01 13:28:10 +0300 |
| commit | 0e578a4c44d4abd539d9838347b9ebafaca41dfb (patch) | |
| tree | a0c1969c37f818c830ebeff9c077eacf30be6ef8 /contrib/python/oauthlib/tests/oauth1/rfc5849/endpoints/test_resource.py | |
| parent | 84f2d3d4cc985e63217cff149bd2e6d67ae6fe22 (diff) | |
| download | ydb-0e578a4c44d4abd539d9838347b9ebafaca41dfb.tar.gz | |
Change "ya.make"
Diffstat (limited to 'contrib/python/oauthlib/tests/oauth1/rfc5849/endpoints/test_resource.py')
| -rw-r--r-- | contrib/python/oauthlib/tests/oauth1/rfc5849/endpoints/test_resource.py | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/contrib/python/oauthlib/tests/oauth1/rfc5849/endpoints/test_resource.py b/contrib/python/oauthlib/tests/oauth1/rfc5849/endpoints/test_resource.py new file mode 100644 index 0000000000..416216f737 --- /dev/null +++ b/contrib/python/oauthlib/tests/oauth1/rfc5849/endpoints/test_resource.py @@ -0,0 +1,102 @@ +from unittest.mock import ANY, MagicMock + +from oauthlib.oauth1 import RequestValidator +from oauthlib.oauth1.rfc5849 import Client +from oauthlib.oauth1.rfc5849.endpoints import ResourceEndpoint + +from tests.unittest import TestCase + + +class ResourceEndpointTest(TestCase): + + def setUp(self): + self.validator = MagicMock(wraps=RequestValidator()) + self.validator.check_client_key.return_value = True + self.validator.check_access_token.return_value = True + self.validator.allowed_signature_methods = ['HMAC-SHA1'] + self.validator.get_client_secret.return_value = 'bar' + self.validator.get_access_token_secret.return_value = 'secret' + self.validator.timestamp_lifetime = 600 + self.validator.validate_client_key.return_value = True + self.validator.validate_access_token.return_value = True + self.validator.validate_timestamp_and_nonce.return_value = True + self.validator.validate_realms.return_value = True + self.validator.dummy_client = 'dummy' + self.validator.dummy_secret = 'dummy' + self.validator.dummy_access_token = 'dummy' + self.endpoint = ResourceEndpoint(self.validator) + self.client = Client('foo', + client_secret='bar', + resource_owner_key='token', + resource_owner_secret='secret') + self.uri, self.headers, self.body = self.client.sign( + 'https://i.b/protected_resource') + + def test_missing_parameters(self): + self.validator.check_access_token.return_value = False + v, r = self.endpoint.validate_protected_resource_request( + self.uri) + self.assertFalse(v) + + def test_check_access_token(self): + self.validator.check_access_token.return_value = False + v, r = self.endpoint.validate_protected_resource_request( + self.uri, headers=self.headers) + self.assertFalse(v) + + def test_validate_client_key(self): + self.validator.validate_client_key.return_value = False + v, r = self.endpoint.validate_protected_resource_request( + self.uri, headers=self.headers) + self.assertFalse(v) + # the validator log should have `False` values + self.assertFalse(r.validator_log['client']) + self.assertTrue(r.validator_log['realm']) + self.assertTrue(r.validator_log['resource_owner']) + self.assertTrue(r.validator_log['signature']) + + def test_validate_access_token(self): + self.validator.validate_access_token.return_value = False + v, r = self.endpoint.validate_protected_resource_request( + self.uri, headers=self.headers) + self.assertFalse(v) + # the validator log should have `False` values + self.assertTrue(r.validator_log['client']) + self.assertTrue(r.validator_log['realm']) + self.assertFalse(r.validator_log['resource_owner']) + self.assertTrue(r.validator_log['signature']) + + def test_validate_realms(self): + self.validator.validate_realms.return_value = False + v, r = self.endpoint.validate_protected_resource_request( + self.uri, headers=self.headers) + self.assertFalse(v) + # the validator log should have `False` values + self.assertTrue(r.validator_log['client']) + self.assertFalse(r.validator_log['realm']) + self.assertTrue(r.validator_log['resource_owner']) + self.assertTrue(r.validator_log['signature']) + + def test_validate_signature(self): + client = Client('foo', + resource_owner_key='token', + resource_owner_secret='secret') + _, headers, _ = client.sign(self.uri + '/extra') + v, r = self.endpoint.validate_protected_resource_request( + self.uri, headers=headers) + self.assertFalse(v) + # the validator log should have `False` values + self.assertTrue(r.validator_log['client']) + self.assertTrue(r.validator_log['realm']) + self.assertTrue(r.validator_log['resource_owner']) + self.assertFalse(r.validator_log['signature']) + + def test_valid_request(self): + v, r = self.endpoint.validate_protected_resource_request( + self.uri, headers=self.headers) + self.assertTrue(v) + self.validator.validate_timestamp_and_nonce.assert_called_once_with( + self.client.client_key, ANY, ANY, ANY, + access_token=self.client.resource_owner_key) + # everything in the validator_log should be `True` + self.assertTrue(all(r.validator_log.items())) |