pillar/tests/test_auth.py

import datetime
import responses
from bson import tz_util

from common_test_class import AbstractPillarTest, TEST_EMAIL_USER, TEST_EMAIL_ADDRESS


class AuthenticationTests(AbstractPillarTest):
    def test_make_unique_username(self):
        from application.utils import authentication as auth

        with self.app.test_request_context():
            # This user shouldn't exist yet.
            self.assertEqual(TEST_EMAIL_USER, auth.make_unique_username(TEST_EMAIL_ADDRESS))

            # Add a user, then test again.
            auth.create_new_user(TEST_EMAIL_ADDRESS, TEST_EMAIL_USER, 'test1234')
            self.assertEqual('%s1' % TEST_EMAIL_USER, auth.make_unique_username(TEST_EMAIL_ADDRESS))

    @responses.activate
    def test_validate_token__not_logged_in(self):
        from application.utils import authentication as auth

        with self.app.test_request_context():
            self.assertFalse(auth.validate_token())

    @responses.activate
    def test_validate_token__unknown_token(self):
        """Test validating of invalid token, unknown both to us and Blender ID."""

        from application.utils import authentication as auth

        self.mock_blenderid_validate_unhappy()
        with self.app.test_request_context(
                headers={'Authorization': self.make_header('unknowntoken')}):
            self.assertFalse(auth.validate_token())

    @responses.activate
    def test_validate_token__unknown_but_valid_token(self):
        """Test validating of valid token, unknown to us but known to Blender ID."""

        from application.utils import authentication as auth

        self.mock_blenderid_validate_happy()
        with self.app.test_request_context(
                headers={'Authorization': self.make_header('knowntoken')}):
            self.assertTrue(auth.validate_token())

    @responses.activate
    def test_find_token(self):
        """Test finding of various tokens."""

        from application.utils import authentication as auth

        user_id = self.create_user()

        now = datetime.datetime.now(tz_util.utc)
        future = now + datetime.timedelta(days=1)
        past = now - datetime.timedelta(days=1)
        subclient = self.app.config['BLENDER_ID_SUBCLIENT_ID']

        with self.app.test_request_context():
            auth.store_token(user_id, 'nonexpired-main', future, None)
            auth.store_token(user_id, 'nonexpired-sub', future, subclient)
            token3 = auth.store_token(user_id, 'expired-sub', past, subclient)

        with self.app.test_request_context(
                headers={'Authorization': self.make_header('nonexpired-main')}):
            self.assertTrue(auth.validate_token())

        with self.app.test_request_context(
                headers={'Authorization': self.make_header('nonexpired-main', subclient)}):
            self.assertFalse(auth.validate_token())

        with self.app.test_request_context(
                headers={'Authorization': self.make_header('nonexpired-sub')}):
            self.assertFalse(auth.validate_token())

        with self.app.test_request_context(
                headers={'Authorization': self.make_header('nonexpired-sub', subclient)}):
            self.assertTrue(auth.validate_token())

        with self.app.test_request_context(
                headers={'Authorization': self.make_header('expired-sub', subclient)}):
            self.assertFalse(auth.validate_token())

        self.mock_blenderid_validate_happy()
        with self.app.test_request_context(
                headers={'Authorization': self.make_header('expired-sub', subclient)}):
            self.assertTrue(auth.validate_token())

            # We now should be able to find a new token for this user.
            found_token = auth.find_token('expired-sub', subclient)
            self.assertIsNotNone(found_token)
            self.assertNotEqual(token3['_id'], found_token['_id'])
Store is_subclient_token bool in token collection. 2016-04-15 16:27:24 +02:00			`import datetime`
Unify tokens and subclient tokens SCST tokens are now stored in the 'tokens' table. This unifies old token handling and new subclient-specific tokens. Also ensures the BlenderID expiry of the token is taken into account. Removes use of httpretty, in favour of responses. 2016-04-13 15:33:54 +02:00			`import responses`
Store is_subclient_token bool in token collection. 2016-04-15 16:27:24 +02:00			`from bson import tz_util`
Added unit testing support + moved make_unique_username() to module level Also cleaned up make_unique_username() code to no longer be recursive, and to correctly handle numerical suffixes ≥ 10. 2016-03-04 14:08:10 +01:00
Renamed some test_xxx files to common_test_xxx.py Those files contain stuff for tests, but don't contain tests themselves. 2016-03-25 16:05:36 +01:00			`from common_test_class import AbstractPillarTest, TEST_EMAIL_USER, TEST_EMAIL_ADDRESS`
Overriding app.config in unittest. We may need something better structured in the future to handle test configuration, but at least this gets the one test we have running. 2016-03-25 12:22:31 +01:00
Added a few unit tests for user authentication. Far from complete, and we need a way to mock the Blender ID server, so that we can auth against a well-known, fake set of users. 2016-03-04 14:47:48 +01:00
Added unittests for caching of file links. Also converted test_auth.py to use the new AbstractPillarTest class. This class ensures that we test against the testing database, which is dropped at every setUp()/tearDown(). 2016-03-25 15:57:17 +01:00			`class AuthenticationTests(AbstractPillarTest):`
Added unit testing support + moved make_unique_username() to module level Also cleaned up make_unique_username() code to no longer be recursive, and to correctly handle numerical suffixes ≥ 10. 2016-03-04 14:08:10 +01:00			`def test_make_unique_username(self):`
Added unittests for caching of file links. Also converted test_auth.py to use the new AbstractPillarTest class. This class ensures that we test against the testing database, which is dropped at every setUp()/tearDown(). 2016-03-25 15:57:17 +01:00			`from application.utils import authentication as auth`
Added unit testing support + moved make_unique_username() to module level Also cleaned up make_unique_username() code to no longer be recursive, and to correctly handle numerical suffixes ≥ 10. 2016-03-04 14:08:10 +01:00
Added unittests for caching of file links. Also converted test_auth.py to use the new AbstractPillarTest class. This class ensures that we test against the testing database, which is dropped at every setUp()/tearDown(). 2016-03-25 15:57:17 +01:00			`with self.app.test_request_context():`
Added unit testing support + moved make_unique_username() to module level Also cleaned up make_unique_username() code to no longer be recursive, and to correctly handle numerical suffixes ≥ 10. 2016-03-04 14:08:10 +01:00			`# This user shouldn't exist yet.`
Fixed bug in validate_token(), it now returns the validation status. Also separated on-the-fly creation of user in our database into its own function. 2016-03-04 14:49:48 +01:00			`self.assertEqual(TEST_EMAIL_USER, auth.make_unique_username(TEST_EMAIL_ADDRESS))`
Added unit testing support + moved make_unique_username() to module level Also cleaned up make_unique_username() code to no longer be recursive, and to correctly handle numerical suffixes ≥ 10. 2016-03-04 14:08:10 +01:00
			`# Add a user, then test again.`
Fixed bug in validate_token(), it now returns the validation status. Also separated on-the-fly creation of user in our database into its own function. 2016-03-04 14:49:48 +01:00			`auth.create_new_user(TEST_EMAIL_ADDRESS, TEST_EMAIL_USER, 'test1234')`
Added mocking of Blender ID with HTTPretty 2016-03-04 15:19:01 +01:00			`self.assertEqual('%s1' % TEST_EMAIL_USER, auth.make_unique_username(TEST_EMAIL_ADDRESS))`
Added a few unit tests for user authentication. Far from complete, and we need a way to mock the Blender ID server, so that we can auth against a well-known, fake set of users. 2016-03-04 14:47:48 +01:00
Unify tokens and subclient tokens SCST tokens are now stored in the 'tokens' table. This unifies old token handling and new subclient-specific tokens. Also ensures the BlenderID expiry of the token is taken into account. Removes use of httpretty, in favour of responses. 2016-04-13 15:33:54 +02:00			`@responses.activate`
Moved unit test to its proper spot, and added @httpretty.activate 2016-03-04 18:43:20 +01:00			`def test_validate_token__not_logged_in(self):`
Added unittests for caching of file links. Also converted test_auth.py to use the new AbstractPillarTest class. This class ensures that we test against the testing database, which is dropped at every setUp()/tearDown(). 2016-03-25 15:57:17 +01:00			`from application.utils import authentication as auth`

			`with self.app.test_request_context():`
Moved unit test to its proper spot, and added @httpretty.activate 2016-03-04 18:43:20 +01:00			`self.assertFalse(auth.validate_token())`

Unify tokens and subclient tokens SCST tokens are now stored in the 'tokens' table. This unifies old token handling and new subclient-specific tokens. Also ensures the BlenderID expiry of the token is taken into account. Removes use of httpretty, in favour of responses. 2016-04-13 15:33:54 +02:00			`@responses.activate`
Added a few unit tests for user authentication. Far from complete, and we need a way to mock the Blender ID server, so that we can auth against a well-known, fake set of users. 2016-03-04 14:47:48 +01:00			`def test_validate_token__unknown_token(self):`
Added mocking of Blender ID with HTTPretty 2016-03-04 15:19:01 +01:00			`"""Test validating of invalid token, unknown both to us and Blender ID."""`

Added unittests for caching of file links. Also converted test_auth.py to use the new AbstractPillarTest class. This class ensures that we test against the testing database, which is dropped at every setUp()/tearDown(). 2016-03-25 15:57:17 +01:00			`from application.utils import authentication as auth`

Unify tokens and subclient tokens SCST tokens are now stored in the 'tokens' table. This unifies old token handling and new subclient-specific tokens. Also ensures the BlenderID expiry of the token is taken into account. Removes use of httpretty, in favour of responses. 2016-04-13 15:33:54 +02:00			`self.mock_blenderid_validate_unhappy()`
subclient tokens: bugfix & return proper data. Also introduces responses, as an alternative to httpretty (it works better). 2016-04-12 15:24:50 +02:00			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('unknowntoken')}):`
Fixed bug in validate_token(), it now returns the validation status. Also separated on-the-fly creation of user in our database into its own function. 2016-03-04 14:49:48 +01:00			`self.assertFalse(auth.validate_token())`
Added mocking of Blender ID with HTTPretty 2016-03-04 15:19:01 +01:00
Unify tokens and subclient tokens SCST tokens are now stored in the 'tokens' table. This unifies old token handling and new subclient-specific tokens. Also ensures the BlenderID expiry of the token is taken into account. Removes use of httpretty, in favour of responses. 2016-04-13 15:33:54 +02:00			`@responses.activate`
Added mocking of Blender ID with HTTPretty 2016-03-04 15:19:01 +01:00			`def test_validate_token__unknown_but_valid_token(self):`
			`"""Test validating of valid token, unknown to us but known to Blender ID."""`

Added unittests for caching of file links. Also converted test_auth.py to use the new AbstractPillarTest class. This class ensures that we test against the testing database, which is dropped at every setUp()/tearDown(). 2016-03-25 15:57:17 +01:00			`from application.utils import authentication as auth`

Unify tokens and subclient tokens SCST tokens are now stored in the 'tokens' table. This unifies old token handling and new subclient-specific tokens. Also ensures the BlenderID expiry of the token is taken into account. Removes use of httpretty, in favour of responses. 2016-04-13 15:33:54 +02:00			`self.mock_blenderid_validate_happy()`
subclient tokens: bugfix & return proper data. Also introduces responses, as an alternative to httpretty (it works better). 2016-04-12 15:24:50 +02:00			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('knowntoken')}):`
Added mocking of Blender ID with HTTPretty 2016-03-04 15:19:01 +01:00			`self.assertTrue(auth.validate_token())`
Store is_subclient_token bool in token collection. 2016-04-15 16:27:24 +02:00
			`@responses.activate`
			`def test_find_token(self):`
			`"""Test finding of various tokens."""`

			`from application.utils import authentication as auth`

			`user_id = self.create_user()`

			`now = datetime.datetime.now(tz_util.utc)`
			`future = now + datetime.timedelta(days=1)`
			`past = now - datetime.timedelta(days=1)`
			`subclient = self.app.config['BLENDER_ID_SUBCLIENT_ID']`

			`with self.app.test_request_context():`
			`auth.store_token(user_id, 'nonexpired-main', future, None)`
			`auth.store_token(user_id, 'nonexpired-sub', future, subclient)`
			`token3 = auth.store_token(user_id, 'expired-sub', past, subclient)`

			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('nonexpired-main')}):`
			`self.assertTrue(auth.validate_token())`

			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('nonexpired-main', subclient)}):`
			`self.assertFalse(auth.validate_token())`

			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('nonexpired-sub')}):`
			`self.assertFalse(auth.validate_token())`

			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('nonexpired-sub', subclient)}):`
			`self.assertTrue(auth.validate_token())`

			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('expired-sub', subclient)}):`
			`self.assertFalse(auth.validate_token())`

			`self.mock_blenderid_validate_happy()`
			`with self.app.test_request_context(`
			`headers={'Authorization': self.make_header('expired-sub', subclient)}):`
			`self.assertTrue(auth.validate_token())`

			`# We now should be able to find a new token for this user.`
			`found_token = auth.find_token('expired-sub', subclient)`
			`self.assertIsNotNone(found_token)`
			`self.assertNotEqual(token3['_id'], found_token['_id'])`