Added a few unit tests for user authentication.

Far from complete, and we need a way to mock the Blender ID server, so
that we can auth against a well-known, fake set of users.

pillar/tests/test_auth.py

@@ -1,5 +1,6 @@
 import unittest
 import os
+import base64
 
 TEST_EMAIL_USER = 'koro'
 TEST_EMAIL_ADDRESS = '%s@testing.blender.org' % TEST_EMAIL_USER
@@ -7,7 +8,15 @@ TEST_EMAIL_ADDRESS = '%s@testing.blender.org' % TEST_EMAIL_USER
 os.environ['MONGO_DBNAME'] = 'unittest'
 os.environ['EVE_SETTINGS'] = os.path.join(os.path.dirname(os.path.dirname(__file__)), 'settings.py')
 
+
 from application import app
+from application.utils.authentication import make_unique_username, validate_token
+
+
+def make_header(username, password=''):
+    """Returns a Basic HTTP Authentication header value."""
+
+    return 'basic ' + base64.b64encode('%s:%s' % (username, password))
 
 
 class FlaskrTestCase(unittest.TestCase):
@@ -18,7 +27,6 @@ class FlaskrTestCase(unittest.TestCase):
         pass
 
     def test_make_unique_username(self):
-        from application.utils.authentication import make_unique_username
 
         with app.test_request_context():
             # Delete the user we want to test for
@@ -48,3 +56,11 @@ class FlaskrTestCase(unittest.TestCase):
                 self.assertEqual('%s1' % TEST_EMAIL_USER, make_unique_username(TEST_EMAIL_ADDRESS))
             finally:
                 users.delete_many({'username': TEST_EMAIL_USER})
+
+    def test_validate_token__not_logged_in(self):
+        with app.test_request_context():
+            self.assertFalse(validate_token())
+
+    def test_validate_token__unknown_token(self):
+        with app.test_request_context(headers={'Authorization': make_header('unknowntoken')}):
+            self.assertFalse(validate_token())