canaille-globuzma/tests/test_token_introspection.py

from . import client_credentials


def test_token_introspection(testclient, user, client, token):
    res = testclient.post(
        "/oauth/introspect",
        params=dict(token=token.oauthAccessToken,),
        headers={"Authorization": f"Basic {client_credentials(client)}"},
        status=200,
    )
    assert {
        "active": True,
        "client_id": client.oauthClientID,
        "token_type": token.oauthTokenType,
        "username": user.name,
        "scope": token.get_scope(),
        "sub": token.oauthSubject,
        "aud": client.oauthClientID,
        "iss": "https://mydomain.tld",
        "exp": token.get_expires_at(),
        "iat": token.get_issued_at(),
    } == res.json


def test_token_invalid(testclient, client):
    res = testclient.post(
        "/oauth/introspect",
        params=dict(token="invalid"),
        headers={"Authorization": f"Basic {client_credentials(client)}"},
        status=200,
    )
    assert {"active": False} == res.json
Token introspection testfile 2020-08-24 12:44:41 +00:00			`from . import client_credentials`


Token introspection unit test 2020-08-24 12:47:55 +00:00			`def test_token_introspection(testclient, user, client, token):`
Token introspection testfile 2020-08-24 12:44:41 +00:00			`res = testclient.post(`
			`"/oauth/introspect",`
black 2021-09-28 07:30:41 +00:00			`params=dict(token=token.oauthAccessToken,),`
Token introspection testfile 2020-08-24 12:44:41 +00:00			`headers={"Authorization": f"Basic {client_credentials(client)}"},`
Correctly use webtest 2020-10-30 22:41:02 +00:00			`status=200,`
Token introspection testfile 2020-08-24 12:44:41 +00:00			`)`
			`assert {`
			`"active": True,`
Schema use client dn instead of client id 2020-09-07 13:39:51 +00:00			`"client_id": client.oauthClientID,`
Token introspection testfile 2020-08-24 12:44:41 +00:00			`"token_type": token.oauthTokenType,`
			`"username": user.name,`
			`"scope": token.get_scope(),`
			`"sub": token.oauthSubject,`
Schema use client dn instead of client id 2020-09-07 13:39:51 +00:00			`"aud": client.oauthClientID,`
Token introspection testfile 2020-08-24 12:44:41 +00:00			`"iss": "https://mydomain.tld",`
			`"exp": token.get_expires_at(),`
			`"iat": token.get_issued_at(),`
			`} == res.json`
Token introspection unit test 2020-08-24 12:47:55 +00:00

			`def test_token_invalid(testclient, client):`
			`res = testclient.post(`
			`"/oauth/introspect",`
			`params=dict(token="invalid"),`
			`headers={"Authorization": f"Basic {client_credentials(client)}"},`
Correctly use webtest 2020-10-30 22:41:02 +00:00			`status=200,`
Token introspection unit test 2020-08-24 12:47:55 +00:00			`)`
Tokens and codes can be revoked 2020-08-24 13:38:11 +00:00			`assert {"active": False} == res.json`