globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

Better code challenge unit tests

Browse source
This commit is contained in:
Éloi Rivard 2020-08-25 15:51:49 +02:00
parent 467c6b80bc
commit 665700e814
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
tests/test_authorization_code_flow.py
View file

@ -164,6 +164,9 @@ def test_refresh_token(testclient, slapd_connection, logged_user, client):
def test_code_challenge(testclient, slapd_connection, logged_user, client):
client.oauthTokenEndpointAuthMethod = "none"
client.save(slapd_connection)
code_verifier = gen_salt(48)
code_challenge = create_s256_code_challenge(code_verifier)
@ -197,8 +200,8 @@ def test_code_challenge(testclient, slapd_connection, logged_user, client):
scope="profile",
code_verifier=code_verifier,
redirect_uri=client.oauthRedirectURIs[0],
client_id=client.oauthClientID,
),
headers={"Authorization": f"Basic {client_credentials(client)}"},
)
assert 200 == res.status_code
access_token = res.json["access_token"]
@ -209,3 +212,6 @@ def test_code_challenge(testclient, slapd_connection, logged_user, client):
res = testclient.get("/api/me", headers={"Authorization": f"Bearer {access_token}"})
assert 200 == res.status_code
assert {"foo": "bar"} == res.json
client.oauthTokenEndpointAuthMethod = "client_secret_basic"
client.save(slapd_connection)

2
web/oauth2utils.py
View file

@ -92,6 +92,8 @@ def save_authorization_code(code, request):
class AuthorizationCodeGrant(_AuthorizationCodeGrant):
TOKEN_ENDPOINT_AUTH_METHODS = ["client_secret_basic", "client_secret_post", "none"]
def save_authorization_code(self, code, request):
return save_authorization_code(code, request)