globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

tests: use only use Model.identifier when this is pertinent

Browse source
This commit is contained in:
Éloi Rivard 2024-04-17 15:50:39 +02:00
parent acf8acf29f
commit 69617c1005
No known key found for this signature in database
GPG key ID: 7EDA204EA57DD184
2 changed files with 48 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
tests/backends/ldap/test_utils.py
View file

@ -52,8 +52,8 @@ def test_dn_when_leading_space_in_id_attribute(testclient, backend):
assert ldap.dn.is_dn(dn)
assert ldap.dn.dn2str(ldap.dn.str2dn(dn)) == dn
assert user == models.User.get(user.identifier)
assert user == models.User.get(user_name=user.identifier)
assert user == models.User.get(user.user_name)
assert user == models.User.get(user_name=user.user_name)
assert user == models.User.get(dn)
user.delete()
@ -73,8 +73,8 @@ def test_special_chars_in_rdn(testclient, backend):
assert ldap.dn.dn2str(ldap.dn.str2dn(dn)) == dn
assert dn == "uid=\\#user,ou=users,dc=mydomain,dc=tld"
assert user == models.User.get(user.identifier)
assert user == models.User.get(user_name=user.identifier)
assert user == models.User.get(user.user_name)
assert user == models.User.get(user_name=user.user_name)
assert user == models.User.get(dn)
user.delete()

88
tests/oidc/test_end_session.py
View file

@ -5,14 +5,14 @@ from canaille.oidc.oauth import get_jwt_config
def test_end_session(testclient, backend, logged_user, client, id_token):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -25,18 +25,18 @@ def test_end_session(testclient, backend, logged_user, client, id_token):
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_end_session_no_client_id(testclient, backend, logged_user, client, id_token):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
},
@ -48,19 +48,19 @@ def test_end_session_no_client_id(testclient, backend, logged_user, client, id_t
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_no_redirect_uri_no_redirect(
testclient, backend, logged_user, client, id_token
):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"state": "foobar",
},
@ -72,20 +72,20 @@ def test_no_redirect_uri_no_redirect(
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_bad_redirect_uri_no_redirect(
testclient, backend, logged_user, client, id_token
):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/invalid-uri"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -98,17 +98,17 @@ def test_bad_redirect_uri_no_redirect(
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_no_client_hint_no_redirect(testclient, backend, logged_user, client, id_token):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
},
@ -122,17 +122,17 @@ def test_no_client_hint_no_redirect(testclient, backend, logged_user, client, id
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_end_session_invalid_client_id(testclient, backend, logged_user, client):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"post_logout_redirect_uri": post_logout_redirect_url,
"client_id": "invalid_client_id",
"state": "foobar",
@ -148,7 +148,7 @@ def test_end_session_invalid_client_id(testclient, backend, logged_user, client)
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_client_hint_invalid(testclient, backend, logged_user, client):
@ -159,14 +159,14 @@ def test_client_hint_invalid(testclient, backend, logged_user, client):
**get_jwt_config(None),
)
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
},
@ -178,17 +178,17 @@ def test_client_hint_invalid(testclient, backend, logged_user, client):
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_no_jwt_logout(testclient, backend, logged_user, client):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -204,17 +204,17 @@ def test_no_jwt_logout(testclient, backend, logged_user, client):
assert res.location == f"{post_logout_redirect_url}?state=foobar"
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_no_jwt_no_logout(testclient, backend, logged_user, client):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -229,20 +229,20 @@ def test_no_jwt_no_logout(testclient, backend, logged_user, client):
assert res.location == "/"
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
def test_jwt_not_issued_here(testclient, backend, logged_user, client, id_token):
testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = "https://foo.bar"
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -264,14 +264,14 @@ def test_client_hint_mismatch(testclient, backend, logged_user, client):
**get_jwt_config(None),
)
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -291,7 +291,7 @@ def test_end_session_bad_id_token(testclient, backend, logged_user, client, id_t
"/oauth/end_session",
params={
"id_token_hint": "invalid",
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -302,7 +302,7 @@ def test_end_session_bad_id_token(testclient, backend, logged_user, client, id_t
def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, admin):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
id_token = generate_id_token(
{},
@ -316,7 +316,7 @@ def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, ad
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -332,18 +332,18 @@ def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, ad
assert res.location == f"{post_logout_redirect_url}?state=foobar"
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_bad_user_hint(testclient, backend, logged_user, client, id_token, admin):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": admin.identifier,
"logout_hint": admin.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -359,17 +359,17 @@ def test_bad_user_hint(testclient, backend, logged_user, client, id_token, admin
assert res.location == f"{post_logout_redirect_url}?state=foobar"
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)
def test_no_jwt_bad_csrf(testclient, backend, logged_user, client):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -388,7 +388,7 @@ def test_end_session_already_disconnected(testclient, backend, user, client, id_
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": user.identifier,
"logout_hint": user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
"state": "foobar",
@ -400,14 +400,14 @@ def test_end_session_already_disconnected(testclient, backend, user, client, id_
def test_end_session_no_state(testclient, backend, logged_user, client, id_token):
testclient.get(f"/profile/{logged_user.identifier}", status=200)
testclient.get(f"/profile/{logged_user.user_name}", status=200)
post_logout_redirect_url = "https://mydomain.tld/disconnected"
res = testclient.get(
"/oauth/end_session",
params={
"id_token_hint": id_token,
"logout_hint": logged_user.identifier,
"logout_hint": logged_user.user_name,
"client_id": client.client_id,
"post_logout_redirect_uri": post_logout_redirect_url,
},
@ -419,4 +419,4 @@ def test_end_session_no_state(testclient, backend, logged_user, client, id_token
with testclient.session_transaction() as sess:
assert not sess.get("user_id")
testclient.get(f"/profile/{logged_user.identifier}", status=403)
testclient.get(f"/profile/{logged_user.user_name}", status=403)