globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
canaille-globuzma/tests/oidc/test_password_flow.py
Éloi Rivard 16d2d71194 split oidc tests from the rest
2022-01-11 19:42:26 +01:00

73 lines
2 KiB
Python
Raw Blame History

from canaille.models import Token
from . import client_credentials
def test_password_flow_basic(testclient, slapd_connection, user, client):
res = testclient.post(
"/oauth/token",
params=dict(
grant_type="password",
username="John (johnny) Doe",
password="correct horse battery staple",
scope="profile",
),
headers={"Authorization": f"Basic {client_credentials(client)}"},
status=200,
)
assert res.json["scope"] == "openid profile groups"
assert res.json["token_type"] == "Bearer"
access_token = res.json["access_token"]
token = Token.get(access_token, conn=slapd_connection)
assert token is not None
res = testclient.get(
"/oauth/userinfo",
headers={"Authorization": f"Bearer {access_token}"},
status=200,
)
assert {
"name": "John (johnny) Doe",
"sub": "user",
"family_name": "Doe",
"groups": [],
} == res.json
def test_password_flow_post(testclient, slapd_connection, user, client):
client.oauthTokenEndpointAuthMethod = "client_secret_post"
client.save(conn=slapd_connection)
res = testclient.post(
"/oauth/token",
params=dict(
grant_type="password",
username="John (johnny) Doe",
password="correct horse battery staple",
scope="profile",
client_id=client.oauthClientID,
client_secret=client.oauthClientSecret,
),
status=200,
)
assert res.json["scope"] == "openid profile groups"
assert res.json["token_type"] == "Bearer"
access_token = res.json["access_token"]
token = Token.get(access_token, conn=slapd_connection)
assert token is not None
res = testclient.get(
"/oauth/userinfo",
headers={"Authorization": f"Bearer {access_token}"},
status=200,
)
assert {
"name": "John (johnny) Doe",
"sub": "user",
"family_name": "Doe",
"groups": [],
} == res.json
View git blame Copy permalink