simple-auth/tests/python/test_requests.py

import jwt
import requests

from datetime import datetime

from unittest import TestCase

URL = "https://dev.thegux.fr"


class TestResponse(TestCase):
    def test_get_target(self):
        resp = requests.post(
            URL + "/get/", json={"username": "toto", "password": "tata"}
        )
        self.assertEqual(resp.status_code, 200, "bad status code returned")
        self.assertIsNotNone(resp.json(), "response data can't be empty")

        token = resp.json()["token"]
        jwt_decoded = jwt.decode(token, options={"verify_signature": False})
        self.assertEqual("thegux.fr", jwt_decoded["iss"])

        jwt_exp = datetime.fromtimestamp(jwt_decoded["exp"])
        jwt_iat = datetime.fromtimestamp(jwt_decoded["iat"])
        date_exp = datetime.strptime(str(jwt_exp - jwt_iat), "%H:%M:%S")
        self.assertEqual(2, date_exp.hour)

    def test_validate_target(self):
        resp = requests.post(
            URL + "/validate/", json={"username": "toto", "password": "tata"}
        )
        self.assertEqual(resp.status_code, 200, "bad status code returned")
        self.assertIsNotNone(resp.json(), "response data can't be empty")
        self.assertEqual(
            resp.json()["token"], "header.payload.signature", "bad status returned"
        )

    # TODO: must be updated after implmenting `/refresh/` url handler
    def test_refresh_target(self):
        resp = requests.post(
            URL + "/refresh/", json={"username": "toto", "password": "tata"}
        )
        self.assertEqual(resp.status_code, 404, "bad status code returned")
        self.assertIsNotNone(resp.json(), "response data can't be empty")
        self.assertEqual(
            resp.json()["error"],
            "the url requested does not exist",
            "bad status returned",
        )

    def test_no_credentials(self):
        resp = requests.post(URL + "/get/")
        self.assertEqual(resp.status_code, 400, "bad status code returned")
        self.assertIsNotNone(resp.json(), "response data must not be empty")
        self.assertEqual(
            resp.json()["error"],
            "the incoming request is not valid",
            "invalid error message returned",
        )

    def test_bad_credentials(self):
        resp = requests.post(
            URL + "/get/", json={"username": "tutu", "password": "titi"}
        )
        self.assertEqual(resp.status_code, 403, "bas status code returned")
        self.assertIsNotNone(resp.json(), "response data must not be empty")
        self.assertEqual(
            resp.json()["error"],
            "invalid credentials",
            "invalid error message returned",
        )

    def test_bad_target(self):
        resp = requests.post(
            URL + "/token/", json={"username": "toto", "password": "tata"}
        )
        self.assertEqual(resp.status_code, 404, "bad status code returned")
        self.assertIsNotNone(resp.json(), "response data must not be empty")
        self.assertEqual(
            resp.json()["error"],
            "the url requested does not exist",
            "invalid error message returned",
        )