116 lines
4.4 KiB
Python
116 lines
4.4 KiB
Python
import jwt
|
|
import os
|
|
import requests
|
|
|
|
from datetime import datetime
|
|
from unittest import TestCase
|
|
|
|
URL = os.getenv("SIMPLE_AUTH_URL", "http://127.0.0.1:9001")
|
|
PUB_KEY_PATH = os.getenv("SIMPLE_AUTH_PUB_KEY", "")
|
|
|
|
|
|
class TestResponse(TestCase):
|
|
def setUp(self):
|
|
with open(PUB_KEY_PATH, "r") as f:
|
|
self.pub_key = f.read()
|
|
|
|
def test_get_target(self):
|
|
resp = requests.post(
|
|
URL + "/get/", json={"username": "toto", "password": "tata"}
|
|
)
|
|
self.assertEqual(resp.status_code, 200, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data can't be empty")
|
|
|
|
token = resp.json()["token"]
|
|
jwt_decoded = jwt.decode(
|
|
token,
|
|
self.pub_key,
|
|
algorithms=["RS384"],
|
|
options={
|
|
"verify_signature": True,
|
|
"verify_claims": True,
|
|
"verify_iss": True,
|
|
},
|
|
)
|
|
self.assertEqual("thegux.fr", jwt_decoded["iss"])
|
|
|
|
jwt_exp = datetime.fromtimestamp(jwt_decoded["exp"])
|
|
jwt_iat = datetime.fromtimestamp(jwt_decoded["iat"])
|
|
date_exp = datetime.strptime(str(jwt_exp - jwt_iat), "%H:%M:%S")
|
|
self.assertEqual(2, date_exp.hour)
|
|
return token
|
|
|
|
def test_validate_target_no_token(self):
|
|
resp = requests.post(
|
|
URL + "/validate/", json={"username": "toto", "password": "tata"}
|
|
)
|
|
self.assertEqual(resp.status_code, 200, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data can't be empty")
|
|
self.assertEqual(resp.json()["valid"], "false", "bad status returned")
|
|
self.assertEqual(resp.json()["reason"], "no token provided in the request body")
|
|
|
|
def test_validate_target_empty_token(self):
|
|
resp = requests.post(URL + "/validate/", json={"tutu": "tutu", "token": ""})
|
|
self.assertEqual(resp.status_code, 200, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data can't be empty")
|
|
self.assertEqual(resp.json()["valid"], "false", "bad status returned")
|
|
self.assertEqual(
|
|
resp.json()["reason"],
|
|
"token validation failed err=JWT compact encoding error",
|
|
)
|
|
|
|
def test_validate_target(self):
|
|
token = self.test_get_target()
|
|
|
|
resp = requests.post(URL + "/validate/", json={"token": token})
|
|
self.assertEqual(resp.status_code, 200, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data can't be empty")
|
|
self.assertEqual(resp.json()["valid"], "true", "bad status returned")
|
|
|
|
# TODO: must be updated after implementing `/refresh/` url handler
|
|
def test_refresh_target(self):
|
|
resp = requests.post(
|
|
URL + "/refresh/", json={"username": "toto", "password": "tata"}
|
|
)
|
|
self.assertEqual(resp.status_code, 404, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data can't be empty")
|
|
self.assertEqual(
|
|
resp.json()["error"],
|
|
"the url requested does not exist",
|
|
"bad status returned",
|
|
)
|
|
|
|
def test_no_credentials(self):
|
|
resp = requests.post(URL + "/get/")
|
|
self.assertEqual(resp.status_code, 400, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data must not be empty")
|
|
self.assertEqual(
|
|
resp.json()["error"],
|
|
"the incoming request is not valid",
|
|
"invalid error message returned",
|
|
)
|
|
|
|
def test_bad_credentials(self):
|
|
resp = requests.post(
|
|
URL + "/get/", json={"username": "tutu", "password": "titi"}
|
|
)
|
|
self.assertEqual(resp.status_code, 403, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data must not be empty")
|
|
self.assertEqual(
|
|
resp.json()["error"],
|
|
"invalid credentials",
|
|
"invalid error message returned",
|
|
)
|
|
|
|
def test_bad_target(self):
|
|
resp = requests.post(
|
|
URL + "/token/", json={"username": "toto", "password": "tata"}
|
|
)
|
|
self.assertEqual(resp.status_code, 404, "bad status code returned")
|
|
self.assertIsNotNone(resp.json(), "response data must not be empty")
|
|
self.assertEqual(
|
|
resp.json()["error"],
|
|
"the url requested does not exist",
|
|
"invalid error message returned",
|
|
)
|