Skip to content

test_bearer_authentication#

sso_authenticated_client#

Source code in tests/unit/apps/users/api/test_bearer_authentication.py 
17
18
19
20
21
@pytest.fixture
def sso_authenticated_client(client, enable_sso, sso_session_teppo, get_sso_token):
    token = get_sso_token(sso_session_teppo)
    client.cookies = SimpleCookie({django_settings.SSO_SESSION_COOKIE: token})
    return client

test_bearer_token_flow#

Source code in tests/unit/apps/users/api/test_bearer_authentication.py 
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
@pytest.mark.django_db
def test_bearer_token_flow(sso_authenticated_client):
    # create new token
    resp = sso_authenticated_client.post(reverse("tokens"))
    assert resp.status_code == 200
    token = resp.data["token"]
    prefix = resp.data["prefix"]

    # create new client using bearer token, verify we are authenticated
    client = APIClient()
    client.credentials(HTTP_AUTHORIZATION=f"Bearer {token}")
    resp = client.get(reverse("user"))
    assert resp.status_code == 200
    assert resp.data["username"] == "fd_teppo3"

    # list tokens
    resp = sso_authenticated_client.get(f"{reverse('tokens')}")
    assert resp.status_code == 200
    assert resp.data[0]["prefix"] == prefix

    # delete token
    resp = sso_authenticated_client.delete(f"{reverse('tokens')}?prefix={prefix}")
    assert resp.status_code == 303

    # verify that token no longer works
    resp = client.get(reverse("user"))
    assert resp.status_code == 403

test_list_tokens_unauthenticated#

Source code in tests/unit/apps/users/api/test_bearer_authentication.py 
53
54
55
56
@pytest.mark.django_db
def test_list_tokens_unauthenticated(client):
    resp = client.get(reverse("tokens"))
    assert resp.status_code == 403