2022-01-29 15:04:27 +00:00
|
|
|
|
|
|
|
|
import os
|
|
|
|
|
import requests
|
|
|
|
|
import pytest
|
|
|
|
|
import microcosm
|
|
|
|
|
|
|
|
|
|
class MockJsonResponse:
|
|
|
|
|
|
|
|
|
|
def __init__(self, respobj):
|
|
|
|
|
self.respobj = respobj
|
|
|
|
|
|
|
|
|
|
def json(self):
|
|
|
|
|
return self.respobj
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def expect_json_response(resp):
|
|
|
|
|
def build_response(*args, **kwargs):
|
|
|
|
|
return MockJsonResponse(resp)
|
|
|
|
|
return build_response
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_no_token_request(mocker):
|
|
|
|
|
"""Test to make sure that requests without a JWT token fail with a 401"""
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
mocker.patch.object(microcosm,'PERMITTED_DOMAIN', ['https://testsite.com/'])
|
|
|
|
|
|
|
|
|
|
rget = mocker.patch('microcosm.requests.get')
|
|
|
|
|
|
2022-10-22 12:03:03 +01:00
|
|
|
app = microcosm.create_app()
|
|
|
|
|
|
|
|
|
|
with app.test_client() as c:
|
2022-01-29 15:04:27 +00:00
|
|
|
response = c.get("/")
|
|
|
|
|
assert response.status_code == 401
|
|
|
|
|
assert response.json.get("error") == "unauthorized"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_invalid_token_request(mocker):
|
|
|
|
|
"""Test to make sure that requests without a JWT token fail with a 401"""
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
mocker.patch.object(microcosm,'PERMITTED_DOMAIN', ['https://testsite.com/'])
|
|
|
|
|
|
|
|
|
|
rget = mocker.patch('microcosm.requests.get', side_effect=expect_json_response({"me":"https://someothersite.com/"}))
|
|
|
|
|
|
2022-10-22 12:03:03 +01:00
|
|
|
app = microcosm.create_app()
|
|
|
|
|
|
|
|
|
|
with app.test_client() as c:
|
2022-01-29 15:04:27 +00:00
|
|
|
response = c.get("/", headers={'Authorization': 'Bearer SomeTestTokenValue'})
|
|
|
|
|
assert response.status_code == 401
|
|
|
|
|
assert response.json.get("error") == "insufficient_scope"
|
|
|
|
|
|
|
|
|
|
# check that the request to the token provider was made properly
|
|
|
|
|
rget.assert_called_with('https://tokens.indieauth.com/token',
|
|
|
|
|
headers={'Authorization': 'Bearer SomeTestTokenValue',
|
|
|
|
|
'Accept': 'application/json'})
|
|
|
|
|
|
|
|
|
|
# def test_config_endpoint_request(mocker):
|
|
|
|
|
# """Test to make sure that requests without a JWT token fail with a 401"""
|
|
|
|
|
|
|
|
|
|
# mocker.patch.object(microcosm,'PERMITTED_DOMAIN', ['https://testsite.com/'])
|
|
|
|
|
|
|
|
|
|
# rget = mocker.patch('microcosm.requests.get', side_effect=expect_json_response({"me":"https://testsite.com/"}))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# with microcosm.app.test_client() as c:
|
|
|
|
|
# print(c.get("/", headers={'Authorization': 'Bearer TEST'}))
|
|
|
|
|
|
