import os import requests import pytest import microcosm class MockJsonResponse: def __init__(self, respobj): self.respobj = respobj def json(self): return self.respobj def expect_json_response(resp): def build_response(*args, **kwargs): return MockJsonResponse(resp) return build_response def test_no_token_request(mocker): """Test to make sure that requests without a JWT token fail with a 401""" mocker.patch.object(microcosm,'PERMITTED_DOMAIN', ['https://testsite.com/']) rget = mocker.patch('microcosm.requests.get') with microcosm.app.test_client() as c: response = c.get("/") assert response.status_code == 401 assert response.json.get("error") == "unauthorized" def test_invalid_token_request(mocker): """Test to make sure that requests without a JWT token fail with a 401""" mocker.patch.object(microcosm,'PERMITTED_DOMAIN', ['https://testsite.com/']) rget = mocker.patch('microcosm.requests.get', side_effect=expect_json_response({"me":"https://someothersite.com/"})) with microcosm.app.test_client() as c: response = c.get("/", headers={'Authorization': 'Bearer SomeTestTokenValue'}) assert response.status_code == 401 assert response.json.get("error") == "insufficient_scope" # check that the request to the token provider was made properly rget.assert_called_with('https://tokens.indieauth.com/token', headers={'Authorization': 'Bearer SomeTestTokenValue', 'Accept': 'application/json'}) # def test_config_endpoint_request(mocker): # """Test to make sure that requests without a JWT token fail with a 401""" # mocker.patch.object(microcosm,'PERMITTED_DOMAIN', ['https://testsite.com/']) # rget = mocker.patch('microcosm.requests.get', side_effect=expect_json_response({"me":"https://testsite.com/"})) # with microcosm.app.test_client() as c: # print(c.get("/", headers={'Authorization': 'Bearer TEST'}))