FitTrackee/fittrackee/tests/oauth2/test_oauth2_scopes.py

59 lines
1.6 KiB
Python
Raw Permalink Normal View History

2022-05-27 18:19:12 +02:00
import pytest
from flask import Flask
from fittrackee.users.models import User
from ..mixins import ApiTestCaseMixin
2022-06-15 19:16:14 +02:00
class TestOAuth2Scopes(ApiTestCaseMixin):
2022-05-27 18:19:12 +02:00
@pytest.mark.parametrize(
2022-06-15 19:16:14 +02:00
'endpoint_url,scope',
2022-05-27 18:19:12 +02:00
[
2022-06-15 19:16:14 +02:00
('/api/auth/profile', 'profile:read'),
('/api/workouts', 'workouts:read'),
2022-05-27 18:19:12 +02:00
],
)
2022-06-15 19:16:14 +02:00
def test_oauth_client_can_access_authorized_endpoints(
self, app: Flask, user_1: User, endpoint_url: str, scope: str
2022-05-27 18:19:12 +02:00
) -> None:
(
client,
oauth_client,
access_token,
_,
2022-06-19 20:04:42 +02:00
) = self.create_oauth2_client_and_issue_token(app, user_1, scope=scope)
2022-05-27 18:19:12 +02:00
response = client.get(
endpoint_url,
content_type='application/json',
headers=dict(Authorization=f'Bearer {access_token}'),
)
2022-06-15 19:16:14 +02:00
self.assert_not_insufficient_scope_error(response)
2022-05-27 18:19:12 +02:00
@pytest.mark.parametrize(
2022-06-15 19:16:14 +02:00
'endpoint_url,scope',
2022-05-27 18:19:12 +02:00
[
2022-06-15 19:16:14 +02:00
('/api/auth/profile', 'workouts:read'),
('/api/workouts', 'profile:read'),
2022-05-27 18:19:12 +02:00
],
)
2022-06-15 19:16:14 +02:00
def test_oauth_client_can_not_access_unauthorized_endpoints(
self, app: Flask, user_1: User, endpoint_url: str, scope: str
2022-05-27 18:19:12 +02:00
) -> None:
(
client,
oauth_client,
access_token,
_,
2022-06-19 20:04:42 +02:00
) = self.create_oauth2_client_and_issue_token(app, user_1, scope=scope)
2022-05-27 18:19:12 +02:00
response = client.get(
2022-06-15 19:16:14 +02:00
endpoint_url,
2022-05-27 18:19:12 +02:00
content_type='application/json',
headers=dict(Authorization=f'Bearer {access_token}'),
)
2022-06-15 19:16:14 +02:00
self.assert_insufficient_scope(response)