API - config update + fix getting refresh token status

2022-06-08 11:19:14 +02:00 · 2022-06-08 11:19:14 +02:00 · c4c858c6bf
commit c4c858c6bf
parent 4be4f46c26
4 changed files with 76 additions and 6 deletions
--- a/fittrackee/config.py
+++ b/fittrackee/config.py
@ -46,6 +46,10 @@ class BaseConfig:
            os.environ.get('DEFAULT_STATICMAP', 'False') == 'True'
        ),
    }
+    OAUTH2_TOKEN_EXPIRES_IN = {
+        'authorization_code': 864000,  # 10 days
+    }
+    OAUTH2_REFRESH_TOKEN_GENERATOR = True


 class DevelopmentConfig(BaseConfig):
@ -65,9 +69,11 @@ class TestingConfig(BaseConfig):
    TOKEN_EXPIRATION_DAYS = 0
    TOKEN_EXPIRATION_SECONDS = 3
    PASSWORD_TOKEN_EXPIRATION_SECONDS = 3
-    OAUTH2_REFRESH_TOKEN_GENERATOR = True
    UI_URL = 'http://0.0.0.0:5000'
    SENDER_EMAIL = 'fittrackee@example.com'
+    OAUTH2_TOKEN_EXPIRES_IN = {
+        'authorization_code': 60,
+    }


 class End2EndTestingConfig(TestingConfig):
--- a/fittrackee/oauth2/models.py
+++ b/fittrackee/oauth2/models.py
@ -89,7 +89,7 @@ class OAuth2Token(BaseModel, OAuth2TokenMixin):
    user = db.relationship('User')

    def is_refresh_token_active(self) -> bool:
-        if self.revoked:
+        if self.is_revoked():
            return False
        expires_at = self.issued_at + self.expires_in * 2
        return expires_at >= time.time()
--- a/fittrackee/tests/oauth2/test_oauth2_models.py
+++ b/fittrackee/tests/oauth2/test_oauth2_models.py
@ -1,12 +1,16 @@
+import time
+from unittest.mock import patch
+
+import pytest
 from flask import Flask

-from fittrackee.oauth2.models import OAuth2Client
+from fittrackee.oauth2.models import OAuth2Client, OAuth2Token

 from ..mixins import RandomMixin


-class TestOAuthClientSerialize(RandomMixin):
-    def test_it_returns_oauth_client(self, app: Flask) -> None:
+class OAuth2ModelTestCase(RandomMixin):
+    def create_oauth2_client(self) -> OAuth2Client:
        oauth_client = OAuth2Client(
            id=self.random_int(),
            client_id=self.random_string(),
@ -20,6 +24,12 @@ class TestOAuthClientSerialize(RandomMixin):
                'client_uri': self.random_domain(),
            }
        )
+        return oauth_client
+
+
+class TestOAuth2ClientSerialize(OAuth2ModelTestCase):
+    def test_it_returns_oauth_client(self, app: Flask) -> None:
+        oauth_client = self.create_oauth2_client()

        serialized_oauth_client = oauth_client.serialize()

@ -64,3 +74,57 @@ class TestOAuthClientSerialize(RandomMixin):
            serialized_oauth_client['client_secret']
            == oauth_client.client_secret
        )
+
+
+class TestOAuth2Token(OAuth2ModelTestCase):
+    @pytest.mark.parametrize(
+        'input_expiration,expected_status', [(1000, True), (0, False)]
+    )
+    def test_it_returns_refresh_token_status(
+        self, app: Flask, input_expiration: int, expected_status: bool
+    ) -> None:
+        oauth_client = self.create_oauth2_client()
+        token = OAuth2Token(
+            client_id=oauth_client.client_id,
+            access_token=self.random_string(),
+            refresh_token=self.random_string(),
+            issued_at=int(time.time()),
+            expires_in=input_expiration,
+        )
+
+        assert token.is_refresh_token_active() is expected_status
+
+    def test_it_returns_refresh_token_active_when_below_twice_expiration(
+        self, app: Flask
+    ) -> None:
+        oauth_client = self.create_oauth2_client()
+        issued_at = int(time.time())
+        expires_in = self.random_int()
+        token = OAuth2Token(
+            client_id=oauth_client.client_id,
+            access_token=self.random_string(),
+            refresh_token=self.random_string(),
+            issued_at=int(time.time()),
+            expires_in=expires_in,
+        )
+
+        with patch(
+            'fittrackee.oauth2.models.time.time',
+            return_value=(issued_at + expires_in * 2 - 1),
+        ):
+            assert token.is_refresh_token_active() is True
+
+    def test_it_returns_refresh_token_inactive_when_token_revoked(
+        self, app: Flask
+    ) -> None:
+        oauth_client = self.create_oauth2_client()
+        token = OAuth2Token(
+            client_id=oauth_client.client_id,
+            access_token=self.random_string(),
+            refresh_token=self.random_string(),
+            issued_at=int(time.time()),
+            access_token_revoked_at=int(time.time()),
+            expires_in=1000,
+        )
+
+        assert token.is_refresh_token_active() is False
--- a/fittrackee/tests/oauth2/test_oauth2_routes.py
+++ b/fittrackee/tests/oauth2/test_oauth2_routes.py
@ -351,7 +351,7 @@ class TestOAuthIssueToken(ApiTestCaseMixin):
        assert response.status_code == 200
        data = json.loads(response.data.decode())
        assert data.get('access_token') is not None
-        assert data.get('expires_in') is not None
+        assert data.get('expires_in') == 60  # test config
        assert data.get('refresh_token') is not None
        assert data.get('token_type') == 'Bearer'