qvisqve/authn_entity_manager_tests.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

# Copyright (C) 2018  Lars Wirzenius
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.


import shutil
import tempfile
import unittest

import qvisqve


class AuthenticatingEntityManagerTests(unittest.TestCase):

    def setUp(self):
        self.tempdir = tempfile.mkdtemp()
        fs = qvisqve.FileStore(self.tempdir)
        self.aem = qvisqve.AuthenticatingEntityManager(fs, 'client')

    def tearDown(self):
        shutil.rmtree(self.tempdir)

    def test_does_not_validate_secret_if_entity_does_not_exist(self):
        self.assertFalse(
            self.aem.is_valid_secret('does-not-exist', 'whatever'))

    def test_does_not_validate_secret_if_not_stored(self):
        secret = 'hunter2'
        client = {
            'id': 'test-client',
        }

        self.aem.create(client['id'], client)
        self.assertFalse(self.aem.is_valid_secret(client['id'], secret))

    def test_validates_secret(self):
        secret = 'hunter2'
        client = {
            'id': 'test-client',
        }

        self.aem.create(client['id'], client)
        self.aem.set_secret(client['id'], secret)
        self.assertFalse(self.aem.is_valid_secret(client['id'], 'invalid'))
        self.assertTrue(self.aem.is_valid_secret(client['id'], secret))

    def test_returns_empty_list_of_scopes_initially(self):
        client = {
            'id': 'test-client',
        }

        self.aem.create(client['id'], client)
        self.assertEqual(self.aem.get_allowed_scopes(client['id']), [])

    def test_sets_allowed_scopes(self):
        client = {
            'id': 'test-client',
        }
        scopes = ['foo', 'bar']

        self.aem.create(client['id'], client)
        self.aem.set_allowed_scopes(client['id'], scopes)
        self.assertEqual(self.aem.get_allowed_scopes(client['id']), scopes)


class ClientManagerTests(unittest.TestCase):

    def setUp(self):
        self.tempdir = tempfile.mkdtemp()
        fs = qvisqve.FileStore(self.tempdir)
        self.cm = qvisqve.ClientManager(fs)

    def tearDown(self):
        shutil.rmtree(self.tempdir)

    def test_validates_client_secret(self):
        secret = 'hunter2'
        client = {
            'id': 'test-client',
        }

        self.cm.create(client['id'], client)
        self.cm.set_secret(client['id'], secret)
        self.assertTrue(self.cm.is_valid_secret(client['id'], secret))


class UserManagerTests(unittest.TestCase):

    def setUp(self):
        self.tempdir = tempfile.mkdtemp()
        fs = qvisqve.FileStore(self.tempdir)
        self.um = qvisqve.UserManager(fs)

    def tearDown(self):
        shutil.rmtree(self.tempdir)

    def test_creates_user(self):
        user = {
            'id': 'tomjon',
        }
        self.um.create(user['id'], user)
        self.assertEqual(self.um.get(user['id']), user)