Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-auth-library-python / 2c6ad78917e936f38f87c946209c8031166dc96e / . / tests / oauth2 / test_credentials.py
blob: 922c3bbf7205a22161ccd81e231c6d21b72538cb [file] [log] [blame]
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]1# Copyright 2016 Google Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15import datetime
Hiranya Jayathilaka23c88f72017-12-05 09:29:59 -0800[diff] [blame]16import json
17import os
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]18
19import mock
Thea Flowers118c0482018-05-24 13:34:07 -0700[diff] [blame]20import pytest
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]21
22from google.auth import _helpers
Thea Flowers118c0482018-05-24 13:34:07 -0700[diff] [blame]23from google.auth import exceptions
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]24from google.auth import transport
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]25from google.oauth2 import credentials
26
27
Hiranya Jayathilaka23c88f72017-12-05 09:29:59 -0800[diff] [blame]28DATA_DIR = os.path.join(os.path.dirname(__file__), '..', 'data')
29
30AUTH_USER_JSON_FILE = os.path.join(DATA_DIR, 'authorized_user.json')
31
32with open(AUTH_USER_JSON_FILE, 'r') as fh:
33 AUTH_USER_INFO = json.load(fh)
34
35
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]36class TestCredentials(object):
37 TOKEN_URI = 'https://example.com/oauth2/token'
38 REFRESH_TOKEN = 'refresh_token'
39 CLIENT_ID = 'client_id'
40 CLIENT_SECRET = 'client_secret'
41
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]42 @classmethod
43 def make_credentials(cls):
44 return credentials.Credentials(
45 token=None, refresh_token=cls.REFRESH_TOKEN,
46 token_uri=cls.TOKEN_URI, client_id=cls.CLIENT_ID,
47 client_secret=cls.CLIENT_SECRET)
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]48
49 def test_default_state(self):
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]50 credentials = self.make_credentials()
51 assert not credentials.valid
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]52 # Expiration hasn't been set yet
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]53 assert not credentials.expired
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]54 # Scopes aren't required for these credentials
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]55 assert not credentials.requires_scopes
Jon Wayne Parrott2d0549a2017-03-01 09:27:16 -0800[diff] [blame]56 # Test properties
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]57 assert credentials.refresh_token == self.REFRESH_TOKEN
58 assert credentials.token_uri == self.TOKEN_URI
59 assert credentials.client_id == self.CLIENT_ID
60 assert credentials.client_secret == self.CLIENT_SECRET
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]61
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]62 @mock.patch('google.oauth2._client.refresh_grant', autospec=True)
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]63 @mock.patch(
Jon Wayne Parrotte60c1242017-03-23 16:00:24 -0700[diff] [blame]64 'google.auth._helpers.utcnow',
65 return_value=datetime.datetime.min + _helpers.CLOCK_SKEW)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]66 def test_refresh_success(self, unused_utcnow, refresh_grant):
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]67 token = 'token'
68 expiry = _helpers.utcnow() + datetime.timedelta(seconds=500)
Jon Wayne Parrott26a16372017-03-28 13:03:33 -0700[diff] [blame]69 grant_response = {'id_token': mock.sentinel.id_token}
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]70 refresh_grant.return_value = (
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]71 # Access token
72 token,
73 # New refresh token
74 None,
75 # Expiry,
76 expiry,
77 # Extra data
Jon Wayne Parrott26a16372017-03-28 13:03:33 -0700[diff] [blame]78 grant_response)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]79
80 request = mock.create_autospec(transport.Request)
81 credentials = self.make_credentials()
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]82
83 # Refresh credentials
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]84 credentials.refresh(request)
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]85
86 # Check jwt grant call.
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]87 refresh_grant.assert_called_with(
88 request, self.TOKEN_URI, self.REFRESH_TOKEN, self.CLIENT_ID,
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]89 self.CLIENT_SECRET)
90
91 # Check that the credentials have the token and expiry
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]92 assert credentials.token == token
93 assert credentials.expiry == expiry
94 assert credentials.id_token == mock.sentinel.id_token
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]95
96 # Check that the credentials are valid (have a token and are not
97 # expired)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]98 assert credentials.valid
Hiranya Jayathilaka23c88f72017-12-05 09:29:59 -0800[diff] [blame]99
Thea Flowers118c0482018-05-24 13:34:07 -0700[diff] [blame]100 def test_refresh_no_refresh_token(self):
101 request = mock.create_autospec(transport.Request)
102 credentials_ = credentials.Credentials(
103 token=None, refresh_token=None)
104
105 with pytest.raises(exceptions.RefreshError, match='necessary fields'):
106 credentials_.refresh(request)
107
108 request.assert_not_called()
109
Hiranya Jayathilaka23c88f72017-12-05 09:29:59 -0800[diff] [blame]110 def test_from_authorized_user_info(self):
111 info = AUTH_USER_INFO.copy()
112
113 creds = credentials.Credentials.from_authorized_user_info(info)
114 assert creds.client_secret == info['client_secret']
115 assert creds.client_id == info['client_id']
116 assert creds.refresh_token == info['refresh_token']
117 assert creds.token_uri == credentials._GOOGLE_OAUTH2_TOKEN_ENDPOINT
118 assert creds.scopes is None
119
120 scopes = ['email', 'profile']
121 creds = credentials.Credentials.from_authorized_user_info(
122 info, scopes)
123 assert creds.client_secret == info['client_secret']
124 assert creds.client_id == info['client_id']
125 assert creds.refresh_token == info['refresh_token']
126 assert creds.token_uri == credentials._GOOGLE_OAUTH2_TOKEN_ENDPOINT
127 assert creds.scopes == scopes
128
129 def test_from_authorized_user_file(self):
130 info = AUTH_USER_INFO.copy()
131
132 creds = credentials.Credentials.from_authorized_user_file(
133 AUTH_USER_JSON_FILE)
134 assert creds.client_secret == info['client_secret']
135 assert creds.client_id == info['client_id']
136 assert creds.refresh_token == info['refresh_token']
137 assert creds.token_uri == credentials._GOOGLE_OAUTH2_TOKEN_ENDPOINT
138 assert creds.scopes is None
139
140 scopes = ['email', 'profile']
141 creds = credentials.Credentials.from_authorized_user_file(
142 AUTH_USER_JSON_FILE, scopes)
143 assert creds.client_secret == info['client_secret']
144 assert creds.client_id == info['client_id']
145 assert creds.refresh_token == info['refresh_token']
146 assert creds.token_uri == credentials._GOOGLE_OAUTH2_TOKEN_ENDPOINT
147 assert creds.scopes == scopes