Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-auth-library-python / 78fec2c7bd81e7f0c174e98d97fc08e5565307b7 / . / tests / oauth2 / test_credentials.py
blob: 14984a1dbaa3ce3c2ea81c22275c3d6af4b74aa4 [file] [log] [blame]
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]1# Copyright 2016 Google Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15import datetime
16
17import mock
18import pytest
19
20from google.auth import _helpers
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]21from google.auth import transport
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]22from google.oauth2 import credentials
23
24
25class TestCredentials(object):
26 TOKEN_URI = 'https://example.com/oauth2/token'
27 REFRESH_TOKEN = 'refresh_token'
28 CLIENT_ID = 'client_id'
29 CLIENT_SECRET = 'client_secret'
30
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]31 @classmethod
32 def make_credentials(cls):
33 return credentials.Credentials(
34 token=None, refresh_token=cls.REFRESH_TOKEN,
35 token_uri=cls.TOKEN_URI, client_id=cls.CLIENT_ID,
36 client_secret=cls.CLIENT_SECRET)
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]37
38 def test_default_state(self):
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]39 credentials = self.make_credentials()
40 assert not credentials.valid
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]41 # Expiration hasn't been set yet
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]42 assert not credentials.expired
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]43 # Scopes aren't required for these credentials
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]44 assert not credentials.requires_scopes
Jon Wayne Parrott2d0549a2017-03-01 09:27:16 -0800[diff] [blame]45 # Test properties
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]46 assert credentials.refresh_token == self.REFRESH_TOKEN
47 assert credentials.token_uri == self.TOKEN_URI
48 assert credentials.client_id == self.CLIENT_ID
49 assert credentials.client_secret == self.CLIENT_SECRET
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]50
51 def test_create_scoped(self):
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]52 credentials = self.make_credentials()
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]53 with pytest.raises(NotImplementedError):
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]54 credentials.with_scopes(['email'])
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]55
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]56 @mock.patch('google.oauth2._client.refresh_grant', autospec=True)
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]57 @mock.patch(
Jon Wayne Parrotte60c1242017-03-23 16:00:24 -0700[diff] [blame]58 'google.auth._helpers.utcnow',
59 return_value=datetime.datetime.min + _helpers.CLOCK_SKEW)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]60 def test_refresh_success(self, unused_utcnow, refresh_grant):
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]61 token = 'token'
62 expiry = _helpers.utcnow() + datetime.timedelta(seconds=500)
Jon Wayne Parrott26a16372017-03-28 13:03:33 -0700[diff] [blame]63 grant_response = {'id_token': mock.sentinel.id_token}
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]64 refresh_grant.return_value = (
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]65 # Access token
66 token,
67 # New refresh token
68 None,
69 # Expiry,
70 expiry,
71 # Extra data
Jon Wayne Parrott26a16372017-03-28 13:03:33 -0700[diff] [blame]72 grant_response)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]73
74 request = mock.create_autospec(transport.Request)
75 credentials = self.make_credentials()
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]76
77 # Refresh credentials
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]78 credentials.refresh(request)
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]79
80 # Check jwt grant call.
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]81 refresh_grant.assert_called_with(
82 request, self.TOKEN_URI, self.REFRESH_TOKEN, self.CLIENT_ID,
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]83 self.CLIENT_SECRET)
84
85 # Check that the credentials have the token and expiry
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]86 assert credentials.token == token
87 assert credentials.expiry == expiry
88 assert credentials.id_token == mock.sentinel.id_token
Jon Wayne Parrott10ec7e92016-10-17 10:46:38 -0700[diff] [blame]89
90 # Check that the credentials are valid (have a token and are not
91 # expired)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame^]92 assert credentials.valid