ó O'—^c@sddlmZddlZddlmZmZddlmZddlm Z ddl m Z dd l m Z mZmZmZdd lmZmZmZdd lmZdd lmZmZeƒZeƒZd efd„ƒYZdefd„ƒYZdefd„ƒYZde efd„ƒYZdefd„ƒYZ defd„ƒYZ!defd„ƒYZ"defd„ƒYZ#dS(iÿÿÿÿ(tunicode_literalsN(tTestCasetRequestFactory(tImproperlyConfigured(treversei(t TestCaseUtilsi(turlparsetparse_qstget_user_modelt urlencode(tget_application_modeltGrantt AccessToken(toauth2_settings(tScopedProtectedResourceViewtReadWriteScopedResourceViewtScopeResourceViewcBseZdgZd„ZRS(uscope1cOsdS(NuThis is a protected resource((tselftrequesttargstkwargs((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pytgets(t__name__t __module__trequired_scopesR(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyRs tMultiScopeResourceViewcBseZddgZd„ZRS(uscope1uscope2cOsdS(NuThis is a protected resource((RRRR((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyRs(RRRR(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyRs tReadWriteResourceViewcBseZd„Zd„ZRS(cOsdS(Nu!This is a read protected resource((RRRR((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyR#scOsdS(Nu"This is a write protected resource((RRRR((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pytpost&s(RRRR(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyR"s tBaseTestcBseZd„Zd„ZRS(c Cs°tƒ|_tjjdddƒ|_tjjdddƒ|_tdddd d |jd tjd tj ƒ|_ |j j ƒd ddddgt _ d t _dt _dS(Nu test_useru test@user.comu123456udev_useru dev@user.comtnameuTest Applicationt redirect_urisu5http://localhost http://example.com http://example.ittusert client_typetauthorization_grant_typeureaduwriteuscope1uscope2uscope3(Rtfactoryt UserModeltobjectst create_usert test_usertdev_usert ApplicationtCLIENT_CONFIDENTIALtGRANT_AUTHORIZATION_CODEt applicationtsaveR t_SCOPESt READ_SCOPEt WRITE_SCOPE(R((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pytsetUp+s     cCs+|jjƒ|jjƒ|jjƒdS(N(R+tdeleteR&R'(R((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttearDown=s  (RRR0R2(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyR*s t.TestScopesQueryParameterBackwardsCompatibilitycBs#eZd„Zd„Zd„ZRS(cCs5tt|ƒjƒddgt_ddgt_dS(Nureaduwrite(tsuperR3R0R R-t_DEFAULT_SCOPES(R((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyR0DscCsÂ|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}t j j d|ƒ}|j|jdƒdS(uV Tests support for plural `scopes` query parameter on POST requests. tusernameu test_usertpasswordu123456u client_idurandom_state_stringustateu read writeuscopesuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizetdatauLocationtcodeN(tclienttloginR+t client_idtTrueRRRRtquerytpopR R$Rt assertEqualtscope(Rt authcode_datatresponset query_dicttauthorization_codetgrant((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyt0test_scopes_query_parameter_is_supported_on_postIs  cCsÏ|jjddddƒti|jjd6dd6dd 6d d 6d d 6ƒ}djdtdƒd|ƒ}|jj|ƒ}|j|j dƒ|j d|j ƒ|j d}|j|dj ƒdƒdS(uU Tests support for plural `scopes` query parameter on GET requests. R6u test_userR7u123456u client_idurandom_state_stringustateu read writeuscopesuhttp://example.itu redirect_uriucodeu response_typeu {url}?{qs}turluoauth2_provider:authorizetqsiÈuformuscopeN( R:R;R R+R<tformatRRR@t status_codetassertIntcontexttvalue(Rt query_stringRHRCtform((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyt/test_scopes_query_parameter_is_supported_on_get`s   (RRR0RGRQ(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyR3Cs  tTestScopesSavecBseZd„Zd„ZRS(cCsÂ|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}t j j d|ƒ}|j|jdƒdS(u9 Test scopes are properly saved in grant R6u test_userR7u123456u client_idurandom_state_stringustateu scope1 scope2uscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationR9N(R:R;R+R<R=RRRRR>R?R R$RR@RA(RRBRCRDRERF((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_scopes_saved_in_grant{s  c CsA|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}idd6|d 6d d 6}|j |jj|jj ƒ}|jjtdƒd||}t j|jjdƒƒ}|d}tjjd|ƒ} |j| jdƒdS(u@ Test scopes are properly saved in access token R6u test_userR7u123456u client_idurandom_state_stringustateu scope1 scope2uscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationuauthorization_codeu grant_typeuoauth2_provider:tokenuutf-8u access_tokenttokenN(R:R;R+R<R=RRRRR>R?tget_basic_auth_headert client_secrettjsontloadstcontenttdecodeR R$RR@RA( RRBRCRDREttoken_request_datat auth_headersRYt access_tokentat((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyt test_scopes_save_in_access_token‘s*   ! (RRRSR_(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyRRzs tTestScopesProtectioncBs,eZd„Zd„Zd„Zd„ZRS(c Css|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}idd6|d 6d d 6}|j |jj|jj ƒ}|jjtdƒd||}t j|jjdƒƒ}|d}id|d6}|jjd|} |j| _tjƒ} | | ƒ}|j|dƒdS(uX Test access to a scope protected resource with correct scopes provided R6u test_userR7u123456u client_idurandom_state_stringustateu scope1 scope2uscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationuauthorization_codeu grant_typeuoauth2_provider:tokenuutf-8u access_tokenuBearer uHTTP_AUTHORIZATIONu/fake-resourceuThis is a protected resourceN(R:R;R+R<R=RRRRR>R?RURVRWRXRYRZR"RR&RRtas_viewR@( RRBRCRDRER[R\RYR]Rtview((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_scopes_protection_validµs4   !    c Csv|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}idd6|d 6d d 6}|j |jj|jj ƒ}|jjtdƒd||}t j|jjdƒƒ}|d}id|d6}|jjd|} |j| _tjƒ} | | ƒ}|j|jdƒdS(uV Test access to a scope protected resource with wrong scopes provided R6u test_userR7u123456u client_idurandom_state_stringustateuscope2uscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationuauthorization_codeu grant_typeuoauth2_provider:tokenuutf-8u access_tokenuBearer uHTTP_AUTHORIZATIONu/fake-resourcei“N(R:R;R+R<R=RRRRR>R?RURVRWRXRYRZR"RR&RRRaR@RK( RRBRCRDRER[R\RYR]RRb((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_scopes_protection_failßs4   !    c Csv|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}idd6|d 6d d 6}|j |jj|jj ƒ}|jjtdƒd||}t j|jjdƒƒ}|d}id|d6}|jjd|} |j| _tjƒ} | | ƒ}|j|jdƒdS(u\ Test access to a multi-scope protected resource with wrong scopes provided R6u test_userR7u123456u client_idurandom_state_stringustateu scope1 scope3uscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationuauthorization_codeu grant_typeuoauth2_provider:tokenuutf-8u access_tokenuBearer uHTTP_AUTHORIZATIONu/fake-resourcei“N(R:R;R+R<R=RRRRR>R?RURVRWRXRYRZR"RR&RRRaR@RK( RRBRCRDRER[R\RYR]RRb((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_multi_scope_fail s4   !    c Css|jjddddƒi|jjd6dd6dd 6d d 6d d 6td6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}idd6|d 6d d 6}|j |jj|jj ƒ}|jjtdƒd||}t j|jjdƒƒ}|d}id|d6}|jjd|} |j| _tjƒ} | | ƒ}|j|dƒdS(u^ Test access to a multi-scope protected resource with correct scopes provided R6u test_userR7u123456u client_idurandom_state_stringustateu scope1 scope2uscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationuauthorization_codeu grant_typeuoauth2_provider:tokenuutf-8u access_tokenuBearer uHTTP_AUTHORIZATIONu/fake-resourceuThis is a protected resourceN(R:R;R+R<R=RRRRR>R?RURVRWRXRYRZR"RR&RRRaR@( RRBRCRDRER[R\RYR]RRb((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_multi_scope_valid3s4   !    (RRRcRdReRf(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyR`´s * * *tTestReadWriteScopecBsGeZd„Zd„Zd„Zd„Zd„Zd„Zd„ZRS(c Cs|jjddddƒi|jjd6dd6|d6d d 6d d 6td 6}|jjtdƒd|ƒ}tt|dƒj ƒ}|d j ƒ}idd6|d 6d d 6}|j |jj|jj ƒ}|jjtdƒd||}t j|jjdƒƒ}|dS(NR6u test_userR7u123456u client_idurandom_state_stringustateuscopeuhttp://example.itu redirect_uriucodeu response_typeuallowuoauth2_provider:authorizeR8uLocationuauthorization_codeu grant_typeuoauth2_provider:tokenuutf-8u access_token(R:R;R+R<R=RRRRR>R?RURVRWRXRYRZ( RtscopesRBRCRDRER[R\RY((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pytget_access_token_s&   !cCsxdgt_|jjdƒ}tjƒ}|jt||ƒddgt_dt_tjƒ}|jt||ƒdS(Nuscope1u/fakeureaduwriteuciccia( R R-R"RRRat assertRaisesRR.(RRRb((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_improperly_configured{s    cCsxdgt_|jjdƒ}tjƒ}|jt||ƒddgt_dt_tjƒ}|jt||ƒdS(Nuscope1u/fakeureaduwriteuciccia( R R-R"RRRaRjRR.(RRRb((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_properly_configuredˆs    cCsm|jdƒ}id|d6}|jjd|}|j|_tjƒ}||ƒ}|j|dƒdS(NureaduBearer uHTTP_AUTHORIZATIONu/fake-resourceu!This is a read protected resource(RiR"RR&RRRaR@(RR]R\RRbRC((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_has_read_scope•s   cCsp|jdƒ}id|d6}|jjd|}|j|_tjƒ}||ƒ}|j|jdƒdS(Nuscope1uBearer uHTTP_AUTHORIZATIONu/fake-resourcei“( RiR"RR&RRRaR@RK(RR]R\RRbRC((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_no_read_scope£s   cCsm|jdƒ}id|d6}|jjd|}|j|_tjƒ}||ƒ}|j|dƒdS(NuwriteuBearer uHTTP_AUTHORIZATIONu/fake-resourceu"This is a write protected resource(RiR"RR&RRRaR@(RR]R\RRbRC((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_has_write_scope±s   cCsp|jdƒ}id|d6}|jjd|}|j|_tjƒ}||ƒ}|j|jdƒdS(Nuscope1uBearer uHTTP_AUTHORIZATIONu/fake-resourcei“( RiR"RR&RRRaR@RK(RR]R\RRbRC((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyttest_no_write_scope¿s   ( RRRiRkRlRmRnRoRp(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyRg^s    ($t __future__RRWt django.testRRtdjango.core.exceptionsRtdjango.core.urlresolversRt test_utilsRtcompatRRRR tmodelsR R R tsettingsR tviewsRRR(R#RRRRR3RRR`Rg(((sC/tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/tests/test_scopes.pyts& "  7:ª