File: test_auth_flow_managers.py

package info (click to toggle)
python-globus-sdk 4.3.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 5,172 kB
  • sloc: python: 35,227; sh: 44; makefile: 35
file content (81 lines) | stat: -rw-r--r-- 2,371 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
import base64
import hashlib
import os
from unittest import mock

import pytest

import globus_sdk
from globus_sdk.scopes import TransferScopes
from globus_sdk.services.auth.flow_managers.authorization_code import (
    GlobusAuthorizationCodeFlowManager,
)
from globus_sdk.services.auth.flow_managers.native_app import _make_native_app_challenge


@pytest.mark.parametrize(
    "verifier",
    [
        "x" * 20,  # too short
        "x" * 200,  # too long
        ("x" * 40) + "/" + ("y" * 40),  # includes invalid characters
    ],
)
def test_invalid_native_app_challenge(verifier):
    with pytest.raises(globus_sdk.GlobusSDKUsageError):
        _make_native_app_challenge(verifier)


def test_simple_input_native_app_challenge():
    verifier = "x" * 80
    challenge = (
        base64.urlsafe_b64encode(hashlib.sha256(verifier.encode("utf-8")).digest())
        .rstrip(b"=")
        .decode("utf-8")
    )
    res_verifier, res_challenge = _make_native_app_challenge(verifier)
    assert res_verifier == verifier
    assert res_challenge == challenge


def test_random_native_app_challenge(monkeypatch):
    b64vals = []

    def mock_urandom(n: int):
        return b"xyz"

    def mock_b64encode(b: bytes):
        b64vals.append(b)
        return b"abc123"

    monkeypatch.setattr(os, "urandom", mock_urandom)
    monkeypatch.setattr(base64, "urlsafe_b64encode", mock_b64encode)

    verifier, challenge = _make_native_app_challenge()
    assert verifier == "abc123"
    assert challenge == "abc123"

    assert len(b64vals) == 2
    assert b64vals == [b"xyz", hashlib.sha256(b"abc123").digest()]


def test_get_authorize_url_for_authorization_code():
    mock_client = mock.Mock()
    mock_client.client_id = "MOCK_CLIENT_ID"
    mock_client.base_url = "https://auth.globus.org/"
    flow_manager = GlobusAuthorizationCodeFlowManager(
        mock_client,
        redirect_uri="https://foo.example.org/authenticate",
        requested_scopes=TransferScopes.all,
    )

    silly_string = "ANANAS_IS_PINEAPPLE_BUT_BANANE_IS_BANANA"

    authorize_url = flow_manager.get_authorize_url()
    assert authorize_url.startswith("https://auth.globus.org")
    assert silly_string not in authorize_url

    silly_authorize_url = flow_manager.get_authorize_url(
        query_params={"silly_string": silly_string}
    )
    assert silly_string in silly_authorize_url