python/aiohttp-security
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update to 0.3.0

Browse Source
This commit is contained in:
Andrew Svetlov
2018-09-06 13:06:55 +03:00
parent 097f7ecc43
commit 9b1d08c661
23 changed files with 418 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/test_cookies_identity.py
View File

@@ -15,23 +15,23 @@ class Autz(AbstractAuthorizationPolicy):
pass
async def test_remember(loop, test_client):
async def test_remember(loop, aiohttp_client):
async def handler(request):
response = web.Response()
await remember(request, response, 'Andrew')
return response
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', handler)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert 200 == resp.status
assert 'Andrew' == resp.cookies['AIOHTTP_SECURITY'].value
async def test_identify(loop, test_client):
async def test_identify(loop, aiohttp_client):
async def create(request):
response = web.Response()
@@ -44,11 +44,11 @@ async def test_identify(loop, test_client):
assert 'Andrew' == user_id
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', check)
app.router.add_route('POST', '/', create)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/')
assert 200 == resp.status
await resp.release()
@@ -56,7 +56,7 @@ async def test_identify(loop, test_client):
assert 200 == resp.status
async def test_forget(loop, test_client):
async def test_forget(loop, aiohttp_client):
async def index(request):
return web.Response()
@@ -64,19 +64,19 @@ async def test_forget(loop, test_client):
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'Andrew')
return response
raise response
async def logout(request):
response = web.HTTPFound(location='/')
await forget(request, response)
return response
raise response
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', index)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/login')
assert 200 == resp.status
assert str(resp.url).endswith('/')

177
tests/test_dict_autz.py
View File

@@ -1,10 +1,12 @@
import enum
import pytest
from aiohttp import web
from aiohttp_security import setup as _setup
from aiohttp_security import (AbstractAuthorizationPolicy, authorized_userid,
forget, has_permission, is_anonymous,
login_required, permits, remember)
login_required, permits, remember,
check_authorized, check_permission)
from aiohttp_security.cookies_identity import CookiesIdentityPolicy
@@ -23,23 +25,23 @@ class Autz(AbstractAuthorizationPolicy):
return None
async def test_authorized_userid(loop, test_client):
async def test_authorized_userid(loop, aiohttp_client):
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
return response
raise response
async def check(request):
userid = await authorized_userid(request)
assert 'Andrew' == userid
return web.Response(text=userid)
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', check)
app.router.add_route('POST', '/login', login)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/login')
assert 200 == resp.status
@@ -47,23 +49,23 @@ async def test_authorized_userid(loop, test_client):
assert 'Andrew' == txt
async def test_authorized_userid_not_authorized(loop, test_client):
async def test_authorized_userid_not_authorized(loop, aiohttp_client):
async def check(request):
userid = await authorized_userid(request)
assert userid is None
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', check)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert 200 == resp.status
async def test_permits_enum_permission(loop, test_client):
async def test_permits_enum_permission(loop, aiohttp_client):
class Permission(enum.Enum):
READ = '101'
WRITE = '102'
@@ -86,7 +88,7 @@ async def test_permits_enum_permission(loop, test_client):
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
return response
raise response
async def check(request):
ret = await permits(request, Permission.READ)
@@ -97,16 +99,16 @@ async def test_permits_enum_permission(loop, test_client):
assert not ret
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', check)
app.router.add_route('POST', '/login', login)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/login')
assert 200 == resp.status
async def test_permits_unauthorized(loop, test_client):
async def test_permits_unauthorized(loop, aiohttp_client):
async def check(request):
ret = await permits(request, 'read')
@@ -117,38 +119,38 @@ async def test_permits_unauthorized(loop, test_client):
assert not ret
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', check)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert 200 == resp.status
async def test_is_anonymous(loop, test_client):
async def test_is_anonymous(loop, aiohttp_client):
async def index(request):
is_anon = await is_anonymous(request)
if is_anon:
return web.HTTPUnauthorized()
return web.HTTPOk()
raise web.HTTPUnauthorized()
return web.Response()
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
return response
raise response
async def logout(request):
response = web.HTTPFound(location='/')
await forget(request, response)
return response
raise response
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', index)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert web.HTTPUnauthorized.status_code == resp.status
@@ -161,27 +163,63 @@ async def test_is_anonymous(loop, test_client):
assert web.HTTPUnauthorized.status_code == resp.status
async def test_login_required(loop, test_client):
@login_required
async def test_login_required(loop, aiohttp_client):
with pytest.raises(DeprecationWarning):
@login_required
async def index(request):
return web.Response()
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
raise response
async def logout(request):
response = web.HTTPFound(location='/')
await forget(request, response)
raise response
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', index)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await aiohttp_client(app)
resp = await client.get('/')
assert web.HTTPUnauthorized.status_code == resp.status
await client.post('/login')
resp = await client.get('/')
assert web.HTTPOk.status_code == resp.status
await client.post('/logout')
resp = await client.get('/')
assert web.HTTPUnauthorized.status_code == resp.status
async def test_check_authorized(loop, aiohttp_client):
async def index(request):
return web.HTTPOk()
await check_authorized(request)
return web.Response()
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
return response
raise response
async def logout(request):
response = web.HTTPFound(location='/')
await forget(request, response)
return response
raise response
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', index)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert web.HTTPUnauthorized.status_code == resp.status
@@ -194,38 +232,97 @@ async def test_login_required(loop, test_client):
assert web.HTTPUnauthorized.status_code == resp.status
async def test_has_permission(loop, test_client):
async def test_has_permission(loop, aiohttp_client):
with pytest.warns(DeprecationWarning):
@has_permission('read')
async def index_read(request):
return web.Response()
@has_permission('write')
async def index_write(request):
return web.Response()
@has_permission('forbid')
async def index_forbid(request):
return web.Response()
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
return response
async def logout(request):
response = web.HTTPFound(location='/')
await forget(request, response)
raise response
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/permission/read', index_read)
app.router.add_route('GET', '/permission/write', index_write)
app.router.add_route('GET', '/permission/forbid', index_forbid)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await aiohttp_client(app)
resp = await client.get('/permission/read')
assert web.HTTPUnauthorized.status_code == resp.status
resp = await client.get('/permission/write')
assert web.HTTPUnauthorized.status_code == resp.status
resp = await client.get('/permission/forbid')
assert web.HTTPUnauthorized.status_code == resp.status
await client.post('/login')
resp = await client.get('/permission/read')
assert web.HTTPOk.status_code == resp.status
resp = await client.get('/permission/write')
assert web.HTTPOk.status_code == resp.status
resp = await client.get('/permission/forbid')
assert web.HTTPForbidden.status_code == resp.status
await client.post('/logout')
resp = await client.get('/permission/read')
assert web.HTTPUnauthorized.status_code == resp.status
resp = await client.get('/permission/write')
assert web.HTTPUnauthorized.status_code == resp.status
resp = await client.get('/permission/forbid')
assert web.HTTPUnauthorized.status_code == resp.status
async def test_check_permission(loop, aiohttp_client):
@has_permission('read')
async def index_read(request):
return web.HTTPOk()
await check_permission(request, 'read')
return web.Response()
@has_permission('write')
async def index_write(request):
return web.HTTPOk()
await check_permission(request, 'write')
return web.Response()
@has_permission('forbid')
async def index_forbid(request):
return web.HTTPOk()
await check_permission(request, 'forbid')
return web.Response()
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'UserID')
return response
raise response
async def logout(request):
response = web.HTTPFound(location='/')
await forget(request, response)
return response
raise response
app = web.Application(loop=loop)
app = web.Application()
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/permission/read', index_read)
app.router.add_route('GET', '/permission/write', index_write)
app.router.add_route('GET', '/permission/forbid', index_forbid)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/permission/read')
assert web.HTTPUnauthorized.status_code == resp.status

12
tests/test_jwt_identity.py
View File

@@ -35,7 +35,7 @@ async def test_no_pyjwt_installed(mocker):
JWTIdentityPolicy('secret')
async def test_identify(loop, make_token, test_client):
async def test_identify(loop, make_token, aiohttp_client):
kwt_secret_key = 'Key'
token = make_token({'login': 'Andrew'}, kwt_secret_key)
@@ -46,17 +46,17 @@ async def test_identify(loop, make_token, test_client):
assert 'Andrew' == identity['login']
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
_setup(app, JWTIdentityPolicy(kwt_secret_key), Autz())
app.router.add_route('GET', '/', check)
client = await test_client(app)
client = await aiohttp_client(app)
headers = {'Authorization': 'Bearer {}'.format(token.decode('utf-8'))}
resp = await client.get('/', headers=headers)
assert 200 == resp.status
async def test_identify_broken_scheme(loop, make_token, test_client):
async def test_identify_broken_scheme(loop, make_token, aiohttp_client):
kwt_secret_key = 'Key'
token = make_token({'login': 'Andrew'}, kwt_secret_key)
@@ -71,11 +71,11 @@ async def test_identify_broken_scheme(loop, make_token, test_client):
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
_setup(app, JWTIdentityPolicy(kwt_secret_key), Autz())
app.router.add_route('GET', '/', check)
client = await test_client(app)
client = await aiohttp_client(app)
headers = {'Authorization': 'Token {}'.format(token.decode('utf-8'))}
resp = await client.get('/', headers=headers)
assert 400 == resp.status

12
tests/test_no_auth.py
View File

@@ -2,21 +2,21 @@ from aiohttp import web
from aiohttp_security import authorized_userid, permits
async def test_authorized_userid(loop, test_client):
async def test_authorized_userid(loop, aiohttp_client):
async def check(request):
userid = await authorized_userid(request)
assert userid is None
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
app.router.add_route('GET', '/', check)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert 200 == resp.status
async def test_permits(loop, test_client):
async def test_permits(loop, aiohttp_client):
async def check(request):
ret = await permits(request, 'read')
@@ -27,8 +27,8 @@ async def test_permits(loop, test_client):
assert ret
return web.Response()
app = web.Application(loop=loop)
app = web.Application()
app.router.add_route('GET', '/', check)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert 200 == resp.status

12
tests/test_no_identity.py
View File

@@ -2,15 +2,15 @@ from aiohttp import web
from aiohttp_security import remember, forget
async def test_remember(loop, test_client):
async def test_remember(loop, aiohttp_client):
async def do_remember(request):
response = web.Response()
await remember(request, response, 'Andrew')
app = web.Application(loop=loop)
app = web.Application()
app.router.add_route('POST', '/', do_remember)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/')
assert 500 == resp.status
assert (('Security subsystem is not initialized, '
@@ -18,15 +18,15 @@ async def test_remember(loop, test_client):
resp.reason)
async def test_forget(loop, test_client):
async def test_forget(loop, aiohttp_client):
async def do_forget(request):
response = web.Response()
await forget(request, response)
app = web.Application(loop=loop)
app = web.Application()
app.router.add_route('POST', '/', do_forget)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/')
assert 500 == resp.status
assert (('Security subsystem is not initialized, '

24
tests/test_session_identity.py
View File

@@ -20,14 +20,14 @@ class Autz(AbstractAuthorizationPolicy):
@pytest.fixture
def make_app(loop):
app = web.Application(loop=loop)
def make_app():
app = web.Application()
setup_session(app, SimpleCookieStorage())
setup_security(app, SessionIdentityPolicy(), Autz())
return app
async def test_remember(make_app, test_client):
async def test_remember(make_app, aiohttp_client):
async def handler(request):
response = web.Response()
@@ -37,12 +37,12 @@ async def test_remember(make_app, test_client):
async def check(request):
session = await get_session(request)
assert session['AIOHTTP_SECURITY'] == 'Andrew'
return web.HTTPOk()
return web.Response()
app = make_app()
app.router.add_route('GET', '/', handler)
app.router.add_route('GET', '/check', check)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.get('/')
assert 200 == resp.status
@@ -50,7 +50,7 @@ async def test_remember(make_app, test_client):
assert 200 == resp.status
async def test_identify(make_app, test_client):
async def test_identify(make_app, aiohttp_client):
async def create(request):
response = web.Response()
@@ -66,7 +66,7 @@ async def test_identify(make_app, test_client):
app = make_app()
app.router.add_route('GET', '/', check)
app.router.add_route('POST', '/', create)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/')
assert 200 == resp.status
@@ -74,28 +74,28 @@ async def test_identify(make_app, test_client):
assert 200 == resp.status
async def test_forget(make_app, test_client):
async def test_forget(make_app, aiohttp_client):
async def index(request):
session = await get_session(request)
return web.HTTPOk(text=session.get('AIOHTTP_SECURITY', ''))
return web.Response(text=session.get('AIOHTTP_SECURITY', ''))
async def login(request):
response = web.HTTPFound(location='/')
await remember(request, response, 'Andrew')
return response
raise response
async def logout(request):
response = web.HTTPFound('/')
await forget(request, response)
return response
raise response
app = make_app()
app.router.add_route('GET', '/', index)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
client = await test_client(app)
client = await aiohttp_client(app)
resp = await client.post('/login')
assert 200 == resp.status