Changeset View
Changeset View
Standalone View
Standalone View
swh/web/tests/auth/test_middlewares.py
# Copyright (C) 2020 The Software Heritage developers | # Copyright (C) 2020 The Software Heritage developers | ||||
# See the AUTHORS file at the top-level directory of this distribution | # See the AUTHORS file at the top-level directory of this distribution | ||||
# License: GNU Affero General Public License version 3, or any later version | # License: GNU Affero General Public License version 3, or any later version | ||||
# See top-level LICENSE file for more information | # See top-level LICENSE file for more information | ||||
from datetime import datetime | from datetime import datetime | ||||
import pytest | import pytest | ||||
from django.test import modify_settings | from django.test import modify_settings | ||||
from swh.web.common.utils import reverse | from swh.web.common.utils import reverse | ||||
from swh.web.tests.utils import check_html_get_response | |||||
from .keycloak_mock import mock_keycloak | from .keycloak_mock import mock_keycloak | ||||
@pytest.mark.django_db | @pytest.mark.django_db | ||||
@modify_settings( | @modify_settings( | ||||
MIDDLEWARE={"remove": ["swh.web.auth.middlewares.OIDCSessionRefreshMiddleware"]} | MIDDLEWARE={"remove": ["swh.web.auth.middlewares.OIDCSessionRefreshMiddleware"]} | ||||
) | ) | ||||
def test_oidc_session_refresh_middleware_disabled(client, mocker): | def test_oidc_session_refresh_middleware_disabled(client, mocker): | ||||
# authenticate but make session expires immediately | # authenticate but make session expires immediately | ||||
kc_oidc_mock = mock_keycloak(mocker, exp=int(datetime.now().timestamp())) | kc_oidc_mock = mock_keycloak(mocker, exp=int(datetime.now().timestamp())) | ||||
client.login(code="", code_verifier="", redirect_uri="") | client.login(code="", code_verifier="", redirect_uri="") | ||||
kc_oidc_mock.authorization_code.assert_called() | kc_oidc_mock.authorization_code.assert_called() | ||||
url = reverse("swh-web-homepage") | url = reverse("swh-web-homepage") | ||||
resp = client.get(url) | |||||
# no redirection for silent refresh | # no redirection for silent refresh | ||||
assert resp.status_code != 302 | check_html_get_response(client, url, status_code=200) | ||||
@pytest.mark.django_db | @pytest.mark.django_db | ||||
def test_oidc_session_refresh_middleware_enabled(client, mocker): | def test_oidc_session_refresh_middleware_enabled(client, mocker): | ||||
# authenticate but make session expires immediately | # authenticate but make session expires immediately | ||||
kc_oidc_mock = mock_keycloak(mocker, exp=int(datetime.now().timestamp())) | kc_oidc_mock = mock_keycloak(mocker, exp=int(datetime.now().timestamp())) | ||||
client.login(code="", code_verifier="", redirect_uri="") | client.login(code="", code_verifier="", redirect_uri="") | ||||
kc_oidc_mock.authorization_code.assert_called() | kc_oidc_mock.authorization_code.assert_called() | ||||
url = reverse("swh-web-homepage") | url = reverse("swh-web-homepage") | ||||
resp = client.get(url) | |||||
# should redirect for silent session refresh | # should redirect for silent session refresh | ||||
assert resp.status_code == 302 | resp = check_html_get_response(client, url, status_code=302) | ||||
silent_refresh_url = reverse( | silent_refresh_url = reverse( | ||||
"oidc-login", query_params={"next_path": url, "prompt": "none"} | "oidc-login", query_params={"next_path": url, "prompt": "none"} | ||||
) | ) | ||||
assert resp["location"] == silent_refresh_url | assert resp["location"] == silent_refresh_url |