Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/tests/test_keycloak.py
# Copyright (C) 2021 The Software Heritage developers | # Copyright (C) 2021 The Software Heritage developers | ||||
# See the AUTHORS file at the top-level directory of this distribution | # See the AUTHORS file at the top-level directory of this distribution | ||||
# License: GNU Affero General Public License version 3, or any later version | # License: GNU Affero General Public License version 3, or any later version | ||||
# See top-level LICENSE file for more information | # See top-level LICENSE file for more information | ||||
from copy import copy | from copy import copy | ||||
import json | |||||
import os | import os | ||||
from urllib.parse import parse_qs, urlparse | from urllib.parse import parse_qs, urlparse | ||||
from keycloak.exceptions import KeycloakError | from keycloak.exceptions import KeycloakError | ||||
import pytest | import pytest | ||||
import yaml | import yaml | ||||
from swh.auth.keycloak import KeycloakOpenIDConnect | from swh.auth.keycloak import KeycloakOpenIDConnect, keycloak_error_message | ||||
from swh.auth.tests.sample_data import CLIENT_ID, DECODED_TOKEN, OIDC_PROFILE, USER_INFO | from swh.auth.tests.sample_data import CLIENT_ID, DECODED_TOKEN, OIDC_PROFILE, USER_INFO | ||||
from swh.core.config import read | from swh.core.config import read | ||||
def test_keycloak_well_known(keycloak_mock): | def test_keycloak_well_known(keycloak_mock): | ||||
well_known_result = keycloak_mock.well_known() | well_known_result = keycloak_mock.well_known() | ||||
assert set(well_known_result.keys()) == { | assert set(well_known_result.keys()) == { | ||||
"issuer", | "issuer", | ||||
▲ Show 20 Lines • Show All 124 Lines • ▼ Show 20 Lines | ): | ||||
""" | """ | ||||
client = KeycloakOpenIDConnect.from_configfile(client_id="foobar") | client = KeycloakOpenIDConnect.from_configfile(client_id="foobar") | ||||
auth_config = read(auth_config_path) | auth_config = read(auth_config_path) | ||||
assert client.server_url == auth_config["keycloak"]["server_url"] | assert client.server_url == auth_config["keycloak"]["server_url"] | ||||
assert client.realm_name == auth_config["keycloak"]["realm_name"] | assert client.realm_name == auth_config["keycloak"]["realm_name"] | ||||
assert client.client_id == "foobar" | assert client.client_id == "foobar" | ||||
@pytest.mark.parametrize( | |||||
"error_dict, expected_result", | |||||
[ | |||||
({"error": "unknown_error"}, "unknown_error"), | |||||
( | |||||
{"error": "invalid_grant", "error_description": "Invalid credentials"}, | |||||
"invalid_grant: Invalid credentials", | |||||
), | |||||
], | |||||
) | |||||
def test_auth_keycloak_error_message(error_dict, expected_result): | |||||
"""Conversion from KeycloakError to error message should work with detail or not""" | |||||
error_message = json.dumps(error_dict).encode() | |||||
exception = KeycloakError(error_message=error_message, response_code=401) | |||||
actual_result = keycloak_error_message(exception) | |||||
assert actual_result == expected_result |