Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/tests/test_keycloak.py
| # Copyright (C) 2021 The Software Heritage developers | # Copyright (C) 2021 The Software Heritage developers | ||||
| # See the AUTHORS file at the top-level directory of this distribution | # See the AUTHORS file at the top-level directory of this distribution | ||||
| # License: GNU Affero General Public License version 3, or any later version | # License: GNU Affero General Public License version 3, or any later version | ||||
| # See top-level LICENSE file for more information | # See top-level LICENSE file for more information | ||||
| from copy import copy | from copy import copy | ||||
| import json | |||||
| import os | import os | ||||
| from urllib.parse import parse_qs, urlparse | from urllib.parse import parse_qs, urlparse | ||||
| from keycloak.exceptions import KeycloakError | from keycloak.exceptions import KeycloakError | ||||
| import pytest | import pytest | ||||
| import yaml | import yaml | ||||
| from swh.auth.keycloak import KeycloakOpenIDConnect | from swh.auth.keycloak import KeycloakOpenIDConnect, keycloak_error_message | ||||
| from swh.auth.tests.sample_data import CLIENT_ID, DECODED_TOKEN, OIDC_PROFILE, USER_INFO | from swh.auth.tests.sample_data import CLIENT_ID, DECODED_TOKEN, OIDC_PROFILE, USER_INFO | ||||
| from swh.core.config import read | from swh.core.config import read | ||||
| def test_keycloak_well_known(keycloak_mock): | def test_keycloak_well_known(keycloak_mock): | ||||
| well_known_result = keycloak_mock.well_known() | well_known_result = keycloak_mock.well_known() | ||||
| assert set(well_known_result.keys()) == { | assert set(well_known_result.keys()) == { | ||||
| "issuer", | "issuer", | ||||
| ▲ Show 20 Lines • Show All 124 Lines • ▼ Show 20 Lines | ): | ||||
| """ | """ | ||||
| client = KeycloakOpenIDConnect.from_configfile(client_id="foobar") | client = KeycloakOpenIDConnect.from_configfile(client_id="foobar") | ||||
| auth_config = read(auth_config_path) | auth_config = read(auth_config_path) | ||||
| assert client.server_url == auth_config["keycloak"]["server_url"] | assert client.server_url == auth_config["keycloak"]["server_url"] | ||||
| assert client.realm_name == auth_config["keycloak"]["realm_name"] | assert client.realm_name == auth_config["keycloak"]["realm_name"] | ||||
| assert client.client_id == "foobar" | assert client.client_id == "foobar" | ||||
| @pytest.mark.parametrize( | |||||
| "error_dict, expected_result", | |||||
| [ | |||||
| ({"error": "unknown_error"}, "unknown_error"), | |||||
| ( | |||||
| {"error": "invalid_grant", "error_description": "Invalid credentials"}, | |||||
| "invalid_grant: Invalid credentials", | |||||
| ), | |||||
| ], | |||||
| ) | |||||
| def test_auth_keycloak_error_message(error_dict, expected_result): | |||||
| """Conversion from KeycloakError to error message should work with detail or not""" | |||||
| error_message = json.dumps(error_dict).encode() | |||||
| exception = KeycloakError(error_message=error_message, response_code=401) | |||||
| actual_result = keycloak_error_message(exception) | |||||
| assert actual_result == expected_result | |||||