Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/tests/django/test_drf_bearer_token_auth.py
Show First 20 Lines • Show All 123 Lines • ▼ Show 20 Lines | |||||
def test_drf_oidc_bearer_token_expired_token(keycloak_oidc, api_client): | def test_drf_oidc_bearer_token_expired_token(keycloak_oidc, api_client): | ||||
url = reverse("api-test") | url = reverse("api-test") | ||||
oidc_profile = keycloak_oidc.login() | oidc_profile = keycloak_oidc.login() | ||||
refresh_token = oidc_profile["refresh_token"] | refresh_token = oidc_profile["refresh_token"] | ||||
api_client.credentials(HTTP_AUTHORIZATION=f"Bearer {refresh_token}") | api_client.credentials(HTTP_AUTHORIZATION=f"Bearer {refresh_token}") | ||||
for kc_err_msg in ("Offline session not active", "Offline user session not found"): | |||||
kc_error_dict = { | kc_error_dict = { | ||||
"error": "invalid_grant", | "error": "invalid_grant", | ||||
"error_description": "Offline user session not found", | "error_description": kc_err_msg, | ||||
} | } | ||||
keycloak_oidc.refresh_token.side_effect = KeycloakError( | keycloak_oidc.refresh_token.side_effect = KeycloakError( | ||||
error_message=json.dumps(kc_error_dict).encode(), response_code=400 | error_message=json.dumps(kc_error_dict).encode(), response_code=400 | ||||
) | ) | ||||
response = api_client.get(url) | response = api_client.get(url) | ||||
expected_error_msg = ( | expected_error_msg = ( | ||||
"Bearer token expired after a long period of inactivity; " | "Bearer token expired after a long period of inactivity; " | ||||
"please generate a new one." | "please generate a new one." | ||||
) | ) | ||||
assert response.status_code == 403 | assert response.status_code == 403 | ||||
assert expected_error_msg in json.dumps(response.data) | assert expected_error_msg in json.dumps(response.data) | ||||
request = response.wsgi_request | request = response.wsgi_request | ||||
assert isinstance(request.user, AnonymousUser) | assert isinstance(request.user, AnonymousUser) |