Fakultas Ilmu Komputer UI

Verified Commit 4a3d0580 authored by Giovan Isa Musthofa's avatar Giovan Isa Musthofa
Browse files

[CHORES] Add tests for OAuthAccessTokenView

parent 1a7a7d89
Pipeline #38547 passed with stages
in 3 minutes and 23 seconds
from unittest.mock import patch
from django.conf import settings
from django.core import mail
from rest_framework import status
......@@ -164,7 +165,7 @@ class AccessTokenAPITestCase(APITestCase):
self.assertNotIn('password', response.data)
class UserProfileView(APITestCase):
class UserProfileViewTestCase(APITestCase):
def setUp(self):
self.user = UserFactory()
......@@ -201,3 +202,28 @@ class UserProfileView(APITestCase):
response = self.client.put('/user/profile/', data=data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertNotEqual(response.data['email'], data['email'])
class OAuthAccessTokenViewTestCase(APITestCase):
def setUp(self):
from authlib.jose import jwt
self.keys = ('somebody_else_key', 'totally_secret_key')
self.token = jwt.encode(
{
'alg': 'HS256',
},
{
'email': 'totallyfakedonald@gmail.com',
'name': 'Donald The Duck',
},
self.keys[1]).decode('utf-8')
def test_get_access_token(self):
with patch('main.views.OAuthAccessTokenView.get_keys') as fake_keys:
fake_keys.return_value = self.keys
response = self.client.post('/auth/access/oauth/',
data={'tokenId': self.token})
self.assertEqual(response.status_code, status.HTTP_200_OK)
......@@ -133,12 +133,20 @@ class OAuthAccessTokenView(views.APIView):
def post(self, request):
from .models import User
from rest_framework.exceptions import ValidationError
from rest_framework_authlib.tokens import AccessToken
token = request.data['tokenId']
try:
token = request.data['tokenId']
except KeyError:
raise ValidationError('No tokenId', code='no_token_id')
userinfo = self.verify_id_token(token)
try:
user = User.objects.get(email=userinfo['email'])
except KeyError:
raise ValidationError('Bad tokenId', code='bad_token_id')
except User.DoesNotExist:
user = User.objects.create_user(
userinfo['email'], '', first_name=userinfo['name'],
......@@ -151,12 +159,10 @@ class OAuthAccessTokenView(views.APIView):
return Response(data)
def verify_id_token(self, token):
import requests
from authlib.jose import jwk, jwt
from authlib.jose import jwt
from authlib.jose.errors import JoseError
data = requests.get('https://www.googleapis.com/oauth2/v3/certs').json()
keys = [jwk.loads(key) for key in data['keys']]
keys = self.get_keys()
userinfo = None
for key in keys:
......@@ -171,6 +177,14 @@ class OAuthAccessTokenView(views.APIView):
return userinfo
def get_keys(self):
import requests
from authlib.jose import jwk
data = requests.get('https://www.googleapis.com/oauth2/v3/certs').json()
return [jwk.loads(key) for key in data['keys']]
class UserProfileView(generics.RetrieveUpdateAPIView):
serializer_class = serializers.UserProfileSerializer
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment