(factory, server)
| 82 | |
| 83 | |
| 84 | def test_invalid_request(factory, server): |
| 85 | auth_header = create_basic_auth("client-id", "client-secret") |
| 86 | |
| 87 | # case 1 |
| 88 | request = factory.get( |
| 89 | "/oauth/token?grant_type=password", |
| 90 | HTTP_AUTHORIZATION=auth_header, |
| 91 | ) |
| 92 | resp = server.create_token_response(request) |
| 93 | assert resp.status_code == 400 |
| 94 | data = json.loads(resp.content) |
| 95 | assert data["error"] == "unsupported_grant_type" |
| 96 | |
| 97 | # case 2 |
| 98 | request = factory.post( |
| 99 | "/oauth/token", |
| 100 | data={"grant_type": "password"}, |
| 101 | HTTP_AUTHORIZATION=auth_header, |
| 102 | ) |
| 103 | resp = server.create_token_response(request) |
| 104 | assert resp.status_code == 400 |
| 105 | data = json.loads(resp.content) |
| 106 | assert data["error"] == "invalid_request" |
| 107 | |
| 108 | # case 3 |
| 109 | request = factory.post( |
| 110 | "/oauth/token", |
| 111 | data={"grant_type": "password", "username": "foo"}, |
| 112 | HTTP_AUTHORIZATION=auth_header, |
| 113 | ) |
| 114 | resp = server.create_token_response(request) |
| 115 | assert resp.status_code == 400 |
| 116 | data = json.loads(resp.content) |
| 117 | assert data["error"] == "invalid_request" |
| 118 | |
| 119 | # case 4 |
| 120 | request = factory.post( |
| 121 | "/oauth/token", |
| 122 | data={ |
| 123 | "grant_type": "password", |
| 124 | "username": "foo", |
| 125 | "password": "wrong", |
| 126 | }, |
| 127 | HTTP_AUTHORIZATION=auth_header, |
| 128 | ) |
| 129 | resp = server.create_token_response(request) |
| 130 | assert resp.status_code == 400 |
| 131 | data = json.loads(resp.content) |
| 132 | assert data["error"] == "invalid_request" |
| 133 | |
| 134 | |
| 135 | def test_unauthorized_client(factory, server, client): |
nothing calls this directly
no test coverage detected
searching dependent graphs…