MCPcopy
hub / github.com/authlib/authlib / test_invalid_request

Function test_invalid_request

tests/django/test_oauth2/test_password_grant.py:84–132  ·  view source on GitHub ↗
(factory, server)

Source from the content-addressed store, hash-verified

82
83
84def test_invalid_request(factory, server):
85 auth_header = create_basic_auth("client-id", "client-secret")
86
87 # case 1
88 request = factory.get(
89 "/oauth/token?grant_type=password",
90 HTTP_AUTHORIZATION=auth_header,
91 )
92 resp = server.create_token_response(request)
93 assert resp.status_code == 400
94 data = json.loads(resp.content)
95 assert data["error"] == "unsupported_grant_type"
96
97 # case 2
98 request = factory.post(
99 "/oauth/token",
100 data={"grant_type": "password"},
101 HTTP_AUTHORIZATION=auth_header,
102 )
103 resp = server.create_token_response(request)
104 assert resp.status_code == 400
105 data = json.loads(resp.content)
106 assert data["error"] == "invalid_request"
107
108 # case 3
109 request = factory.post(
110 "/oauth/token",
111 data={"grant_type": "password", "username": "foo"},
112 HTTP_AUTHORIZATION=auth_header,
113 )
114 resp = server.create_token_response(request)
115 assert resp.status_code == 400
116 data = json.loads(resp.content)
117 assert data["error"] == "invalid_request"
118
119 # case 4
120 request = factory.post(
121 "/oauth/token",
122 data={
123 "grant_type": "password",
124 "username": "foo",
125 "password": "wrong",
126 },
127 HTTP_AUTHORIZATION=auth_header,
128 )
129 resp = server.create_token_response(request)
130 assert resp.status_code == 400
131 data = json.loads(resp.content)
132 assert data["error"] == "invalid_request"
133
134
135def test_unauthorized_client(factory, server, client):

Callers

nothing calls this directly

Calls 4

create_basic_authFunction · 0.85
postMethod · 0.80
getMethod · 0.45
create_token_responseMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…