vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #2695 from coreos-inc/oidc-internal-auth

Browse source 
OIDC internal auth support
This commit is contained in:
josephschorr 2017-10-02 16:51:17 -04:00 committed by GitHub
commit 3bef21253d
29 changed files with 341 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

38
data/users/test/test_oidc.py Normal file
View file

@ -0,0 +1,38 @@
import pytest
from httmock import HTTMock
from data import model
from data.users.oidc import OIDCInternalAuth
from oauth.test.test_oidc import *
from test.fixtures import *
@pytest.mark.parametrize('username, expect_success', [
('devtable', True),
('disabled', False)
])
def test_oidc_login(username, expect_success, app_config, id_token, jwks_handler,
discovery_handler, app):
internal_auth = OIDCInternalAuth(app_config, 'someoidc', False)
with HTTMock(jwks_handler, discovery_handler):
# Try an invalid token.
(user, err) = internal_auth.verify_credentials('someusername', 'invalidtoken')
assert err is not None
assert user is None
# Try a valid token for an unlinked user.
(user, err) = internal_auth.verify_credentials('someusername', id_token)
assert err is not None
assert user is None
# Link the user to the service.
model.user.attach_federated_login(model.user.get_user(username), 'someoidc', 'cooluser')
# Try a valid token for a linked user.
(user, err) = internal_auth.verify_credentials('someusername', id_token)
if expect_success:
assert err is None
assert user.username == username
else:
assert err is not None
assert user is None