Extract credential handling into its own module

Will be used in Docker V1 and APPR protocols
2017-10-27 14:05:53 -04:00 · 2017-10-27 14:05:53 -04:00 · 6f3d9a6fce
commit 6f3d9a6fce
parent 4a5626e64b
5 changed files with 94 additions and 49 deletions
--- a/auth/test/test_basic.py
+++ b/auth/test/test_basic.py
@ -2,7 +2,8 @@ import pytest

 from base64 import b64encode

-from auth.basic import validate_basic_auth, ACCESS_TOKEN_USERNAME, OAUTH_TOKEN_USERNAME
+from auth.basic import validate_basic_auth
+from auth.credentials import ACCESS_TOKEN_USERNAME, OAUTH_TOKEN_USERNAME
 from auth.validateresult import AuthKind, ValidateResult
 from data import model

@ -23,7 +24,7 @@ def _token(username, password):
  (_token(ACCESS_TOKEN_USERNAME, 'invalid'), ValidateResult(AuthKind.basic,
                                                            error_message='Invalid access token')),
  (_token(OAUTH_TOKEN_USERNAME, 'invalid'),
-   ValidateResult(AuthKind.oauth, error_message='OAuth access token could not be validated')),
+   ValidateResult(AuthKind.basic, error_message='OAuth access token could not be validated')),
  (_token('devtable', 'invalid'), ValidateResult(AuthKind.basic,
                                                 error_message='Invalid Username or Password')),
  (_token('devtable+somebot', 'invalid'), ValidateResult(
@ -62,4 +63,4 @@ def test_valid_oauth(app):
  oauth_token = list(model.oauth.list_access_tokens_for_user(user))[0]
  token = _token(OAUTH_TOKEN_USERNAME, oauth_token.access_token)
  result = validate_basic_auth(token)
-  assert result == ValidateResult(AuthKind.oauth, oauthtoken=oauth_token)
+  assert result == ValidateResult(AuthKind.basic, oauthtoken=oauth_token)
--- a/auth/test/test_credentials.py
+++ b/auth/test/test_credentials.py
@ -0,0 +1,30 @@
+from auth.credentials import ACCESS_TOKEN_USERNAME, OAUTH_TOKEN_USERNAME, validate_credentials
+from auth.validateresult import AuthKind, ValidateResult
+from data import model
+
+from test.fixtures import *
+
+def test_valid_user(app):
+  result = validate_credentials('devtable', 'password')
+  assert result == ValidateResult(AuthKind.credentials, user=model.user.get_user('devtable'))
+
+def test_valid_robot(app):
+  robot, password = model.user.create_robot('somerobot', model.user.get_user('devtable'))
+  result = validate_credentials(robot.username, password)
+  assert result == ValidateResult(AuthKind.credentials, robot=robot)
+
+def test_valid_token(app):
+  access_token = model.token.create_delegate_token('devtable', 'simple', 'sometoken')
+  result = validate_credentials(ACCESS_TOKEN_USERNAME, access_token.code)
+  assert result == ValidateResult(AuthKind.credentials, token=access_token)
+
+def test_valid_oauth(app):
+  user = model.user.get_user('devtable')
+  oauth_token = list(model.oauth.list_access_tokens_for_user(user))[0]
+  result = validate_credentials(OAUTH_TOKEN_USERNAME, oauth_token.access_token)
+  assert result == ValidateResult(AuthKind.oauth, oauthtoken=oauth_token)
+
+def test_invalid_user(app):
+  result = validate_credentials('devtable', 'somepassword')
+  assert result == ValidateResult(AuthKind.credentials,
+                                  error_message='Invalid Username or Password')