diff options
| author | Pierre Dulac | 2013-03-02 20:16:18 +0100 |
|---|---|---|
| committer | Pierre Dulac | 2013-03-02 20:16:18 +0100 |
| commit | 8809c46ab5d2a09d5a956ccffcb2ae2db95c5c1b (patch) | |
| tree | 473fbf385c3bb0cc8e6112b06e1ff04e5b7f4e94 /rest_framework | |
| parent | 721dc519ecdb8435bdeed6aa67d99be6968c0972 (diff) | |
| download | django-rest-framework-8809c46ab5d2a09d5a956ccffcb2ae2db95c5c1b.tar.bz2 | |
Add new OAuth2 tests
Diffstat (limited to 'rest_framework')
| -rw-r--r-- | rest_framework/tests/authentication.py | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/rest_framework/tests/authentication.py b/rest_framework/tests/authentication.py index 0401ddd9..9d67a005 100644 --- a/rest_framework/tests/authentication.py +++ b/rest_framework/tests/authentication.py @@ -274,6 +274,36 @@ class OAuth2Tests(TestCase): return {'client_id': self.CLIENT_ID, 'client_secret': self.CLIENT_SECRET} @unittest.skipUnless(oauth2_provider, 'django-oauth2-provider not installed') + def test_get_form_with_wrong_authorization_header_token_type_failing(self): + """Ensure that a wrong token type lead to the correct HTTP error status code""" + auth = "Wrong token-type-obsviously" + response = self.csrf_client.get('/oauth2-test/', {}, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 401) + params = self._client_credentials_params() + response = self.csrf_client.get('/oauth2-test/', params, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 401) + + @unittest.skipUnless(oauth2_provider, 'django-oauth2-provider not installed') + def test_get_form_with_wrong_authorization_header_token_format_failing(self): + """Ensure that a wrong token format lead to the correct HTTP error status code""" + auth = "Bearer wrong token format" + response = self.csrf_client.get('/oauth2-test/', {}, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 401) + params = self._client_credentials_params() + response = self.csrf_client.get('/oauth2-test/', params, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 401) + + @unittest.skipUnless(oauth2_provider, 'django-oauth2-provider not installed') + def test_get_form_with_wrong_authorization_header_token_failing(self): + """Ensure that a wrong token lead to the correct HTTP error status code""" + auth = "Bearer wrong-token" + response = self.csrf_client.get('/oauth2-test/', {}, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 401) + params = self._client_credentials_params() + response = self.csrf_client.get('/oauth2-test/', params, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 401) + + @unittest.skipUnless(oauth2_provider, 'django-oauth2-provider not installed') def test_get_form_with_wrong_client_data_failing_auth(self): """Ensure GETing form over OAuth with incorrect client credentials fails""" auth = self._create_authorization_header() |