Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
602 Commits
15 Branches
98 Tags
17 MiB
Tree: 65a4af1550
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '65a4af1550'
${ noResults }
python-keycloak/tests/test_keycloak_openid.py

137 lines
4.8 KiB
Raw Normal View History

test: added auth_url and token tests, more structure to fixtures
2 years ago
test: test of init and well_known of oid
2 years ago
style: applied isort
2 years ago
test: test of init and well_known of oid
2 years ago
test: added auth_url and token tests, more structure to fixtures
2 years ago
test: test of init and well_known of oid
2 years ago
test: added auth_url and token tests, more structure to fixtures
2 years ago
test: test of init and well_known of oid
2 years ago
test: added auth_url and token tests, more structure to fixtures
2 years ago
  1. """Test module for KeycloakOpenID."""
  2. from unittest import mock
  4. from keycloak.authorization import Authorization
  5. from keycloak.connection import ConnectionManager
  6. from keycloak.keycloak_openid import KeycloakOpenID
  9. def test_keycloak_openid_init(env):
  10. """Test KeycloakOpenId's init method."""
  11. oid = KeycloakOpenID(
  12. server_url=f"http://{env.KEYCLOAK_HOST}:{env.KEYCLOAK_PORT}",
  13. realm_name="master",
  14. client_id="admin-cli",
  15. )
  17. assert oid.client_id == "admin-cli"
  18. assert oid.client_secret_key is None
  19. assert oid.realm_name == "master"
  20. assert isinstance(oid.connection, ConnectionManager)
  21. assert isinstance(oid.authorization, Authorization)
  24. def test_well_known(oid: KeycloakOpenID):
  25. """Test the well_known method."""
  26. res = oid.well_known()
  27. assert res is not None
  28. assert res != dict()
  29. for key in [
  30. "acr_values_supported",
  31. "authorization_encryption_alg_values_supported",
  32. "authorization_encryption_enc_values_supported",
  33. "authorization_endpoint",
  34. "authorization_signing_alg_values_supported",
  35. "backchannel_authentication_endpoint",
  36. "backchannel_authentication_request_signing_alg_values_supported",
  37. "backchannel_logout_session_supported",
  38. "backchannel_logout_supported",
  39. "backchannel_token_delivery_modes_supported",
  40. "check_session_iframe",
  41. "claim_types_supported",
  42. "claims_parameter_supported",
  43. "claims_supported",
  44. "code_challenge_methods_supported",
  45. "device_authorization_endpoint",
  46. "end_session_endpoint",
  47. "frontchannel_logout_session_supported",
  48. "frontchannel_logout_supported",
  49. "grant_types_supported",
  50. "id_token_encryption_alg_values_supported",
  51. "id_token_encryption_enc_values_supported",
  52. "id_token_signing_alg_values_supported",
  53. "introspection_endpoint",
  54. "introspection_endpoint_auth_methods_supported",
  55. "introspection_endpoint_auth_signing_alg_values_supported",
  56. "issuer",
  57. "jwks_uri",
  58. "mtls_endpoint_aliases",
  59. "pushed_authorization_request_endpoint",
  60. "registration_endpoint",
  61. "request_object_encryption_alg_values_supported",
  62. "request_object_encryption_enc_values_supported",
  63. "request_object_signing_alg_values_supported",
  64. "request_parameter_supported",
  65. "request_uri_parameter_supported",
  66. "require_pushed_authorization_requests",
  67. "require_request_uri_registration",
  68. "response_modes_supported",
  69. "response_types_supported",
  70. "revocation_endpoint",
  71. "revocation_endpoint_auth_methods_supported",
  72. "revocation_endpoint_auth_signing_alg_values_supported",
  73. "scopes_supported",
  74. "subject_types_supported",
  75. "tls_client_certificate_bound_access_tokens",
  76. "token_endpoint",
  77. "token_endpoint_auth_methods_supported",
  78. "token_endpoint_auth_signing_alg_values_supported",
  79. "userinfo_encryption_alg_values_supported",
  80. "userinfo_encryption_enc_values_supported",
  81. "userinfo_endpoint",
  82. "userinfo_signing_alg_values_supported",
  83. ]:
  84. assert key in res
  87. def test_auth_url(env, oid: KeycloakOpenID):
  88. """Test the auth_url method."""
  89. res = oid.auth_url(redirect_uri="http://test.test/*")
  90. assert (
  91. res
  92. == f"http://{env.KEYCLOAK_HOST}:{env.KEYCLOAK_PORT}/realms/{oid.realm_name}"
  93. + f"/protocol/openid-connect/auth?client_id={oid.client_id}&response_type=code"
  94. + "&redirect_uri=http://test.test/*"
  95. )
  98. def test_token(oid_with_credentials: tuple[KeycloakOpenID, str, str]):
  99. """Test the token method."""
  100. oid, username, password = oid_with_credentials
  101. token = oid.token(username=username, password=password)
  102. assert token == {
  103. "access_token": mock.ANY,
  104. "expires_in": 300,
  105. "not-before-policy": 0,
  106. "refresh_expires_in": 1800,
  107. "refresh_token": mock.ANY,
  108. "scope": "profile email",
  109. "session_state": mock.ANY,
  110. "token_type": "Bearer",
  111. }
  113. # Test with dummy totp
  114. token = oid.token(username=username, password=password, totp="123456")
  115. assert token == {
  116. "access_token": mock.ANY,
  117. "expires_in": 300,
  118. "not-before-policy": 0,
  119. "refresh_expires_in": 1800,
  120. "refresh_token": mock.ANY,
  121. "scope": "profile email",
  122. "session_state": mock.ANY,
  123. "token_type": "Bearer",
  124. }
  126. # Test with extra param
  127. token = oid.token(username=username, password=password, extra_param="foo")
  128. assert token == {
  129. "access_token": mock.ANY,
  130. "expires_in": 300,
  131. "not-before-policy": 0,
  132. "refresh_expires_in": 1800,
  133. "refresh_token": mock.ANY,
  134. "scope": "profile email",
  135. "session_state": mock.ANY,
  136. "token_type": "Bearer",
  137. }