trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

fix tests

Browse source
This commit is contained in:
Stanislav Dimov 2024-01-16 01:39:08 +00:00
parent 51b229387b
commit 5eb25240c3
No known key found for this signature in database
GPG key ID: 52C3CE2B376F25D2
10 changed files with 129 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
authentik/providers/oauth2/tests/test_authorize.py
View file

@ -260,13 +260,15 @@ class TestAuthorize(OAuthTestCase):
redirect_uris="foo://localhost", redirect_uris="foo://localhost",
access_code_validity="seconds=100", access_code_validity="seconds=100",
) )
Application.objects.create(name="app", slug="app", provider=provider) app = Application.objects.create(name="app", slug="app", provider=provider)
state = generate_id() state = generate_id()
user = create_test_admin_user() user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(
reverse("authentik_providers_oauth2:authorize"), reverse(
"authentik_providers_oauth2:authorize",
kwargs={"application_slug": app.slug}),
data={ data={
"response_type": "code", "response_type": "code",
"client_id": "test", "client_id": "test",
@ -302,7 +304,7 @@ class TestAuthorize(OAuthTestCase):
redirect_uris="http://localhost", redirect_uris="http://localhost",
signing_key=self.keypair, signing_key=self.keypair,
) )
Application.objects.create(name="app", slug="app", provider=provider) app = Application.objects.create(name="app", slug="app", provider=provider)
state = generate_id() state = generate_id()
user = create_test_admin_user() user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
@ -318,7 +320,9 @@ class TestAuthorize(OAuthTestCase):
): ):
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(
reverse("authentik_providers_oauth2:authorize"), reverse(
"authentik_providers_oauth2:authorize",
kwargs={"application_slug": app.slug}),
data={ data={
"response_type": "id_token", "response_type": "id_token",
"client_id": "test", "client_id": "test",
@ -364,7 +368,7 @@ class TestAuthorize(OAuthTestCase):
redirect_uris="http://localhost", redirect_uris="http://localhost",
signing_key=self.keypair, signing_key=self.keypair,
) )
Application.objects.create(name="app", slug="app", provider=provider) app = Application.objects.create(name="app", slug="app", provider=provider)
state = generate_id() state = generate_id()
user = create_test_admin_user() user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
@ -380,7 +384,9 @@ class TestAuthorize(OAuthTestCase):
): ):
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(
reverse("authentik_providers_oauth2:authorize"), reverse(
"authentik_providers_oauth2:authorize",
kwargs={"application_slug": app.slug}),
data={ data={
"response_type": "code", "response_type": "code",
"response_mode": "fragment", "response_mode": "fragment",
@ -425,7 +431,9 @@ class TestAuthorize(OAuthTestCase):
self.client.force_login(user) self.client.force_login(user)
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(
reverse("authentik_providers_oauth2:authorize"), reverse(
"authentik_providers_oauth2:authorize",
kwargs={"application_slug": app.slug}),
data={ data={
"response_type": "id_token", "response_type": "id_token",
"response_mode": "form_post", "response_mode": "form_post",
@ -474,7 +482,9 @@ class TestAuthorize(OAuthTestCase):
self.client.force_login(user) self.client.force_login(user)
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(
reverse("authentik_providers_oauth2:authorize"), reverse(
"authentik_providers_oauth2:authorize",
kwargs={"application_slug": app.slug}),
data={ data={
"response_type": "code", "response_type": "code",
"response_mode": "form_post", "response_mode": "form_post",

16
authentik/providers/oauth2/tests/test_device_backchannel.py
View file

@ -28,21 +28,27 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase):
def test_backchannel_invalid(self): def test_backchannel_invalid(self):
"""Test backchannel""" """Test backchannel"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:device"), reverse(
"authentik_providers_oauth2:device",
kwargs={"application_slug": self.application.slug}),
data={ data={
"client_id": "foo", "client_id": "foo",
}, },
) )
self.assertEqual(res.status_code, 400) self.assertEqual(res.status_code, 400)
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:device"), reverse(
"authentik_providers_oauth2:device",
kwargs={"application_slug": self.application.slug}),
) )
self.assertEqual(res.status_code, 400) self.assertEqual(res.status_code, 400)
# test without application # test without application
self.application.provider = None self.application.provider = None
self.application.save() self.application.save()
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:device"), reverse(
"authentik_providers_oauth2:device",
kwargs={"application_slug": self.application.slug}),
data={ data={
"client_id": "test", "client_id": "test",
}, },
@ -52,7 +58,9 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase):
def test_backchannel(self): def test_backchannel(self):
"""Test backchannel""" """Test backchannel"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:device"), reverse(
"authentik_providers_oauth2:device",
kwargs={"application_slug": self.application.slug}),
data={ data={
"client_id": self.provider.client_id, "client_id": self.provider.client_id,
}, },

16
authentik/providers/oauth2/tests/test_introspect.py
View file

@ -49,7 +49,9 @@ class TesOAuth2Introspection(OAuthTestCase):
), ),
) )
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-introspection"), reverse(
"authentik_providers_oauth2:token-introspection",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Basic {self.auth}", HTTP_AUTHORIZATION=f"Basic {self.auth}",
data={"token": token.token}, data={"token": token.token},
) )
@ -81,7 +83,9 @@ class TesOAuth2Introspection(OAuthTestCase):
), ),
) )
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-introspection"), reverse(
"authentik_providers_oauth2:token-introspection",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Basic {self.auth}", HTTP_AUTHORIZATION=f"Basic {self.auth}",
data={"token": token.token}, data={"token": token.token},
) )
@ -101,7 +105,9 @@ class TesOAuth2Introspection(OAuthTestCase):
def test_introspect_invalid_token(self): def test_introspect_invalid_token(self):
"""Test introspect (invalid token)""" """Test introspect (invalid token)"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-introspection"), reverse(
"authentik_providers_oauth2:token-introspection",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Basic {self.auth}", HTTP_AUTHORIZATION=f"Basic {self.auth}",
data={"token": generate_id(), "token_type_hint": "refresh_token"}, data={"token": generate_id(), "token_type_hint": "refresh_token"},
) )
@ -116,7 +122,9 @@ class TesOAuth2Introspection(OAuthTestCase):
def test_introspect_invalid_auth(self): def test_introspect_invalid_auth(self):
"""Test introspect (invalid auth)""" """Test introspect (invalid auth)"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-introspection"), reverse(
"authentik_providers_oauth2:token-introspection",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION="Basic qwerqrwe", HTTP_AUTHORIZATION="Basic qwerqrwe",
data={"token": generate_id(), "token_type_hint": "refresh_token"}, data={"token": generate_id(), "token_type_hint": "refresh_token"},
) )

16
authentik/providers/oauth2/tests/test_revoke.py
View file

@ -48,7 +48,9 @@ class TesOAuth2Revoke(OAuthTestCase):
), ),
) )
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-revoke"), reverse(
"authentik_providers_oauth2:token-revoke",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Basic {self.auth}", HTTP_AUTHORIZATION=f"Basic {self.auth}",
data={ data={
"token": token.token, "token": token.token,
@ -71,7 +73,9 @@ class TesOAuth2Revoke(OAuthTestCase):
), ),
) )
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-revoke"), reverse(
"authentik_providers_oauth2:token-revoke",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Basic {self.auth}", HTTP_AUTHORIZATION=f"Basic {self.auth}",
data={ data={
"token": token.token, "token": token.token,
@ -82,7 +86,9 @@ class TesOAuth2Revoke(OAuthTestCase):
def test_revoke_invalid(self): def test_revoke_invalid(self):
"""Test revoke (invalid token)""" """Test revoke (invalid token)"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-revoke"), reverse(
"authentik_providers_oauth2:token-revoke",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Basic {self.auth}", HTTP_AUTHORIZATION=f"Basic {self.auth}",
data={ data={
"token": generate_id(), "token": generate_id(),
@ -93,7 +99,9 @@ class TesOAuth2Revoke(OAuthTestCase):
def test_revoke_invalid_auth(self): def test_revoke_invalid_auth(self):
"""Test revoke (invalid auth)""" """Test revoke (invalid auth)"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token-revoke"), reverse(
"authentik_providers_oauth2:token-revoke",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION="Basic fqewr", HTTP_AUTHORIZATION="Basic fqewr",
data={ data={
"token": generate_id(), "token": generate_id(),

24
authentik/providers/oauth2/tests/test_token.py
View file

@ -127,7 +127,9 @@ class TestToken(OAuthTestCase):
code="foobar", provider=provider, user=user, auth_time=timezone.now() code="foobar", provider=provider, user=user, auth_time=timezone.now()
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"grant_type": GRANT_TYPE_AUTHORIZATION_CODE, "grant_type": GRANT_TYPE_AUTHORIZATION_CODE,
"code": code.code, "code": code.code,
@ -172,7 +174,9 @@ class TestToken(OAuthTestCase):
auth_time=timezone.now(), auth_time=timezone.now(),
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"grant_type": GRANT_TYPE_REFRESH_TOKEN, "grant_type": GRANT_TYPE_REFRESH_TOKEN,
"refresh_token": token.token, "refresh_token": token.token,
@ -219,7 +223,9 @@ class TestToken(OAuthTestCase):
auth_time=timezone.now(), auth_time=timezone.now(),
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"grant_type": GRANT_TYPE_REFRESH_TOKEN, "grant_type": GRANT_TYPE_REFRESH_TOKEN,
"refresh_token": token.token, "refresh_token": token.token,
@ -269,7 +275,9 @@ class TestToken(OAuthTestCase):
) )
# Create initial refresh token # Create initial refresh token
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"grant_type": GRANT_TYPE_REFRESH_TOKEN, "grant_type": GRANT_TYPE_REFRESH_TOKEN,
"refresh_token": token.token, "refresh_token": token.token,
@ -283,7 +291,9 @@ class TestToken(OAuthTestCase):
# Post again with initial token -> get new refresh token # Post again with initial token -> get new refresh token
# and revoke old one # and revoke old one
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"grant_type": GRANT_TYPE_REFRESH_TOKEN, "grant_type": GRANT_TYPE_REFRESH_TOKEN,
"refresh_token": new_token.token, "refresh_token": new_token.token,
@ -294,7 +304,9 @@ class TestToken(OAuthTestCase):
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
# Post again with old token, is now revoked and should error # Post again with old token, is now revoked and should error
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"grant_type": GRANT_TYPE_REFRESH_TOKEN, "grant_type": GRANT_TYPE_REFRESH_TOKEN,
"refresh_token": new_token.token, "refresh_token": new_token.token,

24
authentik/providers/oauth2/tests/test_token_cc.py
View file

@ -50,7 +50,9 @@ class TestTokenClientCredentials(OAuthTestCase):
def test_wrong_user(self): def test_wrong_user(self):
"""test invalid username""" """test invalid username"""
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": SCOPE_OPENID, "scope": SCOPE_OPENID,
@ -68,7 +70,9 @@ class TestTokenClientCredentials(OAuthTestCase):
def test_wrong_token(self): def test_wrong_token(self):
"""test invalid token""" """test invalid token"""
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": SCOPE_OPENID, "scope": SCOPE_OPENID,
@ -88,7 +92,9 @@ class TestTokenClientCredentials(OAuthTestCase):
self.app.provider = None self.app.provider = None
self.app.save() self.app.save()
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": SCOPE_OPENID, "scope": SCOPE_OPENID,
@ -112,7 +118,9 @@ class TestTokenClientCredentials(OAuthTestCase):
order=0, order=0,
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": SCOPE_OPENID, "scope": SCOPE_OPENID,
@ -130,7 +138,9 @@ class TestTokenClientCredentials(OAuthTestCase):
def test_successful(self): def test_successful(self):
"""test successful""" """test successful"""
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -163,7 +173,9 @@ class TestTokenClientCredentials(OAuthTestCase):
def test_successful_password(self): def test_successful_password(self):
"""test successful (password grant)""" """test successful (password grant)"""
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_PASSWORD, "grant_type": GRANT_TYPE_PASSWORD,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",

28
authentik/providers/oauth2/tests/test_token_cc_jwt_source.py
View file

@ -63,7 +63,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
def test_invalid_type(self): def test_invalid_type(self):
"""test invalid type""" """test invalid type"""
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -79,7 +81,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
def test_invalid_jwt(self): def test_invalid_jwt(self):
"""test invalid JWT""" """test invalid JWT"""
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -101,7 +105,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
} }
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -123,7 +129,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
} }
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -147,7 +155,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
} }
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -175,7 +185,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
} }
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
@ -197,7 +209,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
} }
) )
response = self.client.post( response = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
{ {
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",

12
authentik/providers/oauth2/tests/test_token_device.py
View file

@ -33,7 +33,9 @@ class TestTokenDeviceCode(OAuthTestCase):
def test_code_no_code(self): def test_code_no_code(self):
"""Test code without code""" """Test code without code"""
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"client_id": self.provider.client_id, "client_id": self.provider.client_id,
"grant_type": GRANT_TYPE_DEVICE_CODE, "grant_type": GRANT_TYPE_DEVICE_CODE,
@ -51,7 +53,9 @@ class TestTokenDeviceCode(OAuthTestCase):
device_code=generate_id(), device_code=generate_id(),
) )
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"client_id": self.provider.client_id, "client_id": self.provider.client_id,
"grant_type": GRANT_TYPE_DEVICE_CODE, "grant_type": GRANT_TYPE_DEVICE_CODE,
@ -71,7 +75,9 @@ class TestTokenDeviceCode(OAuthTestCase):
user=self.user, user=self.user,
) )
res = self.client.post( res = self.client.post(
reverse("authentik_providers_oauth2:token"), reverse(
"authentik_providers_oauth2:token",
kwargs={"application_slug": self.app.slug}),
data={ data={
"client_id": self.provider.client_id, "client_id": self.provider.client_id,
"grant_type": GRANT_TYPE_DEVICE_CODE, "grant_type": GRANT_TYPE_DEVICE_CODE,

8
authentik/providers/oauth2/tests/test_userinfo.py
View file

@ -48,7 +48,9 @@ class TestUserinfo(OAuthTestCase):
def test_userinfo_normal(self): def test_userinfo_normal(self):
"""test user info with all normal scopes""" """test user info with all normal scopes"""
res = self.client.get( res = self.client.get(
reverse("authentik_providers_oauth2:userinfo"), reverse(
"authentik_providers_oauth2:userinfo",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Bearer {self.token.token}", HTTP_AUTHORIZATION=f"Bearer {self.token.token}",
) )
self.assertJSONEqual( self.assertJSONEqual(
@ -70,7 +72,9 @@ class TestUserinfo(OAuthTestCase):
self.provider.property_mappings.add(scope) self.provider.property_mappings.add(scope)
res = self.client.get( res = self.client.get(
reverse("authentik_providers_oauth2:userinfo"), reverse(
"authentik_providers_oauth2:userinfo",
kwargs={"application_slug": self.app.slug}),
HTTP_AUTHORIZATION=f"Bearer {self.token.token}", HTTP_AUTHORIZATION=f"Bearer {self.token.token}",
) )
self.assertJSONEqual( self.assertJSONEqual(

6
tests/e2e/test_provider_oauth2_grafana.py
View file

@ -50,9 +50,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
"GF_AUTH_GENERIC_OAUTH_CLIENT_ID": self.client_id, "GF_AUTH_GENERIC_OAUTH_CLIENT_ID": self.client_id,
"GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET": self.client_secret, "GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET": self.client_secret,
"GF_AUTH_GENERIC_OAUTH_SCOPES": "openid email profile", "GF_AUTH_GENERIC_OAUTH_SCOPES": "openid email profile",
"GF_AUTH_GENERIC_OAUTH_AUTH_URL": self.url("authentik_providers_oauth2:authorize"), "GF_AUTH_GENERIC_OAUTH_AUTH_URL": self.url("authentik_providers_oauth2:authorize", application_slug=self.app_slug),
"GF_AUTH_GENERIC_OAUTH_TOKEN_URL": self.url("authentik_providers_oauth2:token"), "GF_AUTH_GENERIC_OAUTH_TOKEN_URL": self.url("authentik_providers_oauth2:token", application_slug=self.app_slug),
"GF_AUTH_GENERIC_OAUTH_API_URL": self.url("authentik_providers_oauth2:userinfo"), "GF_AUTH_GENERIC_OAUTH_API_URL": self.url("authentik_providers_oauth2:userinfo", application_slug=self.app_slug),
"GF_AUTH_SIGNOUT_REDIRECT_URL": self.url( "GF_AUTH_SIGNOUT_REDIRECT_URL": self.url(
"authentik_providers_oauth2:end-session", "authentik_providers_oauth2:end-session",
application_slug=self.app_slug, application_slug=self.app_slug,