From ae1a8842db8aa4fbad70d384982cb720edd8dbee Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 13 Dec 2020 23:14:35 +0100 Subject: [PATCH] providers/oauth2: start adding tests for OAuthAuthorizationParams --- authentik/providers/oauth2/tests/__init__.py | 0 .../oauth2/tests/test_views_authorize.py | 46 +++++++++++++++++++ authentik/providers/oauth2/views/authorize.py | 2 +- 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 authentik/providers/oauth2/tests/__init__.py create mode 100644 authentik/providers/oauth2/tests/test_views_authorize.py diff --git a/authentik/providers/oauth2/tests/__init__.py b/authentik/providers/oauth2/tests/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/authentik/providers/oauth2/tests/test_views_authorize.py b/authentik/providers/oauth2/tests/test_views_authorize.py new file mode 100644 index 000000000..14aca975f --- /dev/null +++ b/authentik/providers/oauth2/tests/test_views_authorize.py @@ -0,0 +1,46 @@ +"""Test authorize view""" +from django.test import RequestFactory, TestCase + +from authentik.flows.models import Flow +from authentik.providers.oauth2.errors import ( + AuthorizeError, + ClientIdError, + RedirectUriError, +) +from authentik.providers.oauth2.models import OAuth2Provider +from authentik.providers.oauth2.views.authorize import OAuthAuthorizationParams + + +class TestViewsAuthorize(TestCase): + """Test authorize view""" + + def setUp(self) -> None: + super().setUp() + self.factory = RequestFactory() + + def test_invalid_grant_type(self): + """Test with invalid grant type""" + with self.assertRaises(AuthorizeError): + request = self.factory.get("/", data={"response_type": "invalid"}) + OAuthAuthorizationParams.from_request(request) + + def test_invalid_client_id(self): + """Test invalid client ID""" + with self.assertRaises(ClientIdError): + request = self.factory.get( + "/", data={"response_type": "code", "client_id": "invalid"} + ) + OAuthAuthorizationParams.from_request(request) + + def test_missing_redirect_uri(self): + """test missing redirect URI""" + OAuth2Provider.objects.create( + name="test", + client_id="test", + authorization_flow=Flow.objects.first(), + ) + with self.assertRaises(RedirectUriError): + request = self.factory.get( + "/", data={"response_type": "code", "client_id": "test"} + ) + OAuthAuthorizationParams.from_request(request) diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py index f13bd8c50..56fe0c79b 100644 --- a/authentik/providers/oauth2/views/authorize.py +++ b/authentik/providers/oauth2/views/authorize.py @@ -139,7 +139,7 @@ class OAuthAuthorizationParams: is_open_id = SCOPE_OPENID in self.scope # Redirect URI validation. - if is_open_id and not self.redirect_uri: + if not self.redirect_uri: LOGGER.warning("Missing redirect uri.") raise RedirectUriError() if self.redirect_uri.lower() not in [