Cradicle Explorer
archive
/ fastapi-template / tests / test_auth.py
test_auth.py
  1  from unittest.mock import AsyncMock, MagicMock
  2  
  3  import pytest
  4  from fastapi.security.base import SecurityBase
  5  from pytest_mock import MockerFixture
  6  
  7  from api import auth
  8  from api.exceptions.auth import InvalidTokenError
  9  
 10  
 11  @pytest.mark.parametrize("auth_header,token", [("test", "test"), (None, ""), ("Bearer asDF1234", "asDF1234")])
 12  def test__get_token(auth_header: str | None, token: str) -> None:
 13      request = MagicMock()
 14      request.headers = {"Authorization": auth_header} if auth_header is not None else {}
 15  
 16      assert auth.get_token(request) == token
 17  
 18  
 19  async def test__httpauth_constructor(mocker: MockerFixture) -> None:
 20      httpbearer_patch = mocker.patch("api.auth.HTTPBearer")
 21  
 22      http_auth = auth.HTTPAuth()
 23  
 24      httpbearer_patch.assert_called_once_with()
 25      assert http_auth.model == httpbearer_patch()
 26      assert http_auth.scheme_name == http_auth.__class__.__name__
 27      assert issubclass(auth.HTTPAuth, SecurityBase)
 28  
 29  
 30  async def test__httpauth_call() -> None:
 31      request = MagicMock()
 32      http_auth = MagicMock()
 33      with pytest.raises(NotImplementedError):
 34          await auth.HTTPAuth.__call__(http_auth, request)
 35  
 36  
 37  @pytest.mark.parametrize("token,ok", [("S3cr3t Token!", True), ("asdf1234", False)])
 38  async def test__statictokenauth_check_token(token: str, ok: bool) -> None:
 39      http_auth = MagicMock()
 40      http_auth._token = "S3cr3t Token!"
 41      assert await auth.StaticTokenAuth._check_token(http_auth, token) == ok
 42  
 43  
 44  async def test__statictokenauth_call__invalid_token(mocker: MockerFixture) -> None:
 45      get_token = mocker.patch("api.auth.get_token")
 46  
 47      request = MagicMock()
 48      http_auth = MagicMock()
 49      http_auth._check_token = AsyncMock(return_value=False)
 50  
 51      with pytest.raises(InvalidTokenError):
 52          await auth.StaticTokenAuth.__call__(http_auth, request)
 53  
 54      get_token.assert_called_once_with(request)
 55      http_auth._check_token.assert_called_once_with(get_token())
 56  
 57  
 58  async def test__statictokenauth_call__valid_token(mocker: MockerFixture) -> None:
 59      get_token = mocker.patch("api.auth.get_token")
 60  
 61      request = MagicMock()
 62      http_auth = MagicMock()
 63      http_auth._check_token = AsyncMock(return_value=True)
 64  
 65      assert await auth.StaticTokenAuth.__call__(http_auth, request) is True
 66  
 67      get_token.assert_called_once_with(request)
 68      http_auth._check_token.assert_called_once_with(get_token())
 69  
 70  
 71  async def test__jwtauth_call__invalid_token(mocker: MockerFixture) -> None:
 72      get_token = mocker.patch("api.auth.get_token")
 73      mocker.patch("api.auth.decode_jwt", MagicMock(return_value=None))
 74  
 75      request = MagicMock()
 76      http_auth = MagicMock(force_valid=False)
 77  
 78      assert await auth.JWTAuth.__call__(http_auth, request) is None
 79  
 80      get_token.assert_called_once_with(request)
 81  
 82  
 83  async def test__jwtauth_call__invalid_token__force_valid(mocker: MockerFixture) -> None:
 84      get_token = mocker.patch("api.auth.get_token")
 85      mocker.patch("api.auth.decode_jwt", MagicMock(return_value=None))
 86  
 87      request = MagicMock()
 88      http_auth = MagicMock(force_valid=True)
 89  
 90      with pytest.raises(InvalidTokenError):
 91          await auth.JWTAuth.__call__(http_auth, request)
 92  
 93      get_token.assert_called_once_with(request)
 94  
 95  
 96  async def test__jwtauth_call__valid_token(mocker: MockerFixture) -> None:
 97      get_token = mocker.patch("api.auth.get_token")
 98      mocker.patch("api.auth.decode_jwt", MagicMock(return_value={"foo": "bar"}))
 99  
100      request = MagicMock()
101      http_auth = MagicMock()
102  
103      assert await auth.JWTAuth.__call__(http_auth, request) == {"foo": "bar"}
104  
105      get_token.assert_called_once_with(request)