diff options
Diffstat (limited to 'tests/middleware/test_authenticate.py')
| -rw-r--r-- | tests/middleware/test_authenticate.py | 53 |
1 files changed, 26 insertions, 27 deletions
diff --git a/tests/middleware/test_authenticate.py b/tests/middleware/test_authenticate.py index 2395316..2acfe92 100644 --- a/tests/middleware/test_authenticate.py +++ b/tests/middleware/test_authenticate.py @@ -22,8 +22,7 @@ def app(): @pytest.mark.parametrize("method", ["GET", "HEAD"]) -def test_unauthenticated_request(app, method, monkeypatch): - monkeypatch.delattr(paste, "check_token") +def test_unauthenticated_request(app, method): environ = {"REQUEST_METHOD": method} response = call_app(app, environ) assert response.data == b"Hello, world!" @@ -32,11 +31,10 @@ def test_unauthenticated_request(app, method, monkeypatch): @pytest.mark.parametrize("method", ["GET", "HEAD"]) -def test_unauthenticated_request_with_key(app, method, monkeypatch): - monkeypatch.delattr(paste, "check_token") +def test_unauthenticated_request_with_key(app, method): environ = { "REQUEST_METHOD": method, - "paste.db_conn": None, + "paste.store": None, "HTTP_AUTHORIZATION": "ApiKey AAAA", } response = call_app(app, environ) @@ -46,8 +44,7 @@ def test_unauthenticated_request_with_key(app, method, monkeypatch): @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"]) -def test_authenticate_no_header(app, method, monkeypatch): - monkeypatch.delattr(paste, "check_token") +def test_authenticate_no_header(app, method): environ = {"REQUEST_METHOD": method} response = call_app(app, environ) assert response.data == b"401 Unauthorized\n" @@ -58,8 +55,7 @@ def test_authenticate_no_header(app, method, monkeypatch): @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"]) @pytest.mark.parametrize("key", ["ApiKey AAAA", "APIKey AAA", "APIKey AAAA", "AAAA"]) -def test_authenticate_malformed_key(app, method, key, monkeypatch): - monkeypatch.delattr(paste, "check_token") +def test_authenticate_malformed_key(app, method, key): environ = {"REQUEST_METHOD": method, "HTTP_AUTHORIZATION": key} response = call_app(app, environ) assert response.data == b"401 Unauthorized\n" @@ -68,24 +64,28 @@ def test_authenticate_malformed_key(app, method, key, monkeypatch): assert ("WWW-Authenticate", "APIKey") in response.headers +class MockDB: + def __init__(self, check_token): + self.check_token = check_token + + @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"]) -def test_authenticate_check_token_fail(app, method, monkeypatch): +def test_authenticate_check_token_fail(app, method): check_token_called = False token = b"test" - environ = { - "REQUEST_METHOD": method, - "paste.db_conn": object(), - "HTTP_AUTHORIZATION": f"APIKey {b64encode(token).decode()}", - } - def check_token(conn, tok): + def check_token(tok): nonlocal check_token_called - assert conn == environ["paste.db_conn"] assert tok == token check_token_called = True return False - monkeypatch.setattr(paste, "check_token", check_token) + environ = { + "REQUEST_METHOD": method, + "paste.store": MockDB(check_token), + "HTTP_AUTHORIZATION": f"APIKey {b64encode(token).decode()}", + } + response = call_app(app, environ) assert check_token_called assert response.data == b"401 Unauthorized\n" @@ -95,23 +95,22 @@ def test_authenticate_check_token_fail(app, method, monkeypatch): @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"]) -def test_authenticate_check_token_success(app, method, monkeypatch): +def test_authenticate_check_token_success(app, method): check_token_called = False token = b"test" - environ = { - "REQUEST_METHOD": method, - "paste.db_conn": object(), - "HTTP_AUTHORIZATION": f"APIKey {b64encode(token).decode()}", - } - def check_token(conn, tok): + def check_token(tok): nonlocal check_token_called - assert conn == environ["paste.db_conn"] assert tok == token check_token_called = True return True - monkeypatch.setattr(paste, "check_token", check_token) + environ = { + "REQUEST_METHOD": method, + "paste.store": MockDB(check_token), + "HTTP_AUTHORIZATION": f"APIKey {b64encode(token).decode()}", + } + response = call_app(app, environ) assert check_token_called assert response.data == b"Hello, world!" |