authentik.core.tests.test_token_api
Test token API
1"""Test token API""" 2 3from datetime import datetime, timedelta 4from json import loads 5 6from django.urls.base import reverse 7from guardian.shortcuts import get_anonymous_user 8from rest_framework.test import APITestCase 9 10from authentik.core.api.tokens import TokenSerializer 11from authentik.core.models import ( 12 USER_ATTRIBUTE_TOKEN_EXPIRING, 13 USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME, 14 Token, 15 TokenIntents, 16) 17from authentik.core.tests.utils import create_test_admin_user, create_test_user 18from authentik.lib.generators import generate_id 19 20 21class TestTokenAPI(APITestCase): 22 """Test token API""" 23 24 def setUp(self) -> None: 25 super().setUp() 26 self.user = create_test_user() 27 self.admin = create_test_admin_user() 28 self.client.force_login(self.user) 29 30 def test_token_create(self): 31 """Test token creation endpoint""" 32 response = self.client.post( 33 reverse("authentik_api:token-list"), {"identifier": "test-token"} 34 ) 35 self.assertEqual(response.status_code, 201) 36 token = Token.objects.get(identifier="test-token") 37 self.assertEqual(token.user, self.user) 38 self.assertEqual(token.intent, TokenIntents.INTENT_API) 39 self.assertEqual(token.expiring, True) 40 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 41 42 def test_token_set_key(self): 43 """Test token creation endpoint""" 44 response = self.client.post( 45 reverse("authentik_api:token-list"), {"identifier": "test-token"} 46 ) 47 self.assertEqual(response.status_code, 201) 48 token = Token.objects.get(identifier="test-token") 49 self.assertEqual(token.user, self.user) 50 self.assertEqual(token.intent, TokenIntents.INTENT_API) 51 self.assertEqual(token.expiring, True) 52 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 53 54 self.client.force_login(self.admin) 55 new_key = generate_id() 56 response = self.client.post( 57 reverse("authentik_api:token-set-key", kwargs={"identifier": token.identifier}), 58 {"key": new_key}, 59 ) 60 self.assertEqual(response.status_code, 204) 61 token.refresh_from_db() 62 self.assertEqual(token.key, new_key) 63 64 def test_token_create_invalid(self): 65 """Test token creation endpoint (invalid data)""" 66 response = self.client.post( 67 reverse("authentik_api:token-list"), 68 {"identifier": "test-token", "intent": TokenIntents.INTENT_RECOVERY}, 69 ) 70 self.assertEqual(response.status_code, 400) 71 72 def test_token_create_non_expiring(self): 73 """Test token creation endpoint""" 74 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = False 75 self.user.save() 76 response = self.client.post( 77 reverse("authentik_api:token-list"), {"identifier": "test-token"} 78 ) 79 self.assertEqual(response.status_code, 201) 80 token = Token.objects.get(identifier="test-token") 81 self.assertEqual(token.user, self.user) 82 self.assertEqual(token.intent, TokenIntents.INTENT_API) 83 self.assertEqual(token.expiring, False) 84 85 def test_token_create_expiring(self): 86 """Test token creation endpoint""" 87 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 88 self.user.save() 89 response = self.client.post( 90 reverse("authentik_api:token-list"), {"identifier": "test-token"} 91 ) 92 self.assertEqual(response.status_code, 201) 93 token = Token.objects.get(identifier="test-token") 94 self.assertEqual(token.user, self.user) 95 self.assertEqual(token.intent, TokenIntents.INTENT_API) 96 self.assertEqual(token.expiring, True) 97 98 def test_token_create_expiring_custom_ok(self): 99 """Test token creation endpoint""" 100 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 101 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 102 self.user.save() 103 expires = datetime.now() + timedelta(hours=1) 104 response = self.client.post( 105 reverse("authentik_api:token-list"), 106 { 107 "identifier": "test-token", 108 "expires": expires, 109 "intent": TokenIntents.INTENT_APP_PASSWORD, 110 }, 111 ) 112 self.assertEqual(response.status_code, 201) 113 token = Token.objects.get(identifier="test-token") 114 self.assertEqual(token.user, self.user) 115 self.assertEqual(token.intent, TokenIntents.INTENT_APP_PASSWORD) 116 self.assertEqual(token.expiring, True) 117 self.assertEqual(token.expires.timestamp(), expires.timestamp()) 118 119 def test_token_create_expiring_custom_nok(self): 120 """Test token creation endpoint""" 121 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 122 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 123 self.user.save() 124 expires = datetime.now() + timedelta(hours=3) 125 response = self.client.post( 126 reverse("authentik_api:token-list"), 127 { 128 "identifier": "test-token", 129 "expires": expires, 130 "intent": TokenIntents.INTENT_APP_PASSWORD, 131 }, 132 ) 133 self.assertEqual(response.status_code, 400) 134 135 def test_token_create_expiring_custom_api(self): 136 """Test token creation endpoint""" 137 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 138 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 139 self.user.save() 140 expires = datetime.now() + timedelta(seconds=3) 141 response = self.client.post( 142 reverse("authentik_api:token-list"), 143 { 144 "identifier": "test-token", 145 "expires": expires, 146 "intent": TokenIntents.INTENT_API, 147 }, 148 ) 149 self.assertEqual(response.status_code, 201) 150 token = Token.objects.get(identifier="test-token") 151 self.assertEqual(token.user, self.user) 152 self.assertEqual(token.intent, TokenIntents.INTENT_API) 153 self.assertEqual(token.expiring, True) 154 self.assertNotEqual(token.expires.timestamp(), expires.timestamp()) 155 156 def test_token_change_user(self): 157 """Test creating a token and then changing the user""" 158 ident = generate_id() 159 response = self.client.post(reverse("authentik_api:token-list"), {"identifier": ident}) 160 self.assertEqual(response.status_code, 201) 161 token = Token.objects.get(identifier=ident) 162 self.assertEqual(token.user, self.user) 163 self.assertEqual(token.intent, TokenIntents.INTENT_API) 164 self.assertEqual(token.expiring, True) 165 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 166 response = self.client.put( 167 reverse("authentik_api:token-detail", kwargs={"identifier": ident}), 168 data={"identifier": "user_token_poc_v3", "intent": "api", "user": self.admin.pk}, 169 ) 170 self.assertEqual(response.status_code, 400) 171 token.refresh_from_db() 172 self.assertEqual(token.user, self.user) 173 174 def test_list(self): 175 """Test Token List (Test normal authentication)""" 176 Token.objects.including_expired().all().delete() 177 token_should: Token = Token.objects.create( 178 identifier="test", expiring=False, user=self.user 179 ) 180 Token.objects.create(identifier="test-2", expiring=False, user=get_anonymous_user()) 181 response = self.client.get(reverse("authentik_api:token-list")) 182 body = loads(response.content) 183 self.assertEqual(len(body["results"]), 1) 184 self.assertEqual(body["results"][0]["identifier"], token_should.identifier) 185 186 def test_list_with_permission(self): 187 """Test Token List (Test with `view_token` permission)""" 188 Token.objects.including_expired().all().delete() 189 token_should: Token = Token.objects.create( 190 identifier="test", expiring=False, user=self.user 191 ) 192 token_should_not: Token = Token.objects.create( 193 identifier="test-2", expiring=False, user=get_anonymous_user() 194 ) 195 self.user.assign_perms_to_managed_role("authentik_core.view_token") 196 response = self.client.get(reverse("authentik_api:token-list")) 197 body = loads(response.content) 198 self.assertEqual(len(body["results"]), 2) 199 self.assertEqual(body["results"][0]["identifier"], token_should.identifier) 200 self.assertEqual(body["results"][1]["identifier"], token_should_not.identifier) 201 202 def test_serializer_no_request(self): 203 """Test serializer without request""" 204 self.assertTrue( 205 TokenSerializer( 206 data={ 207 "identifier": generate_id(), 208 "intent": TokenIntents.INTENT_APP_PASSWORD, 209 "key": generate_id(), 210 "user": self.user.pk, 211 } 212 ).is_valid(raise_exception=True) 213 )
class
TestTokenAPI(rest_framework.test.APITestCase):
22class TestTokenAPI(APITestCase): 23 """Test token API""" 24 25 def setUp(self) -> None: 26 super().setUp() 27 self.user = create_test_user() 28 self.admin = create_test_admin_user() 29 self.client.force_login(self.user) 30 31 def test_token_create(self): 32 """Test token creation endpoint""" 33 response = self.client.post( 34 reverse("authentik_api:token-list"), {"identifier": "test-token"} 35 ) 36 self.assertEqual(response.status_code, 201) 37 token = Token.objects.get(identifier="test-token") 38 self.assertEqual(token.user, self.user) 39 self.assertEqual(token.intent, TokenIntents.INTENT_API) 40 self.assertEqual(token.expiring, True) 41 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 42 43 def test_token_set_key(self): 44 """Test token creation endpoint""" 45 response = self.client.post( 46 reverse("authentik_api:token-list"), {"identifier": "test-token"} 47 ) 48 self.assertEqual(response.status_code, 201) 49 token = Token.objects.get(identifier="test-token") 50 self.assertEqual(token.user, self.user) 51 self.assertEqual(token.intent, TokenIntents.INTENT_API) 52 self.assertEqual(token.expiring, True) 53 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 54 55 self.client.force_login(self.admin) 56 new_key = generate_id() 57 response = self.client.post( 58 reverse("authentik_api:token-set-key", kwargs={"identifier": token.identifier}), 59 {"key": new_key}, 60 ) 61 self.assertEqual(response.status_code, 204) 62 token.refresh_from_db() 63 self.assertEqual(token.key, new_key) 64 65 def test_token_create_invalid(self): 66 """Test token creation endpoint (invalid data)""" 67 response = self.client.post( 68 reverse("authentik_api:token-list"), 69 {"identifier": "test-token", "intent": TokenIntents.INTENT_RECOVERY}, 70 ) 71 self.assertEqual(response.status_code, 400) 72 73 def test_token_create_non_expiring(self): 74 """Test token creation endpoint""" 75 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = False 76 self.user.save() 77 response = self.client.post( 78 reverse("authentik_api:token-list"), {"identifier": "test-token"} 79 ) 80 self.assertEqual(response.status_code, 201) 81 token = Token.objects.get(identifier="test-token") 82 self.assertEqual(token.user, self.user) 83 self.assertEqual(token.intent, TokenIntents.INTENT_API) 84 self.assertEqual(token.expiring, False) 85 86 def test_token_create_expiring(self): 87 """Test token creation endpoint""" 88 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 89 self.user.save() 90 response = self.client.post( 91 reverse("authentik_api:token-list"), {"identifier": "test-token"} 92 ) 93 self.assertEqual(response.status_code, 201) 94 token = Token.objects.get(identifier="test-token") 95 self.assertEqual(token.user, self.user) 96 self.assertEqual(token.intent, TokenIntents.INTENT_API) 97 self.assertEqual(token.expiring, True) 98 99 def test_token_create_expiring_custom_ok(self): 100 """Test token creation endpoint""" 101 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 102 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 103 self.user.save() 104 expires = datetime.now() + timedelta(hours=1) 105 response = self.client.post( 106 reverse("authentik_api:token-list"), 107 { 108 "identifier": "test-token", 109 "expires": expires, 110 "intent": TokenIntents.INTENT_APP_PASSWORD, 111 }, 112 ) 113 self.assertEqual(response.status_code, 201) 114 token = Token.objects.get(identifier="test-token") 115 self.assertEqual(token.user, self.user) 116 self.assertEqual(token.intent, TokenIntents.INTENT_APP_PASSWORD) 117 self.assertEqual(token.expiring, True) 118 self.assertEqual(token.expires.timestamp(), expires.timestamp()) 119 120 def test_token_create_expiring_custom_nok(self): 121 """Test token creation endpoint""" 122 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 123 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 124 self.user.save() 125 expires = datetime.now() + timedelta(hours=3) 126 response = self.client.post( 127 reverse("authentik_api:token-list"), 128 { 129 "identifier": "test-token", 130 "expires": expires, 131 "intent": TokenIntents.INTENT_APP_PASSWORD, 132 }, 133 ) 134 self.assertEqual(response.status_code, 400) 135 136 def test_token_create_expiring_custom_api(self): 137 """Test token creation endpoint""" 138 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 139 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 140 self.user.save() 141 expires = datetime.now() + timedelta(seconds=3) 142 response = self.client.post( 143 reverse("authentik_api:token-list"), 144 { 145 "identifier": "test-token", 146 "expires": expires, 147 "intent": TokenIntents.INTENT_API, 148 }, 149 ) 150 self.assertEqual(response.status_code, 201) 151 token = Token.objects.get(identifier="test-token") 152 self.assertEqual(token.user, self.user) 153 self.assertEqual(token.intent, TokenIntents.INTENT_API) 154 self.assertEqual(token.expiring, True) 155 self.assertNotEqual(token.expires.timestamp(), expires.timestamp()) 156 157 def test_token_change_user(self): 158 """Test creating a token and then changing the user""" 159 ident = generate_id() 160 response = self.client.post(reverse("authentik_api:token-list"), {"identifier": ident}) 161 self.assertEqual(response.status_code, 201) 162 token = Token.objects.get(identifier=ident) 163 self.assertEqual(token.user, self.user) 164 self.assertEqual(token.intent, TokenIntents.INTENT_API) 165 self.assertEqual(token.expiring, True) 166 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 167 response = self.client.put( 168 reverse("authentik_api:token-detail", kwargs={"identifier": ident}), 169 data={"identifier": "user_token_poc_v3", "intent": "api", "user": self.admin.pk}, 170 ) 171 self.assertEqual(response.status_code, 400) 172 token.refresh_from_db() 173 self.assertEqual(token.user, self.user) 174 175 def test_list(self): 176 """Test Token List (Test normal authentication)""" 177 Token.objects.including_expired().all().delete() 178 token_should: Token = Token.objects.create( 179 identifier="test", expiring=False, user=self.user 180 ) 181 Token.objects.create(identifier="test-2", expiring=False, user=get_anonymous_user()) 182 response = self.client.get(reverse("authentik_api:token-list")) 183 body = loads(response.content) 184 self.assertEqual(len(body["results"]), 1) 185 self.assertEqual(body["results"][0]["identifier"], token_should.identifier) 186 187 def test_list_with_permission(self): 188 """Test Token List (Test with `view_token` permission)""" 189 Token.objects.including_expired().all().delete() 190 token_should: Token = Token.objects.create( 191 identifier="test", expiring=False, user=self.user 192 ) 193 token_should_not: Token = Token.objects.create( 194 identifier="test-2", expiring=False, user=get_anonymous_user() 195 ) 196 self.user.assign_perms_to_managed_role("authentik_core.view_token") 197 response = self.client.get(reverse("authentik_api:token-list")) 198 body = loads(response.content) 199 self.assertEqual(len(body["results"]), 2) 200 self.assertEqual(body["results"][0]["identifier"], token_should.identifier) 201 self.assertEqual(body["results"][1]["identifier"], token_should_not.identifier) 202 203 def test_serializer_no_request(self): 204 """Test serializer without request""" 205 self.assertTrue( 206 TokenSerializer( 207 data={ 208 "identifier": generate_id(), 209 "intent": TokenIntents.INTENT_APP_PASSWORD, 210 "key": generate_id(), 211 "user": self.user.pk, 212 } 213 ).is_valid(raise_exception=True) 214 )
Test token API
def
setUp(self) -> None:
25 def setUp(self) -> None: 26 super().setUp() 27 self.user = create_test_user() 28 self.admin = create_test_admin_user() 29 self.client.force_login(self.user)
Hook method for setting up the test fixture before exercising it.
def
test_token_create(self):
31 def test_token_create(self): 32 """Test token creation endpoint""" 33 response = self.client.post( 34 reverse("authentik_api:token-list"), {"identifier": "test-token"} 35 ) 36 self.assertEqual(response.status_code, 201) 37 token = Token.objects.get(identifier="test-token") 38 self.assertEqual(token.user, self.user) 39 self.assertEqual(token.intent, TokenIntents.INTENT_API) 40 self.assertEqual(token.expiring, True) 41 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token))
Test token creation endpoint
def
test_token_set_key(self):
43 def test_token_set_key(self): 44 """Test token creation endpoint""" 45 response = self.client.post( 46 reverse("authentik_api:token-list"), {"identifier": "test-token"} 47 ) 48 self.assertEqual(response.status_code, 201) 49 token = Token.objects.get(identifier="test-token") 50 self.assertEqual(token.user, self.user) 51 self.assertEqual(token.intent, TokenIntents.INTENT_API) 52 self.assertEqual(token.expiring, True) 53 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 54 55 self.client.force_login(self.admin) 56 new_key = generate_id() 57 response = self.client.post( 58 reverse("authentik_api:token-set-key", kwargs={"identifier": token.identifier}), 59 {"key": new_key}, 60 ) 61 self.assertEqual(response.status_code, 204) 62 token.refresh_from_db() 63 self.assertEqual(token.key, new_key)
Test token creation endpoint
def
test_token_create_invalid(self):
65 def test_token_create_invalid(self): 66 """Test token creation endpoint (invalid data)""" 67 response = self.client.post( 68 reverse("authentik_api:token-list"), 69 {"identifier": "test-token", "intent": TokenIntents.INTENT_RECOVERY}, 70 ) 71 self.assertEqual(response.status_code, 400)
Test token creation endpoint (invalid data)
def
test_token_create_non_expiring(self):
73 def test_token_create_non_expiring(self): 74 """Test token creation endpoint""" 75 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = False 76 self.user.save() 77 response = self.client.post( 78 reverse("authentik_api:token-list"), {"identifier": "test-token"} 79 ) 80 self.assertEqual(response.status_code, 201) 81 token = Token.objects.get(identifier="test-token") 82 self.assertEqual(token.user, self.user) 83 self.assertEqual(token.intent, TokenIntents.INTENT_API) 84 self.assertEqual(token.expiring, False)
Test token creation endpoint
def
test_token_create_expiring(self):
86 def test_token_create_expiring(self): 87 """Test token creation endpoint""" 88 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 89 self.user.save() 90 response = self.client.post( 91 reverse("authentik_api:token-list"), {"identifier": "test-token"} 92 ) 93 self.assertEqual(response.status_code, 201) 94 token = Token.objects.get(identifier="test-token") 95 self.assertEqual(token.user, self.user) 96 self.assertEqual(token.intent, TokenIntents.INTENT_API) 97 self.assertEqual(token.expiring, True)
Test token creation endpoint
def
test_token_create_expiring_custom_ok(self):
99 def test_token_create_expiring_custom_ok(self): 100 """Test token creation endpoint""" 101 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 102 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 103 self.user.save() 104 expires = datetime.now() + timedelta(hours=1) 105 response = self.client.post( 106 reverse("authentik_api:token-list"), 107 { 108 "identifier": "test-token", 109 "expires": expires, 110 "intent": TokenIntents.INTENT_APP_PASSWORD, 111 }, 112 ) 113 self.assertEqual(response.status_code, 201) 114 token = Token.objects.get(identifier="test-token") 115 self.assertEqual(token.user, self.user) 116 self.assertEqual(token.intent, TokenIntents.INTENT_APP_PASSWORD) 117 self.assertEqual(token.expiring, True) 118 self.assertEqual(token.expires.timestamp(), expires.timestamp())
Test token creation endpoint
def
test_token_create_expiring_custom_nok(self):
120 def test_token_create_expiring_custom_nok(self): 121 """Test token creation endpoint""" 122 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 123 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 124 self.user.save() 125 expires = datetime.now() + timedelta(hours=3) 126 response = self.client.post( 127 reverse("authentik_api:token-list"), 128 { 129 "identifier": "test-token", 130 "expires": expires, 131 "intent": TokenIntents.INTENT_APP_PASSWORD, 132 }, 133 ) 134 self.assertEqual(response.status_code, 400)
Test token creation endpoint
def
test_token_create_expiring_custom_api(self):
136 def test_token_create_expiring_custom_api(self): 137 """Test token creation endpoint""" 138 self.user.attributes[USER_ATTRIBUTE_TOKEN_EXPIRING] = True 139 self.user.attributes[USER_ATTRIBUTE_TOKEN_MAXIMUM_LIFETIME] = "hours=2" 140 self.user.save() 141 expires = datetime.now() + timedelta(seconds=3) 142 response = self.client.post( 143 reverse("authentik_api:token-list"), 144 { 145 "identifier": "test-token", 146 "expires": expires, 147 "intent": TokenIntents.INTENT_API, 148 }, 149 ) 150 self.assertEqual(response.status_code, 201) 151 token = Token.objects.get(identifier="test-token") 152 self.assertEqual(token.user, self.user) 153 self.assertEqual(token.intent, TokenIntents.INTENT_API) 154 self.assertEqual(token.expiring, True) 155 self.assertNotEqual(token.expires.timestamp(), expires.timestamp())
Test token creation endpoint
def
test_token_change_user(self):
157 def test_token_change_user(self): 158 """Test creating a token and then changing the user""" 159 ident = generate_id() 160 response = self.client.post(reverse("authentik_api:token-list"), {"identifier": ident}) 161 self.assertEqual(response.status_code, 201) 162 token = Token.objects.get(identifier=ident) 163 self.assertEqual(token.user, self.user) 164 self.assertEqual(token.intent, TokenIntents.INTENT_API) 165 self.assertEqual(token.expiring, True) 166 self.assertTrue(self.user.has_perm("authentik_core.view_token_key", token)) 167 response = self.client.put( 168 reverse("authentik_api:token-detail", kwargs={"identifier": ident}), 169 data={"identifier": "user_token_poc_v3", "intent": "api", "user": self.admin.pk}, 170 ) 171 self.assertEqual(response.status_code, 400) 172 token.refresh_from_db() 173 self.assertEqual(token.user, self.user)
Test creating a token and then changing the user
def
test_list(self):
175 def test_list(self): 176 """Test Token List (Test normal authentication)""" 177 Token.objects.including_expired().all().delete() 178 token_should: Token = Token.objects.create( 179 identifier="test", expiring=False, user=self.user 180 ) 181 Token.objects.create(identifier="test-2", expiring=False, user=get_anonymous_user()) 182 response = self.client.get(reverse("authentik_api:token-list")) 183 body = loads(response.content) 184 self.assertEqual(len(body["results"]), 1) 185 self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
Test Token List (Test normal authentication)
def
test_list_with_permission(self):
187 def test_list_with_permission(self): 188 """Test Token List (Test with `view_token` permission)""" 189 Token.objects.including_expired().all().delete() 190 token_should: Token = Token.objects.create( 191 identifier="test", expiring=False, user=self.user 192 ) 193 token_should_not: Token = Token.objects.create( 194 identifier="test-2", expiring=False, user=get_anonymous_user() 195 ) 196 self.user.assign_perms_to_managed_role("authentik_core.view_token") 197 response = self.client.get(reverse("authentik_api:token-list")) 198 body = loads(response.content) 199 self.assertEqual(len(body["results"]), 2) 200 self.assertEqual(body["results"][0]["identifier"], token_should.identifier) 201 self.assertEqual(body["results"][1]["identifier"], token_should_not.identifier)
Test Token List (Test with view_token permission)
def
test_serializer_no_request(self):
203 def test_serializer_no_request(self): 204 """Test serializer without request""" 205 self.assertTrue( 206 TokenSerializer( 207 data={ 208 "identifier": generate_id(), 209 "intent": TokenIntents.INTENT_APP_PASSWORD, 210 "key": generate_id(), 211 "user": self.user.pk, 212 } 213 ).is_valid(raise_exception=True) 214 )
Test serializer without request