authentik.core.tests.test_token_auth

Test token auth

 1"""Test token auth"""
 2
 3from datetime import timedelta
 4
 5from django.test import TestCase
 6from django.utils.timezone import now
 7
 8from authentik.core.auth import TokenBackend
 9from authentik.core.models import Token, TokenIntents, User
10from authentik.core.tests.utils import RequestFactory
11from authentik.flows.planner import FlowPlan
12from authentik.flows.views.executor import SESSION_KEY_PLAN
13
14
15class TestTokenAuth(TestCase):
16    """Test token auth"""
17
18    def setUp(self) -> None:
19        self.user = User.objects.create(username="test-user")
20        self.token = Token.objects.create(
21            expiring=False, user=self.user, intent=TokenIntents.INTENT_APP_PASSWORD
22        )
23        self.request_factory = RequestFactory()
24        # To test with session we need to create a request and pass it through all middlewares
25        self.request = self.request_factory.get("/")
26        self.request.session[SESSION_KEY_PLAN] = FlowPlan("test")
27
28    def test_token_auth(self):
29        """Test auth with token"""
30        self.assertEqual(
31            TokenBackend().authenticate(self.request, "test-user", self.token.key), self.user
32        )
33
34    def test_token_auth_expired(self):
35        """Test auth with token"""
36        self.token.expiring = True
37        self.token.expires = now() - timedelta(hours=1)
38        self.token.save()
39        self.assertEqual(
40            TokenBackend().authenticate(self.request, "test-user", self.token.key), None
41        )
42
43    def test_token_auth_none(self):
44        """Test auth with token (non-existent user)"""
45        self.assertIsNone(
46            TokenBackend().authenticate(self.request, "test-user-foo", self.token.key), self.user
47        )
48
49    def test_token_auth_invalid(self):
50        """Test auth with token (invalid token)"""
51        self.assertIsNone(
52            TokenBackend().authenticate(self.request, "test-user", self.token.key + "foo"),
53            self.user,
54        )
class TestTokenAuth(django.test.testcases.TestCase): 
16class TestTokenAuth(TestCase):
17    """Test token auth"""
18
19    def setUp(self) -> None:
20        self.user = User.objects.create(username="test-user")
21        self.token = Token.objects.create(
22            expiring=False, user=self.user, intent=TokenIntents.INTENT_APP_PASSWORD
23        )
24        self.request_factory = RequestFactory()
25        # To test with session we need to create a request and pass it through all middlewares
26        self.request = self.request_factory.get("/")
27        self.request.session[SESSION_KEY_PLAN] = FlowPlan("test")
28
29    def test_token_auth(self):
30        """Test auth with token"""
31        self.assertEqual(
32            TokenBackend().authenticate(self.request, "test-user", self.token.key), self.user
33        )
34
35    def test_token_auth_expired(self):
36        """Test auth with token"""
37        self.token.expiring = True
38        self.token.expires = now() - timedelta(hours=1)
39        self.token.save()
40        self.assertEqual(
41            TokenBackend().authenticate(self.request, "test-user", self.token.key), None
42        )
43
44    def test_token_auth_none(self):
45        """Test auth with token (non-existent user)"""
46        self.assertIsNone(
47            TokenBackend().authenticate(self.request, "test-user-foo", self.token.key), self.user
48        )
49
50    def test_token_auth_invalid(self):
51        """Test auth with token (invalid token)"""
52        self.assertIsNone(
53            TokenBackend().authenticate(self.request, "test-user", self.token.key + "foo"),
54            self.user,
55        )

Test token auth

def setUp(self) -> None: 
19    def setUp(self) -> None:
20        self.user = User.objects.create(username="test-user")
21        self.token = Token.objects.create(
22            expiring=False, user=self.user, intent=TokenIntents.INTENT_APP_PASSWORD
23        )
24        self.request_factory = RequestFactory()
25        # To test with session we need to create a request and pass it through all middlewares
26        self.request = self.request_factory.get("/")
27        self.request.session[SESSION_KEY_PLAN] = FlowPlan("test")

Hook method for setting up the test fixture before exercising it.

def test_token_auth(self): 
29    def test_token_auth(self):
30        """Test auth with token"""
31        self.assertEqual(
32            TokenBackend().authenticate(self.request, "test-user", self.token.key), self.user
33        )

Test auth with token

def test_token_auth_expired(self): 
35    def test_token_auth_expired(self):
36        """Test auth with token"""
37        self.token.expiring = True
38        self.token.expires = now() - timedelta(hours=1)
39        self.token.save()
40        self.assertEqual(
41            TokenBackend().authenticate(self.request, "test-user", self.token.key), None
42        )

Test auth with token

def test_token_auth_none(self): 
44    def test_token_auth_none(self):
45        """Test auth with token (non-existent user)"""
46        self.assertIsNone(
47            TokenBackend().authenticate(self.request, "test-user-foo", self.token.key), self.user
48        )

Test auth with token (non-existent user)

def test_token_auth_invalid(self): 
50    def test_token_auth_invalid(self):
51        """Test auth with token (invalid token)"""
52        self.assertIsNone(
53            TokenBackend().authenticate(self.request, "test-user", self.token.key + "foo"),
54            self.user,
55        )

Test auth with token (invalid token)