hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 15:33:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

exercise more token API cases

Browse Source 
separate parametrize cases for clarity
This commit is contained in:
Min RK
2017-08-30 14:38:00 +02:00
parent 027f2f95c6
commit 89ba97f413
2 changed files with 69 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
jupyterhub/apihandlers/auth.py
View File

@@ -41,19 +41,20 @@ class TokenAPIHandler(APIHandler):
# for authenticators where that's possible # for authenticators where that's possible
data = self.get_json_body() data = self.get_json_body()
try: try:
authenticated = yield self.authenticate(self, data) user = yield self.login_user(data)
except Exception as e: except Exception as e:
self.log.error("Failure trying to authenticate with form data: %s" % e) self.log.error("Failure trying to authenticate with form data: %s" % e)
authenticated = None user = None
if authenticated is None: if user is None:
raise web.HTTPError(403) raise web.HTTPError(403)
user = self.find_user(authenticated['name'])
else: else:
data = self.get_json_body() data = self.get_json_body()
# admin users can request # admin users can request
if data and data.get('username') != user.name: if data and data.get('username') != user.name:
if user.admin: if user.admin:
user = self.find_user(data['username']) user = self.find_user(data['username'])
if user is None:
raise web.HTTPError(400, "No such user '%s'" % data['username'])
else: else:
raise web.HTTPError(403, "Only admins can request tokens for other users.") raise web.HTTPError(403, "Only admins can request tokens for other users.")
api_token = user.new_api_token() api_token = user.new_api_token()

74
jupyterhub/tests/test_api.py
View File

@@ -89,7 +89,7 @@ def api_request(app, *api_path, **kwargs):
base_url = app.hub.url base_url = app.hub.url
headers = kwargs.setdefault('headers', {}) headers = kwargs.setdefault('headers', {})
if 'Authorization' not in headers: if 'Authorization' not in headers and not kwargs.pop('noauth', False):
headers.update(auth_header(app.db, 'admin')) headers.update(auth_header(app.db, 'admin'))
url = ujoin(base_url, 'api', *api_path) url = ujoin(base_url, 'api', *api_path)
@@ -755,16 +755,16 @@ def test_token(app):
@mark.gen_test @mark.gen_test
@mark.parametrize("headers, data, status", [ @mark.parametrize("headers, status", [
({}, None, 200), ({}, 200),
({'Authorization': ''}, None, 403), ({'Authorization': 'token bad'}, 403),
({}, {'username': 'fake', 'password': 'fake'}, 200),
]) ])
def test_get_new_token(app, headers, data, status): def test_get_new_token(app, headers, status):
if data:
data = json.dumps(data)
# request a new token # request a new token
r = yield api_request(app, 'authorizations', 'token', method='post', data=data, headers=headers) r = yield api_request(app, 'authorizations', 'token',
method='post',
headers=headers,
)
assert r.status_code == status assert r.status_code == status
if status != 200: if status != 200:
return return
@@ -772,7 +772,61 @@ def test_get_new_token(app, headers, data, status):
assert 'token' in reply assert 'token' in reply
r = yield api_request(app, 'authorizations', 'token', reply['token']) r = yield api_request(app, 'authorizations', 'token', reply['token'])
r.raise_for_status() r.raise_for_status()
assert 'name' in r.json() reply = r.json()
assert reply['name'] == 'admin'
@mark.gen_test
def test_token_formdata(app):
"""Create a token for a user with formdata and no auth header"""
data = {
'username': 'fake',
'password': 'fake',
}
r = yield api_request(app, 'authorizations', 'token',
method='post',
data=json.dumps(data) if data else None,
noauth=True,
)
assert r.status_code == 200
reply = r.json()
assert 'token' in reply
r = yield api_request(app, 'authorizations', 'token', reply['token'])
r.raise_for_status()
reply = r.json()
assert reply['name'] == data['username']
@mark.gen_test
@mark.parametrize("as_user, for_user, status", [
('admin', 'other', 200),
('admin', 'missing', 400),
('user', 'other', 403),
('user', 'user', 200),
])
def test_token_as_user(app, as_user, for_user, status):
# ensure both users exist
u = add_user(app.db, app, name=as_user)
if for_user != 'missing':
add_user(app.db, app, name=for_user)
data = {'username': for_user}
headers = {
'Authorization': 'token %s' % u.new_api_token(),
}
r = yield api_request(app, 'authorizations', 'token',
method='post',
data=json.dumps(data),
headers=headers,
)
assert r.status_code == status
reply = r.json()
if status != 200:
return
assert 'token' in reply
r = yield api_request(app, 'authorizations', 'token', reply['token'])
r.raise_for_status()
reply = r.json()
assert reply['name'] == data['username']
# --------------- # ---------------