hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 07:23:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

more test cases for login redirects

Browse Source
This commit is contained in:
Min RK
2018-05-22 15:40:27 +02:00
parent 598b550a67
commit a907429fd4
1 changed files with 38 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
jupyterhub/tests/test_pages.py
View File

@@ -3,6 +3,7 @@
from urllib.parse import urlencode, urlparse from urllib.parse import urlencode, urlparse
from tornado import gen from tornado import gen
from tornado.httputil import url_concat
from ..handlers import BaseHandler from ..handlers import BaseHandler
from ..utils import url_path_join as ujoin from ..utils import url_path_join as ujoin
@@ -366,29 +367,50 @@ def test_login_strip(app):
assert called_with == [form_data] assert called_with == [form_data]
@pytest.mark.parametrize(
'running, next_url, location',
[
# default URL if next not specified, for both running and not
(True, '', ''),
(False, '', ''),
# next_url is respected
(False, '/hub/admin', '/hub/admin'),
(False, '/user/other', '/hub/user/other'),
(False, '/absolute', '/absolute'),
(False, '/has?query#andhash', '/has?query#andhash'),
# next_url outside is not allowed
(False, 'https://other.domain', ''),
(False, 'ftp://other.domain', ''),
(False, '//other.domain', ''),
]
)
@pytest.mark.gen_test @pytest.mark.gen_test
def test_login_redirect(app): def test_login_redirect(app, running, next_url, location):
cookies = yield app.login_user('river') cookies = yield app.login_user('river')
user = app.users['river'] user = app.users['river']
# no next_url, server running if location:
location = ujoin(app.base_url, location)
else:
# use default url
location = user.url
url = 'login'
if next_url:
if '//' not in next_url:
next_url = ujoin(app.base_url, next_url, '')
url = url_concat(url, dict(next=next_url))
if running and not user.active:
# ensure running
yield user.spawn() yield user.spawn()
r = yield get_page('login', app, cookies=cookies, allow_redirects=False) elif user.active and not running:
r.raise_for_status() # ensure not running
assert r.status_code == 302
assert '/user/river' in r.headers['Location']
# no next_url, server not running
yield user.stop() yield user.stop()
r = yield get_page('login', app, cookies=cookies, allow_redirects=False) r = yield get_page(url, app, cookies=cookies, allow_redirects=False)
r.raise_for_status() r.raise_for_status()
assert r.status_code == 302 assert r.status_code == 302
assert '/user/river' in r.headers['Location'] assert location == r.headers['Location']
# next URL given, use it
r = yield get_page('login?next=/hub/admin', app, cookies=cookies, allow_redirects=False)
r.raise_for_status()
assert r.status_code == 302
assert r.headers['Location'].endswith('/hub/admin')
@pytest.mark.gen_test @pytest.mark.gen_test