2018-05-01 12:20:41 -04:00
|
|
|
"""Integration tests for the auth component."""
|
2018-07-10 11:20:22 +02:00
|
|
|
from datetime import timedelta
|
|
|
|
|
from unittest.mock import patch
|
|
|
|
|
|
|
|
|
|
from homeassistant.util.dt import utcnow
|
|
|
|
|
from homeassistant.components import auth
|
|
|
|
|
|
2018-07-09 18:24:46 +02:00
|
|
|
from . import async_setup_auth
|
|
|
|
|
|
|
|
|
|
from tests.common import CLIENT_ID, CLIENT_REDIRECT_URI
|
2018-05-01 12:20:41 -04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
async def test_login_new_user_and_refresh_token(hass, aiohttp_client):
|
|
|
|
|
"""Test logging in with new user and refreshing tokens."""
|
|
|
|
|
client = await async_setup_auth(hass, aiohttp_client, setup_api=True)
|
|
|
|
|
resp = await client.post('/auth/login_flow', json={
|
2018-07-09 18:24:46 +02:00
|
|
|
'client_id': CLIENT_ID,
|
2018-05-10 04:38:11 -04:00
|
|
|
'handler': ['insecure_example', None],
|
|
|
|
|
'redirect_uri': CLIENT_REDIRECT_URI,
|
2018-07-09 18:24:46 +02:00
|
|
|
})
|
2018-05-01 12:20:41 -04:00
|
|
|
assert resp.status == 200
|
|
|
|
|
step = await resp.json()
|
|
|
|
|
|
|
|
|
|
resp = await client.post(
|
|
|
|
|
'/auth/login_flow/{}'.format(step['flow_id']), json={
|
2018-07-09 18:24:46 +02:00
|
|
|
'client_id': CLIENT_ID,
|
2018-05-01 12:20:41 -04:00
|
|
|
'username': 'test-user',
|
|
|
|
|
'password': 'test-pass',
|
2018-07-09 18:24:46 +02:00
|
|
|
})
|
2018-05-01 12:20:41 -04:00
|
|
|
|
|
|
|
|
assert resp.status == 200
|
|
|
|
|
step = await resp.json()
|
|
|
|
|
code = step['result']
|
|
|
|
|
|
|
|
|
|
# Exchange code for tokens
|
|
|
|
|
resp = await client.post('/auth/token', data={
|
2018-07-09 18:24:46 +02:00
|
|
|
'client_id': CLIENT_ID,
|
2018-05-01 12:20:41 -04:00
|
|
|
'grant_type': 'authorization_code',
|
|
|
|
|
'code': code
|
2018-07-09 18:24:46 +02:00
|
|
|
})
|
2018-05-01 12:20:41 -04:00
|
|
|
|
|
|
|
|
assert resp.status == 200
|
|
|
|
|
tokens = await resp.json()
|
|
|
|
|
|
|
|
|
|
assert hass.auth.async_get_access_token(tokens['access_token']) is not None
|
|
|
|
|
|
|
|
|
|
# Use refresh token to get more tokens.
|
|
|
|
|
resp = await client.post('/auth/token', data={
|
2018-07-09 18:24:46 +02:00
|
|
|
'client_id': CLIENT_ID,
|
2018-05-01 12:20:41 -04:00
|
|
|
'grant_type': 'refresh_token',
|
|
|
|
|
'refresh_token': tokens['refresh_token']
|
2018-07-09 18:24:46 +02:00
|
|
|
})
|
2018-05-01 12:20:41 -04:00
|
|
|
|
|
|
|
|
assert resp.status == 200
|
|
|
|
|
tokens = await resp.json()
|
|
|
|
|
assert 'refresh_token' not in tokens
|
|
|
|
|
assert hass.auth.async_get_access_token(tokens['access_token']) is not None
|
|
|
|
|
|
|
|
|
|
# Test using access token to hit API.
|
|
|
|
|
resp = await client.get('/api/')
|
|
|
|
|
assert resp.status == 401
|
|
|
|
|
|
|
|
|
|
resp = await client.get('/api/', headers={
|
|
|
|
|
'authorization': 'Bearer {}'.format(tokens['access_token'])
|
|
|
|
|
})
|
|
|
|
|
assert resp.status == 200
|
2018-07-10 11:20:22 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_credential_store_expiration():
|
|
|
|
|
"""Test that the credential store will not return expired tokens."""
|
|
|
|
|
store, retrieve = auth._create_cred_store()
|
|
|
|
|
client_id = 'bla'
|
|
|
|
|
credentials = 'creds'
|
|
|
|
|
now = utcnow()
|
|
|
|
|
|
|
|
|
|
with patch('homeassistant.util.dt.utcnow', return_value=now):
|
|
|
|
|
code = store(client_id, credentials)
|
|
|
|
|
|
|
|
|
|
with patch('homeassistant.util.dt.utcnow',
|
|
|
|
|
return_value=now + timedelta(minutes=10)):
|
|
|
|
|
assert retrieve(client_id, code) is None
|
|
|
|
|
|
|
|
|
|
with patch('homeassistant.util.dt.utcnow', return_value=now):
|
|
|
|
|
code = store(client_id, credentials)
|
|
|
|
|
|
|
|
|
|
with patch('homeassistant.util.dt.utcnow',
|
|
|
|
|
return_value=now + timedelta(minutes=9, seconds=59)):
|
|
|
|
|
assert retrieve(client_id, code) == credentials
|
