6ddlZddlZddlZddlmZddlmZejZdddddid gd Z d dd d Z dZ dZ dZ GddeZdZej"de dZej"de dZej"de dZdZdZdZdZdZdZd Zd!Zd"Zd#Zd$Zd%Z ej"d&e d'Z!d(Z"d)Z#d*Z$y)+N) exceptions)reauthCHALLENGE_REQUIRED123READYPASSWORD)status challengeId challengeType securityKey)r sessionId challenges AUTHENTICATEDnew_rapt_token)r rencodedProofOfReauthTokenz1gl-python/3.7 auth/1.1 auth-request-type/re-startz0gl-python/3.7 auth/1.1 auth-request-type/re-contz"gl-python/3.7 auth/1.1 cred-type/uceZdZdZdZy) MockChallengec.||_||_||_yN)nameis_locally_eligiblechallenge_input)selfrlocally_eligiblers Rplatform/gsutil/third_party/google-auth-library-python/tests/oauth2/test_reauth.py__init__zMockChallenge.__init__3s #3 .c|jSr)r)rmetadatas robtain_challenge_inputz$MockChallenge.obtain_challenge_input8s###rN)__name__ __module__ __qualname__rr!rrrr2s / $rrctjdd5tjsJ dddy#1swYyxYw)Nzsys.stdin.isattyT return_value)mockpatchris_interactiver%rrtest_is_interactiver,<s/ &T :$$&&& ; : :s 9Az google.auth.metrics.reauth_startr'c tjd5}tjtdgd|j ttj dzddgidddtidddy#1swYyxYw) N-google.oauth2._client._token_endpoint_requestSAMLtoken:startsupportedChallengeTypesTx-goog-api-client access_tokenuse_jsonheadersr)r*r_get_challenges MOCK_REQUESTassert_called_with _REAUTH_API!REAUTH_START_METRICS_HEADER_VALUEmock_metrics_header_valuemock_token_endpoint_requests rtest__get_challengesrAAsw 7  $|fXw?#66     ) & 1 (*KL 7    s AA11A:c tjd5}tjtdgddg|j ttj dzdgdgdddd ti dddy#1swYyxYw) Nr.r/r0scoperequested_scopesr1)r2 oauthScopesForDomainPolicyLookupTr3r4r8r>s r test__get_challenges_with_scopesrGSs 7  $ 6(Gwi  $66     ),285s rtest__send_challenge_resultrQjs 7  $%% %|Z&@'  $66     0""#%1:$>   !(*NO 7    s AA88Bctjt}d|ddd<tj|t dJy)NSTATUS_UNSPECIFIEDrrr r0)copydeepcopyCHALLENGES_RESPONSE_TEMPLATEr_run_next_challenger:)challenges_responses r"test__run_next_challenge_not_readyrYsE--(DE5I %a(2""#6 gNVVrctjt}d|ddd<tjt j 5}tj|tddddjdsJy#1swYxYw)NCHALLENGE_TYPE_UNSPECIFIEDrrr r0z5Unsupported challenge type CHALLENGE_TYPE_UNSPECIFIED) rTrUrVpytestraisesrReauthFailErrorrrWr:matchrXexcinfos r&test__run_next_challenge_not_supportedrbso--(DE>>   7 6  s#$B'B6B'B$ B''B0c  tjt}tjd|5tjdd5tjdd5t j tj5}tjtdddddddddddjdsJ dddy#1swY6xYw#1swY:xYw#1swY>xYw#1swYyxYw)Nrmr'rtTrrr0zFailed to obtain rapt tokenrwr`s r%test__obtain_rapt_no_challenge_outputrzs--(DE .=P ZZ=D Q:]]:#=#=>''' gtD?R }};<<<  ?>R Q  sSC: C.!$C"C !C")C.1C:C C""C+ 'C..C7 3C::Dctjdt5tjdd5tjt j 5}tjtdddddjdsJ ddddddy#1swY.xYw#1swYxYw#1swYyxYw)Nrmr'rtFr0znot in an interactive session r)r*rVr\r]rr^rror:r_ras r!test__obtain_rapt_not_interactiver~s .1 ZZ=E Rz99:g##L'4@;==!AB BBS    ;:S R   s:B9$B-B!4B-B9!B* &B--B6 2B99Cctjdt5tjdd5tjt j 5}tjtdddddjdsJ ddddddy#1swY.xYw#1swYxYw#1swYyxYw)Nrmr'z.google.oauth2.reauth.RUN_CHALLENGE_RETRY_LIMITrr0zReauthentication failedr|r}s r#test__obtain_rapt_not_authenticatedrs .1 ZZH! Lz99:g##L'4@;==!;< <<M    ;:M L   s:B8$B,B 3B,B8 B) %B,,B5 1B88Cc |tjdd5}tjdd5}tjtdddd dk(sJ|j tdddd tj g |j td d ddddddy#1swYxYw#1swYyxYw) Nz#google.oauth2._client.refresh_grant)r0NNNr'z!google.oauth2.reauth._obtain_raptr client_id client_secret refresh_token token_uri)requestrrrrscopesr0rD)r)r*rget_rapt_tokenr:r; _REAUTH_SCOPE)mock_refresh_grantmock_obtain_rapts rtest_get_rapt_tokenrs -N %% ## $$ $  1 1$%--%,,- 2   / /g 0 +       s#B2A%B&B2&B/ +B22B;z&google.auth.metrics.token_request_userc tjd5}dddidf|_tjt j 5}tjtddddd d gd d dddjdsJ|jjrJ|jtddddddd ddtidddy#1swYcxYw#1swYyxYw)N6google.oauth2._client._token_endpoint_request_no_throwFerrorz Bad requestrrrrfoobar rapt_tokenTrrenable_reauth_refreshzfoo bar) grant_typerrrrCraptr3)r7)r)r*r(r\r]r RefreshErrorr refresh_grantr:r_value retryabler;"TOKEN_REQUEST_METRICS_HEADER_VALUE)r?mock_token_requestras rtest_refresh_grant_failedr$s @  +07M2JE*R' ]]:22 3w  u~'&* 4}}^,,,==****--  -(!0!0"$  )*LM . #  4 3   s$0C$C *AC C CC!c ttjd5}d|_tjt j 5}tjtddddddgd d dddjd sJ|jjrJ dddy#1swY>xYw#1swYyxYw) Nr)Fstring type errorFrrrrrrrTrr) r)r*r(r\r]rrrrr:r_rrrras r3test_refresh_grant_failed_with_string_type_responserIs @  *M' ]]:22 3w  u~'&* 4}}1222==*****!  4 3   s#+B.$B"%3B."B+ 'B..B7c 0tjd5}dddddfdddidfg|_tjdd 5tjt d d d dddd dddid fk(sJ ddddddy#1swYxYw#1swYyxYw)NrF invalid_grant rapt_requiredr error_subtypeTr5z#google.oauth2.reauth.get_rapt_tokenrr'rrrr)r)r)r*rsrrr:)rs rtest_refresh_grant_successr]s @   oPRV W NN3T :* &ZZ 1@P ''&* 0           s#,B ,B/B B B  Bc Rtjd5}dddddfdddidfg|_tjt j 5}tjtdd d d dddjd sJ dddy#1swY&xYw#1swYyxYw) NrFrrrTr5rrrrzReauthentication is needed) r)r*rsr\r]rrrrr:r_rs r*test_refresh_grant_reauth_refresh_disabledrxs @   oPRV W NN3T :* &]]:22 3w  k?K 4}}:;;;  4 3  s#8BB,BB BB&)%rTr)r\ google.authr google.oauth2rMockr:rVrnr=rProbjectrr,r*rArGrQrYrbrfrhrkrprurxrzr~rrrrrrr%rrrsm " tyy{ "'   !1%! %X!6%&J"$F$'  &5V     &5V  ( )5  ,S L    T$? =C=< ,3  B+(6