Y@FdZddlZddlZddlZddlZddlZddlmZddlmZddl m Z ddl m Z ddl m Z ddl mZdd l mZdd l mZdd lmZdd lmZdd lmZej,dgej.Zej,dgdZGddej4Zy)zTests for the reauth module.N) http_client)urllib)client) challenges)reauth)errors) reauth_creds)_reauth_client)Oauth2WithReauthCredentials)model)u2fstatus)specrc4eZdZdZdZdZdZdZdZdZ Gdd e Z d"d Z d Z d ZdZdZdZdZej(didZej(dddZdZdZdZdZdZdZdZdZej(dd d!Zy )# ReauthTesta0This class contains tests for mocking reauth. The tests here are a bit more verbose since we are trying to mock out U2F, and present the reauth code some form of valid reply. This makes this test a bit of an integration test, as opposed to testing every individual method by itself. encoded_proof_of_reauth_tokencorrect_passwordzhttp://some_url.comsome_id some_secretc ttjj|d} t j |d}d|vr|dn|d}||jk(r?|jdtjk(rtt jddifS|tjdzk(r!dt jd d d d d idgdfS|tjdzk(r|jd |jd|jd|jd|jdijd|j k(rYdt jd dd ddddt#j$dj'dj)ddgddgdfSdt jdd d d d idgdfS|tjd zk(rg|jd|jd|jd|jddt jd!d"|j*d#fSt-d$j/||d#t $ri}Y--8 9.+%#$%/#%   %    >--0HH I   Q M : ;   Y H(= > .377 E(()TZZ2!/")'()7-J-7-3-E-E$4$;$;G$D.FFLfWo,+( $ #),TZZ1!/")'()3') $# )    >--0HH I   Q M : ;   Y H(= >)+-1__%   . 5 5c6&> JL LU G sI33 JJceZdZdZy)ReauthTest._U2FInterfaceMockctjtjj|d}tjdj dj |S)N some_origin key_handleresp)r ClientDataTYP_AUTHENTICATION SignResponserI)rN unused_app_idr3unused_registered_keys client_datas rS Authenticatez)ReauthTest._U2FInterfaceMock.AuthenticatesM**  33K%%l&9&9&;V]]_kZ ZN)__name__ __module__ __qualname__rarbrS_U2FInterfaceMockrVs [rbrgNctjjdtjdt j ||j|jd|j|S)NSK_SIGNING_PLUGINzunset SK_SIGNING_PLUGIN.some_refresh_tokenscopes) osenvironrAunittestSkipTestrget_rapt_token client_id client_secretr@)rN request_mockrls rS _call_reauthzReauthTest._call_reauths] ::>>- . :##$>? ?$$  NN        rbctj|i|}|j|j|j SN)mockpatch addCleanupstopstart)rNrOrPpatchers rS StartPatchzReauthTest.StartPatchs1**d-f-  %}}rbc |jd|_|j|j_|jd|_|j |j_|jd|_d|j _y)Nzpyu2f.u2f.GetLocalU2FInterfacezgetpass.getpassz sys.stdincy)NTrfrfrbrSz"ReauthTest.setUp..s$rb)r~u2f_local_interface_mockrg return_value getpass_mockris_interactive_mockisattyrNs rSsetUpzReauthTest.setUpsr(, ,).%595K5K5M%%2 OO,=>)-)>)>&#'??;#? *6  'rbctjd|j5}|j|}|j |j ||j d|j dddy#1swYyxYwNhttplib2.Http.request side_effectrxryrTrurFrK call_countrNrt reauth_results rStestPassAndGnubbyReauthz"ReauthTest.testPassAndGnubbyReauthsk ZZ/&*&D&DFIU --l;M   T__m <   Q 7 7 8 FFFs A A55A>ctjd|j5}|j|ddg}|j |j ||j d|j dddy#1swYyxYw)Nrrz&https://www.googleapis.com/auth/scope1z&https://www.googleapis.com/auth/scope2rrrs rStestPassWithScopeszReauthTest.testPassWithScopessz ZZ/&*&D&DFIU --l88=:;M   T__m <   Q 7 7 8 FFFs A A88Bc^tjd|j5}d|j_d|j g|j_|j|}|j|j||jd|jdddy#1swYyxYw)Nrrbad_pass) rxryrTrrrrrurFrKrrs rS(testIncorrectPassThenPassAndGnubbyReauthz3ReauthTest.testIncorrectPassThenPassAndGnubbyReauths ZZ/&*&D&DFIU-1D   *-79N9N,OD   ) --l;M   T__m <   Q 7 7 8 FFFs A8B##B,ctjd|j5}d|j_|j t j5|j|}ddddddy#1swYxYw#1swYyxYw)Nrrcy)NFrfrfrbrSrz4ReauthTest.testNonInteractiveError..serb) rxryrTrr assertRaisesrReauthUnattendedErrorru)rNrtunused_reauth_results rStestNonInteractiveErrorz"ReauthTest.testNonInteractiveErrorsz ZZ/&*&D&DFIU.;D $ $ +""6#?#?@'+'8'8'F$AFFA@FFs#2BA7&B7B <BB z-google_reauth.challenges.AVAILABLE_CHALLENGEScjtjd|j5}|jtj 5|j |}|j|j||jd|jddddddy#1swYxYw#1swYyxYwr rxryrTrrReauthFailErrorrurFrKrrs rStestChallengeNotSupportedz$ReauthTest.testChallengeNotSupported ZZ/&*&D&DFIU""6#9#9: $ 1 1, ?   -@  L$;$;<;FF::FF$ B)A B B)B& "B))B2z>google_reauth.challenges.PasswordChallenge.is_locally_eligibleFcjtjd|j5}|jtj 5|j |}|j|j||jd|jddddddy#1swYxYw#1swYyxYwrrrs rStestChallengeNotEligiblez#ReauthTest.testChallengeNotEligiblerrc ~fd}tjd|5}jtj5t j |jjdjdddjd|jdddy#1swY.xYw#1swYyxYw)Ncd|vr|dn|d}|jk(rfStdj||d)Nrrr9r)r@rLrM)rOrPrcontentresponserNs rSrz7ReauthTest.accessTokenRefreshError..side_effectsT#(F?&-QCt)))((299#vf~NP Prbrrrjr ) rxryrrHttpAccessTokenRefreshErrorrrefresh_access_tokenrrrsr@rFrrNrrrrts``` rSaccessTokenRefreshErrorz"ReauthTest.accessTokenRefreshErrors P ZZ/&136B""6#E#EF++ NN&&(&& (G   Q 7 7 833FF33# B38B':$B3'B0 ,B33B<c|jtd|jtd|jttjddiy)Nfooerrornon_reauth_error)rrC_error_responser=rDrs rStestAccessTokenRefreshErrorz&ReauthTest.testAccessTokenRefreshErrorsI $$\59 $$_e< $$_djj 'B)7* +rbc ~fd}tjd|5}jtj5t j |jjdjdddjd|jdddy#1swY.xYw#1swYyxYw)Ncpttjj|d} t j |d}d|vr|dn|d}|jk(r&|jdtjk(rfStdj||d#t $ri}YnwxYw)Nrrrrr9) r:rr;r<r=r>r?r@rArrBrLrM)rOrPrQrRrrrrNs rSrz6ReauthTest.reauthAccessTokenError..side_effectsfll,,VF^<=B **VF^4$)F?&-QC***F$8$88((299#vf~NP P   sB'' B54B5rrrjr ) rxryrrReauthAccessTokenRefreshErrorrrqrrrsr@rFrrs``` rSreauthAccessTokenErrorz!ReauthTest.reauthAccessTokenErrors PZZ/&136B""6#G#GH%% NN&&(&& (I   Q 7 7 833HH33rc|jtd|jttji|jttjddiy)Nrrz some error)rrCr=rDrrs rStestReauthAccessTokenErrorz%ReauthTest.testReauthAccessTokenError.sL ##L%8 ##L$**R.A ## TZZ,(?@ Brbc|jdtji|jdtjddi|jdtjdddy)NzInvalid response.zThere was an error.rz%There was an error: error descriptionzThere was an errorzerror description)rerror_description)rFr_get_refresh_error_messagers rStestResponseErrorMessagez#ReauthTest.testResponseErrorMessage4sq ,  - -b 1 3 .  - -w8M.N O Q @  - --%8/: ; .side_effect?sp#(F?&-QC***#TZZ"$=1?&@@@~11H<=W}$>rbrrrjr,) rxryrrReauthAPIErrorrrqrrrsr@rFr)rNrrrtes`` rSgetChallengesErrorzReauthTest.getChallengesError>s %ZZ/&136B""6#8#89Q%% NN&&(&& (:   Q 7 7 8339933s# B18B%8$B1%B. *B11B:c|jtjddi|jtjdddiiy)NrERRORrmessagez Some error)rr=rDrs rStestGetChallengesErrorz!ReauthTest.testGetChallengesErrorUsF  Hg+> ?@  i.,0!1 2rbc Rfd}jd}||_jtj5}t j |jjdjddddjd|jy#1swY&xYw)Nc d|vr|dn|d}|jk(rttjddifS|tj dzk(r dtjdddd d d gd fSy) Nrrrrrrr NOT_READYr r!)rr"r#r%r)rOrPrrNs rSrz>ReauthTest.testChallangeNotActivatedError..side_effect[s#(F?&-QC***#TZZ"$=1?&@@@~11H<=TZZ2!/"-'()3$5#6)7888>rbrrjrk) r~rrrrrrqrrrsr@rFr)rNrrtrs` rStestChallangeNotActivatedErrorz)ReauthTest.testChallangeNotActivatedErrorZs 8"'>? #.    v55 6!  ! !""$""  7 L3347 6s :BB&zDgoogle_reauth.challenges.SecurityKeyChallenge.obtain_challenge_input)rc2tjd|j5}|jtj 5|j |}ddd|jd|jdddy#1swY.xYw#1swYyxYw)Nrr) rxryrTrrrrurFr)rNchallenge_mockrtrs rStestRetryOnNoUserInputz!ReauthTest.testRetryOnNoUserInputxs} ZZ/&*&D&DFIU""6#9#9: $ 1 1, ? ;   Q 7 7 8 FF::FFs# B B$B B B  Brw) rcrdre__doc__rKrr@rrrsrTobjectrgrur~rrrrrrxryrrrrrrrrrrrrfrbrSrr,s1J))MI!MdLP[F[  7999GTZZ?D=E=TZZPRWX=Y=9$+ 90B <9.2 5<TZZVgkl9m9rbr)rrGr=rmrorx six.movesrr oauth2clientr google_reauthrrrr r google_reauth.reauth_credsr pyu2fr r MockOKrCrTestCaserrfrbrSrs|#  !$ &(Btyyxj@ $))(D9R9""R9rb