X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/ff382f6c37063c0c4c5d21c2834a8759e25c5d02..d1d6ea8ed2889f871b6d89d4fae6021f286f921a:/src/api/tests/tests.py diff --git a/src/api/tests/tests.py b/src/api/tests/tests.py index 38f1882bb..8dd29a5b6 100644 --- a/src/api/tests/tests.py +++ b/src/api/tests/tests.py @@ -17,7 +17,7 @@ from django.core.files.uploadedfile import SimpleUploadedFile from django.test import TestCase from django.test.utils import override_settings from mock import patch -from piston.models import Consumer, Token +from api.piston.models import Consumer, Token from catalogue.models import Book, Tag from picture.forms import PictureImportForm @@ -45,7 +45,7 @@ class ApiTest(TestCase): with open(filename) as f: good_content = f.read().rstrip() self.assertEqual(content, good_content, content) - + def assert_json_response(self, url, name): data = self.load_json(url) filename = path.join(path.dirname(__file__), 'res', 'responses', name) @@ -230,7 +230,7 @@ class BooksTests(ApiTest): class BlogTests(ApiTest): def test_get(self): - self.assertEqual(self.load_json('/api/blog/'), []) + self.assertEqual(self.load_json('/api/blog'), []) class PreviewTests(ApiTest): @@ -242,6 +242,8 @@ class OAuth1Tests(ApiTest): @classmethod def setUpClass(cls): cls.user = User.objects.create(username='test') + cls.user.set_password('test') + cls.user.save() cls.consumer_secret = 'len(quote(consumer secret))>=32' Consumer.objects.create( key='client', @@ -253,7 +255,8 @@ class OAuth1Tests(ApiTest): User.objects.all().delete() def test_create_token(self): - base_query = ("oauth_consumer_key=client&oauth_nonce=123&" + # Fetch request token. + base_query = ("oauth_consumer_key=client&oauth_nonce=12345678&" "oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&" "oauth_version=1.0".format(int(time()))) raw = '&'.join([ @@ -268,16 +271,26 @@ class OAuth1Tests(ApiTest): sign = quote(h) query = "{}&oauth_signature={}".format(base_query, sign) response = self.client.get('/api/oauth/request_token/?' + query) - request_token = parse_qs(response.content) + request_token_data = parse_qs(response.content) + request_token = request_token_data['oauth_token'][0] + request_token_secret = request_token_data['oauth_token_secret'][0] + + # Request token authorization. + self.client.login(username='test', password='test') + response = self.client.get('/api/oauth/authorize/?oauth_token=%s&oauth_callback=test://oauth.callback/' % request_token) + post_data = response.context['form'].initial - Token.objects.filter( - key=request_token['oauth_token'][0], token_type=Token.REQUEST - ).update(user=self.user, is_approved=True) + response = self.client.post('/api/oauth/authorize/?' + urlencode(post_data)) + self.assertEqual( + response['Location'], + 'test://oauth.callback/?oauth_token=' + request_token + ) - base_query = ("oauth_consumer_key=client&oauth_nonce=123&" + # Fetch access token. + base_query = ("oauth_consumer_key=client&oauth_nonce=12345678&" "oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&" "oauth_token={}&oauth_version=1.0".format( - int(time()), request_token['oauth_token'][0])) + int(time()), request_token)) raw = '&'.join([ 'GET', quote('http://testserver/api/oauth/access_token/', safe=''), @@ -285,7 +298,7 @@ class OAuth1Tests(ApiTest): ]) h = hmac.new( quote(self.consumer_secret) + '&' + - quote(request_token['oauth_token_secret'][0], safe=''), + quote(request_token_secret, safe=''), raw, hashlib.sha1 ).digest() @@ -293,11 +306,12 @@ class OAuth1Tests(ApiTest): sign = quote(h) query = u"{}&oauth_signature={}".format(base_query, sign) response = self.client.get(u'/api/oauth/access_token/?' + query) - access_token = parse_qs(response.content) + access_token_data = parse_qs(response.content) + access_token = access_token_data['oauth_token'][0] self.assertTrue( Token.objects.filter( - key=access_token['oauth_token'][0], + key=access_token, token_type=Token.ACCESS, user=self.user ).exists()) @@ -330,7 +344,7 @@ class AuthorizedTests(ApiTest): def signed(self, url, method='GET', params=None, data=None): auth_params = { "oauth_consumer_key": self.consumer.key, - "oauth_nonce": "%f" % time(), + "oauth_nonce": ("%f" % time()).replace('.', ''), "oauth_signature_method": "HMAC-SHA1", "oauth_timestamp": int(time()), "oauth_token": self.token.key, @@ -358,10 +372,11 @@ class AuthorizedTests(ApiTest): if params: url = url + '?' + urlencode(params) return getattr(self.client, method.lower())( - url, - data=data, - HTTP_AUTHORIZATION=auth - ) + url, + data=urlencode(data) if data else None, + content_type='application/x-www-form-urlencoded', + HTTP_AUTHORIZATION=auth, + ) def signed_json(self, url, method='GET', params=None, data=None): return json.loads(self.signed(url, method, params, data).content) @@ -371,10 +386,9 @@ class AuthorizedTests(ApiTest): [b['liked'] for b in self.signed_json('/api/books/')], [False, False, False] ) - # This one fails in the legacy implementation - # data = self.signed_json('/api/books/child/') - # self.assertFalse(data['parent']['liked']) - # self.assertFalse(data['children'][0]['liked']) + data = self.signed_json('/api/books/child/') + self.assertFalse(data['parent']['liked']) + self.assertFalse(data['children'][0]['liked']) self.assertEqual( self.signed_json('/api/like/parent/'), @@ -390,9 +404,8 @@ class AuthorizedTests(ApiTest): self.assertTrue(self.signed_json( '/api/filter-books/', params={"search": "parent"})[0]['liked']) - # This one fails in the legacy implementation. - #self.assertTrue(self.signed_json( - # '/api/books/child/')['parent']['liked']) + self.assertTrue(self.signed_json( + '/api/books/child/')['parent']['liked']) # Liked books go on shelf. self.assertEqual( [x['slug'] for x in self.signed_json('/api/shelf/likes/')],