Merge pull request #41 from zalando-stups/implicit-flow

Implicit flow

requirements.txt

@@ -1,7 +1,4 @@
 clickclick>=1.0
-keyring
-keyrings.alt
-oauth2client>=4.0.0
 PyYAML
 requests
 stups-tokens

tests/test_api.py

@@ -15,14 +15,14 @@ def test_is_valid():
     assert not zign.api.is_valid({'creation_time': now - 3480, 'expires_in': 3600})
 
 
-def test_get_new_token_auth_fail(monkeypatch):
+def test_get_named_token_deprecated(monkeypatch):
+    logger = MagicMock()
     response = MagicMock(status_code=401)
-    monkeypatch.setattr('requests.get', MagicMock(return_value=response))
-    monkeypatch.setattr('stups_cli.config.store_config', lambda x, y: None)
-    with pytest.raises(zign.api.AuthenticationFailed) as excinfo:
-        zign.api.get_named_token('myrealm', ['myscope'], 'myuser', 'mypass', 'http://example.org')
-
-    assert 'Authentication failed: Token Service' in str(excinfo)
+    monkeypatch.setattr('zign.api.get_token', lambda x, y: 'mytok701')
+    monkeypatch.setattr('zign.api.logger', logger)
+    token = zign.api.get_named_token('myrealm', ['myscope'], 'myuser', 'mypass', 'http://example.org')
+    assert 'mytok701' == token['access_token']
+    logger.warning.assert_called_with('"get_named_token" is deprecated, please use "zign.api.get_token" instead')
 
 
 def test_get_new_token_server_error(monkeypatch):
@@ -55,17 +55,6 @@ def test_get_token_existing(monkeypatch):
     assert zign.api.get_token('mytok', ['myscope']) == 'tt77'
 
 
-def test_get_token_configuration_error(monkeypatch):
-    def get_token(name):
-        raise tokens.ConfigurationError('TEST')
-
-    monkeypatch.setattr('tokens.get', get_token)
-    monkeypatch.setattr('stups_cli.config.load_config', lambda x: {})
-
-    with pytest.raises(zign.api.ConfigurationError):
-        zign.api.get_token('mytok', ['myscope'])
-
-
 def test_get_token_service_success(monkeypatch):
     monkeypatch.setattr('tokens.get', lambda x: 'svc123')
 
@@ -77,9 +66,7 @@ def get_token(name):
         raise tokens.ConfigurationError('TEST')
 
     monkeypatch.setattr('tokens.get', get_token)
-    monkeypatch.setattr('stups_cli.config.load_config', lambda x: {'url': 'http://localhost'})
-    monkeypatch.setattr('os.getenv', lambda x: 'mypass')
-    monkeypatch.setattr('zign.api.get_new_token', lambda *args, **kwargs: {'access_token': 'tt77'})
+    monkeypatch.setattr('zign.api.get_token_implicit_flow', lambda *args, **kwargs: {'access_token': 'tt77'})
 
     assert zign.api.get_token('mytok', ['myscope']) == 'tt77'
 
@@ -105,3 +92,45 @@ def test_backwards_compatible_get_config(monkeypatch):
     monkeypatch.setattr('stups_cli.config.load_config', load_config)
     assert {'url': 'http://localhost'} == zign.api.get_config()
     load_config.assert_called_with('zign')
+
+
+def test_get_config(monkeypatch):
+    load_config = MagicMock()
+    load_config.return_value = {}
+    store_config = MagicMock()
+    def prompt(message, **kwargs):
+        # just return the prompt text for easy assertion
+        return message
+    monkeypatch.setattr('stups_cli.config.load_config', load_config)
+    monkeypatch.setattr('stups_cli.config.store_config', store_config)
+    monkeypatch.setattr('click.prompt', prompt)
+    monkeypatch.setattr('requests.get', lambda x, timeout: None)
+    config = zign.api.get_config(zign.config.CONFIG_NAME)
+    expected_config = {
+        'authorize_url': 'Please enter the OAuth 2 Authorization Endpoint URL',
+        'business_partner_id': 'Please enter the Business Partner ID',
+        'client_id': 'Please enter the OAuth 2 Client ID',
+        'token_url': 'Please enter the OAuth 2 Token Endpoint URL'
+    }
+    assert config == expected_config
+
+
+
+def test_token_implicit_flow(monkeypatch):
+
+    access_token = 'myacctok'
+
+    def webbrowser_open(url, **kwargs):
+        assert url == 'https://localhost/authorize?business_partner_id=123&client_id=foobar&redirect_uri=http://localhost:8081&response_type=token'
+
+    server = MagicMock()
+    server.return_value.query_params = {'access_token': access_token, 'refresh_token': 'foo', 'expires_in': 3600, 'token_type': 'Bearer'}
+
+    load_config = MagicMock()
+    load_config.return_value = {'authorize_url': 'https://localhost/authorize', 'token_url': 'https://localhost/token', 'client_id': 'foobar', 'business_partner_id': '123'}
+    monkeypatch.setattr('stups_cli.config.load_config', load_config)
+    monkeypatch.setattr('zign.api.load_config_ztoken', lambda x: {})
+    monkeypatch.setattr('webbrowser.open', webbrowser_open)
+    monkeypatch.setattr('zign.api.ClientRedirectServer', server)
+    token = zign.api.get_token_implicit_flow('test_token_implicit_flow')
+    assert access_token == token['access_token']

tests/test_cli_zign.py

@@ -7,19 +7,12 @@
 def test_create_list_delete(monkeypatch):
     token = 'abc-123'
 
-    response = MagicMock()
-    response.status_code = 200
-    response.json.return_value = {'access_token': token}
-
-    monkeypatch.setattr('keyring.set_password', MagicMock())
-    monkeypatch.setattr('requests.get', MagicMock(return_value=response))
-    monkeypatch.setattr('stups_cli.config.store_config', MagicMock())
+    monkeypatch.setattr('zign.api.perform_implicit_flow', lambda a: {'access_token': token, 'expires_in': 1, 'token_type': 'test'})
 
     runner = CliRunner()
 
     with runner.isolated_filesystem():
-        result = runner.invoke(cli_zign, ['token', '-n', 'mytok', '--password', 'mypass'], catch_exceptions=False,
-                               input='localhost\n')
+        result = runner.invoke(cli_zign, ['token', '-n', 'mytok', '--password', 'mypass'], catch_exceptions=False)
 
         assert token == result.output.rstrip().split('\n')[-1]
 
@@ -35,96 +28,3 @@ def test_create_list_delete(monkeypatch):
 
         # should work again for already deleted tokens
         result = runner.invoke(cli_zign, ['delete', 'mytok'], catch_exceptions=False)
-
-
-def test_empty_config(monkeypatch):
-    token = 'abc-123'
-
-    response = MagicMock()
-    response.status_code = 200
-    response.json.return_value = {'access_token': token}
-
-    monkeypatch.setattr('keyring.set_password', MagicMock())
-    monkeypatch.setattr('stups_cli.config.load_config', lambda x: {})
-    monkeypatch.setattr('stups_cli.config.store_config', lambda x, y: None)
-    monkeypatch.setattr('requests.get', MagicMock(return_value=response))
-
-    runner = CliRunner()
-
-    with runner.isolated_filesystem():
-        result = runner.invoke(cli_zign, ['token', '-n', 'mytok', '--password', 'mypass'], catch_exceptions=False,
-                               input='localhost\n')
-        assert token == result.output.rstrip().split('\n')[-1]
-
-
-def test_auth_failure(monkeypatch):
-    token = 'abc-123'
-
-    def get(url, auth, **kwargs):
-        response = MagicMock()
-        if auth[1] == 'correctpass':
-            response.status_code = 200
-            response.json.return_value = {'access_token': token}
-        else:
-            response.status_code = 401
-        return response
-
-    monkeypatch.setattr('keyring.set_password', MagicMock())
-    monkeypatch.setattr('stups_cli.config.load_config', lambda x: {'url': 'http://localhost'})
-    monkeypatch.setattr('stups_cli.config.store_config', lambda x, y: None)
-    monkeypatch.setattr('requests.get', get)
-
-    runner = CliRunner()
-
-    with runner.isolated_filesystem():
-        result = runner.invoke(cli_zign, ['token', '-n', 'mytok', '-U', 'myusr', '--password', 'mypass'],
-                               catch_exceptions=False, input='wrongpw\ncorrectpass\n')
-        assert 'Authentication failed: Token Service returned ' in result.output
-        assert 'Please check your username and password and try again.' in result.output
-        assert 'Password for myusr: ' in result.output
-        assert token == result.output.rstrip().split('\n')[-1]
-
-
-def test_server_error(monkeypatch):
-    def get(url, **kwargs):
-        response = MagicMock()
-        response.status_code = 503
-        return response
-
-    monkeypatch.setattr('keyring.set_password', MagicMock())
-    monkeypatch.setattr('stups_cli.config.load_config', lambda x: {'url': 'http://localhost'})
-    monkeypatch.setattr('stups_cli.config.store_config', lambda x, y: None)
-    monkeypatch.setattr('requests.get', get)
-
-    runner = CliRunner()
-
-    with runner.isolated_filesystem():
-        result = runner.invoke(cli_zign, ['token', '-n', 'mytok', '-U', 'myusr', '--password', 'mypass'],
-                               catch_exceptions=False)
-        assert 'Server error: Token Service returned HTTP status 503' in result.output
-
-
-def test_user_config(monkeypatch):
-    token = 'abc-123'
-
-    response = MagicMock()
-    response.status_code = 200
-    response.json.return_value = {'access_token': token}
-
-    def get_token(url, auth, **kwargs):
-        assert url == 'https://localhost/access_token'
-        user, passwd = auth
-        assert user == 'jdoe'
-        return response
-
-    monkeypatch.setattr('keyring.set_password', MagicMock())
-    monkeypatch.setattr('stups_cli.config.load_config',
-                        lambda x: {'user': 'jdoe', 'url': 'https://localhost/access_token'})
-    monkeypatch.setattr('stups_cli.config.store_config', lambda x, y: None)
-    monkeypatch.setattr('requests.get', get_token)
-
-    runner = CliRunner()
-
-    with runner.isolated_filesystem():
-        result = runner.invoke(cli_zign, ['token', '-n', 'mytok', '--password', 'mypass'], catch_exceptions=False)
-        assert token == result.output.rstrip().split('\n')[-1]