diff options
| author | pennae <github@quasiparticle.net> | 2022-07-13 10:33:30 +0200 |
|---|---|---|
| committer | pennae <github@quasiparticle.net> | 2022-07-13 13:27:12 +0200 |
| commit | 2f8dce44d3f2be74b5c6ec0a2e7f4ceced715328 (patch) | |
| tree | caff55807c5fc773a36aa773cfde9cd6ebbbb6c8 /tests/test_auth_session.py | |
| download | minor-skulk-2f8dce44d3f2be74b5c6ec0a2e7f4ceced715328.tar.gz minor-skulk-2f8dce44d3f2be74b5c6ec0a2e7f4ceced715328.tar.xz minor-skulk-2f8dce44d3f2be74b5c6ec0a2e7f4ceced715328.zip | |
initial import
Diffstat (limited to 'tests/test_auth_session.py')
| -rw-r--r-- | tests/test_auth_session.py | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/tests/test_auth_session.py b/tests/test_auth_session.py new file mode 100644 index 0000000..3a6e7c4 --- /dev/null +++ b/tests/test_auth_session.py @@ -0,0 +1,69 @@ +import pytest +from fxa.errors import ClientError + +from api import * + +def test_session_loggedout(client): + with pytest.raises(ClientError) as e: + client.post("/session/destroy") + assert e.value.details == { + 'code': 401, + 'errno': 109, + 'error': 'Unauthorized', + 'message': 'invalid request signature' + } + +def test_status(account): + resp = account.get_a("/session/status") + assert resp == { 'state': '', 'uid': account.props['uid'] } + +def test_resend(account, mail_server): + c = account.login(account.email, "") + (to, body) = mail_server.wait() + assert to == [account.email] + c.post_a("/session/resend_code", {}) + (to2, body2) = mail_server.wait() + assert to == to2 + assert body == body2 + +@pytest.mark.parametrize("args", [ + { 'custom_session_id': '00' }, + { 'extra': '00' }, +]) +def test_session_invalid(account, args): + with pytest.raises(ClientError) as e: + account.post_a("/session/destroy", args) + assert e.value.details == { + 'code': 400, + 'errno': 107, + 'error': 'Bad Request', + 'message': 'invalid parameter in request body' + } + +def test_session_noid(account): + with pytest.raises(ClientError) as e: + account.post_a("/session/destroy", { 'custom_session_id': '0' * 64 }) + assert e.value.details == { + 'code': 400, + 'errno': 123, + 'error': 'Bad Request', + 'message': 'unknown device' + } + +def test_session_destroy_other(account, account2): + with pytest.raises(ClientError) as e: + account.post_a("/session/destroy", { 'custom_session_id': account2.auth.id }) + assert e.value.details == { + 'code': 400, + 'errno': 123, + 'error': 'Bad Request', + 'message': 'unknown device' + } + +def test_session_destroy_unverified(unverified_account): + unverified_account.destroy_session() + unverified_account.destroy_session = lambda *args: None + +def test_session_destroy(account): + s = account.login(account.email, "") + s.destroy_session() |