core/tests/components/auth/test_init.py

"""Integration tests for the auth component."""
from datetime import timedelta
from unittest.mock import patch

from homeassistant.util.dt import utcnow
from homeassistant.components import auth

from . import async_setup_auth

from tests.common import CLIENT_ID, CLIENT_REDIRECT_URI


async def test_login_new_user_and_trying_refresh_token(hass, aiohttp_client):
    """Test logging in with new user and refreshing tokens."""
    client = await async_setup_auth(hass, aiohttp_client, setup_api=True)
    resp = await client.post('/auth/login_flow', json={
        'client_id': CLIENT_ID,
        'handler': ['insecure_example', None],
        'redirect_uri': CLIENT_REDIRECT_URI,
    })
    assert resp.status == 200
    step = await resp.json()

    resp = await client.post(
        '/auth/login_flow/{}'.format(step['flow_id']), json={
            'client_id': CLIENT_ID,
            'username': 'test-user',
            'password': 'test-pass',
        })

    assert resp.status == 200
    step = await resp.json()
    code = step['result']

    # Exchange code for tokens
    resp = await client.post('/auth/token', data={
        'client_id': CLIENT_ID,
        'grant_type': 'authorization_code',
        'code': code
    })

    # User is not active
    assert resp.status == 403
    data = await resp.json()
    assert data['error'] == 'access_denied'
    assert data['error_description'] == 'User is not active'


def test_credential_store_expiration():
    """Test that the credential store will not return expired tokens."""
    store, retrieve = auth._create_cred_store()
    client_id = 'bla'
    credentials = 'creds'
    now = utcnow()

    with patch('homeassistant.util.dt.utcnow', return_value=now):
        code = store(client_id, credentials)

    with patch('homeassistant.util.dt.utcnow',
               return_value=now + timedelta(minutes=10)):
        assert retrieve(client_id, code) is None

    with patch('homeassistant.util.dt.utcnow', return_value=now):
        code = store(client_id, credentials)

    with patch('homeassistant.util.dt.utcnow',
               return_value=now + timedelta(minutes=9, seconds=59)):
        assert retrieve(client_id, code) == credentials
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00			`"""Integration tests for the auth component."""`
Expire auth code after 10 minutes (#15381) 2018-07-10 09:20:22 +00:00			`from datetime import timedelta`
			`from unittest.mock import patch`

			`from homeassistant.util.dt import utcnow`
			`from homeassistant.components import auth`

Use IndieAuth for client ID (#15369) * Use IndieAuth for client ID * Lint * Lint & Fix tests * Allow local IP addresses * Update comment 2018-07-09 16:24:46 +00:00			`from . import async_setup_auth`

			`from tests.common import CLIENT_ID, CLIENT_REDIRECT_URI`
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00

Add user via cmd line creates owner (#15470) * Add user via cmd line creates owner * Ensure access tokens are not verified for inactive users * Stale print * Lint 2018-07-15 18:46:15 +00:00			`async def test_login_new_user_and_trying_refresh_token(hass, aiohttp_client):`
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00			`"""Test logging in with new user and refreshing tokens."""`
			`client = await async_setup_auth(hass, aiohttp_client, setup_api=True)`
			`resp = await client.post('/auth/login_flow', json={`
Use IndieAuth for client ID (#15369) * Use IndieAuth for client ID * Lint * Lint & Fix tests * Allow local IP addresses * Update comment 2018-07-09 16:24:46 +00:00			`'client_id': CLIENT_ID,`
Backend tweaks to make authorization work (#14339) * Backend tweaks to make authorization work * Lint * Add test * Validate redirect uris * Fix tests * Fix tests * Lint 2018-05-10 08:38:11 +00:00			`'handler': ['insecure_example', None],`
			`'redirect_uri': CLIENT_REDIRECT_URI,`
Use IndieAuth for client ID (#15369) * Use IndieAuth for client ID * Lint * Lint & Fix tests * Allow local IP addresses * Update comment 2018-07-09 16:24:46 +00:00			`})`
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00			`assert resp.status == 200`
			`step = await resp.json()`

			`resp = await client.post(`
			`'/auth/login_flow/{}'.format(step['flow_id']), json={`
Use IndieAuth for client ID (#15369) * Use IndieAuth for client ID * Lint * Lint & Fix tests * Allow local IP addresses * Update comment 2018-07-09 16:24:46 +00:00			`'client_id': CLIENT_ID,`
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00			`'username': 'test-user',`
			`'password': 'test-pass',`
Use IndieAuth for client ID (#15369) * Use IndieAuth for client ID * Lint * Lint & Fix tests * Allow local IP addresses * Update comment 2018-07-09 16:24:46 +00:00			`})`
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00
			`assert resp.status == 200`
			`step = await resp.json()`
			`code = step['result']`

			`# Exchange code for tokens`
			`resp = await client.post('/auth/token', data={`
Add user via cmd line creates owner (#15470) * Add user via cmd line creates owner * Ensure access tokens are not verified for inactive users * Stale print * Lint 2018-07-15 18:46:15 +00:00			`'client_id': CLIENT_ID,`
			`'grant_type': 'authorization_code',`
			`'code': code`
Foundation for users (#13968) * Add initial user foundation to Home Assistant * Address comments * Address comments * Allow non-ascii passwords * One more utf-8 hmac compare digest * Add new line 2018-05-01 16:20:41 +00:00			`})`
Add user via cmd line creates owner (#15470) * Add user via cmd line creates owner * Ensure access tokens are not verified for inactive users * Stale print * Lint 2018-07-15 18:46:15 +00:00
			`# User is not active`
Aware comments (#15480) * Make sure we cannot deactivate the owner * Use different error code when trying to fetch token for inactive user 2018-07-15 21:09:05 +00:00			`assert resp.status == 403`
			`data = await resp.json()`
			`assert data['error'] == 'access_denied'`
			`assert data['error_description'] == 'User is not active'`
Expire auth code after 10 minutes (#15381) 2018-07-10 09:20:22 +00:00

			`def test_credential_store_expiration():`
			`"""Test that the credential store will not return expired tokens."""`
			`store, retrieve = auth._create_cred_store()`
			`client_id = 'bla'`
			`credentials = 'creds'`
			`now = utcnow()`

			`with patch('homeassistant.util.dt.utcnow', return_value=now):`
			`code = store(client_id, credentials)`

			`with patch('homeassistant.util.dt.utcnow',`
			`return_value=now + timedelta(minutes=10)):`
			`assert retrieve(client_id, code) is None`

			`with patch('homeassistant.util.dt.utcnow', return_value=now):`
			`code = store(client_id, credentials)`

			`with patch('homeassistant.util.dt.utcnow',`
			`return_value=now + timedelta(minutes=9, seconds=59)):`
			`assert retrieve(client_id, code) == credentials`