|
5 | 5 | import tempfile |
6 | 6 | import subprocess |
7 | 7 | import shutil |
8 | | -from datetime import datetime, timedelta, date |
| 8 | +from datetime import datetime, timedelta, date, timezone |
9 | 9 | import pytest |
10 | 10 | import pytz |
11 | 11 | import sqlite3 |
|
14 | 14 | from .. import InvalidProject |
15 | 15 | from ..client import ( |
16 | 16 | MerginClient, |
| 17 | + AuthTokenExpiredError, |
17 | 18 | ClientError, |
18 | 19 | MerginProject, |
19 | 20 | LoginError, |
@@ -2910,3 +2911,61 @@ def test_do_request_error_handling(mc: MerginClient): |
2910 | 2911 |
|
2911 | 2912 | assert e.value.http_error == 400 |
2912 | 2913 | assert "Passwords must be at least 8 characters long." in e.value.detail |
| 2914 | + |
| 2915 | + |
| 2916 | +def test_validate_auth(mc: MerginClient): |
| 2917 | + """Test validate authentication under different scenarios.""" |
| 2918 | + |
| 2919 | + # ----- Client without authentication ----- |
| 2920 | + mc_not_auth = MerginClient(SERVER_URL) |
| 2921 | + |
| 2922 | + with pytest.raises(ClientError) as e: |
| 2923 | + mc_not_auth.validate_auth() |
| 2924 | + |
| 2925 | + assert e.value.detail == "Missing login or password" |
| 2926 | + |
| 2927 | + # ----- Client with token ----- |
| 2928 | + # create a client with valid auth token based on other MerginClient instance, but not with username/password |
| 2929 | + mc_auth_token = MerginClient(SERVER_URL, auth_token=mc._auth_session["token"]) |
| 2930 | + |
| 2931 | + # this should pass and not raise an error |
| 2932 | + mc_auth_token.validate_auth() |
| 2933 | + |
| 2934 | + # manually set expire date to the past to simulate expired token |
| 2935 | + mc_auth_token._auth_session["expire"] = datetime.now(timezone.utc) - timedelta(days=1) |
| 2936 | + |
| 2937 | + # check that this raises an error |
| 2938 | + with pytest.raises(AuthTokenExpiredError): |
| 2939 | + mc_auth_token.validate_auth() |
| 2940 | + |
| 2941 | + # ----- Client with token and username/password ----- |
| 2942 | + # create a client with valid auth token based on other MerginClient instance with username/password that allows relogin if the token is expired |
| 2943 | + mc_auth_token_login = MerginClient( |
| 2944 | + SERVER_URL, auth_token=mc._auth_session["token"], login=API_USER, password=USER_PWD |
| 2945 | + ) |
| 2946 | + |
| 2947 | + # this should pass and not raise an error |
| 2948 | + mc_auth_token_login.validate_auth() |
| 2949 | + |
| 2950 | + # manually set expire date to the past to simulate expired token |
| 2951 | + mc_auth_token_login._auth_session["expire"] = datetime.now(timezone.utc) - timedelta(days=1) |
| 2952 | + |
| 2953 | + # this should pass and not raise an error, as the client is able to re-login |
| 2954 | + mc_auth_token_login.validate_auth() |
| 2955 | + |
| 2956 | + # ----- Client with token and username/WRONG password ----- |
| 2957 | + # create a client with valid auth token based on other MerginClient instance with username and WRONG password |
| 2958 | + # that does NOT allow relogin if the token is expired |
| 2959 | + mc_auth_token_login_wrong_password = MerginClient( |
| 2960 | + SERVER_URL, auth_token=mc._auth_session["token"], login=API_USER, password="WRONG_PASSWORD" |
| 2961 | + ) |
| 2962 | + |
| 2963 | + # this should pass and not raise an error |
| 2964 | + mc_auth_token_login_wrong_password.validate_auth() |
| 2965 | + |
| 2966 | + # manually set expire date to the past to simulate expired token |
| 2967 | + mc_auth_token_login_wrong_password._auth_session["expire"] = datetime.now(timezone.utc) - timedelta(days=1) |
| 2968 | + |
| 2969 | + # this should pass and not raise an error, as the client is able to re-login |
| 2970 | + with pytest.raises(LoginError): |
| 2971 | + mc_auth_token_login_wrong_password.validate_auth() |
0 commit comments