Store access tokens for multiple instances

This makes it so an app is created only once for each instance, instead of being re-created on each login. Prevents accumulations of authroized apps in https://mastodon.social/oauth/authorized_applications
2025-10-21 19:44:16 -04:00 · 2017-04-18 16:16:24 +02:00
parent ed20c7fded
commit 3f44d560c8
7 changed files with 137 additions and 94 deletions
--- a/tests/test_api.py
+++ b/tests/test_api.py
@@ -1,22 +1,18 @@
 # -*- coding: utf-8 -*-
+import pytest
 import requests

-from toot import App, User, CLIENT_NAME, CLIENT_WEBSITE
-from toot.api import create_app, login, SCOPES
-
-
-class MockResponse:
-    def __init__(self, response_data={}):
-        self.response_data = response_data
-
-    def raise_for_status(self):
-        pass
-
-    def json(self):
-        return self.response_data
+from toot import App, CLIENT_NAME, CLIENT_WEBSITE
+from toot.api import create_app, login, SCOPES, AuthenticationError
+from tests.utils import MockResponse


 def test_create_app(monkeypatch):
+    response = {
+        'client_id': 'foo',
+        'client_secret': 'bar',
+    }
+
    def mock_post(url, data):
        assert url == 'https://bigfish.software/api/v1/apps'
        assert data == {
@@ -25,24 +21,25 @@ def test_create_app(monkeypatch):
            'scopes': SCOPES,
            'redirect_uris': 'urn:ietf:wg:oauth:2.0:oob'
        }
-        return MockResponse({
-            'client_id': 'foo',
-            'client_secret': 'bar',
-        })
+        return MockResponse(response)

    monkeypatch.setattr(requests, 'post', mock_post)

-    app = create_app('https://bigfish.software')
-
-    assert isinstance(app, App)
-    assert app.client_id == 'foo'
-    assert app.client_secret == 'bar'
+    assert create_app('bigfish.software') == response


 def test_login(monkeypatch):
-    app = App('https://bigfish.software', 'foo', 'bar')
+    app = App('bigfish.software', 'https://bigfish.software', 'foo', 'bar')

-    def mock_post(url, data):
+    response = {
+        'token_type': 'bearer',
+        'scope': 'read write follow',
+        'access_token': 'xxx',
+        'created_at': 1492523699
+    }
+
+    def mock_post(url, data, allow_redirects):
+        assert not allow_redirects
        assert url == 'https://bigfish.software/oauth/token'
        assert data == {
            'grant_type': 'password',
@@ -52,14 +49,32 @@ def test_login(monkeypatch):
            'password': 'pass',
            'scope': SCOPES,
        }
-        return MockResponse({
-            'access_token': 'xxx',
-        })
+
+        return MockResponse(response)

    monkeypatch.setattr(requests, 'post', mock_post)

-    user = login(app, 'user', 'pass')
+    assert login(app, 'user', 'pass') == response

-    assert isinstance(user, User)
-    assert user.username == 'user'
-    assert user.access_token == 'xxx'
+
+def test_login_failed(monkeypatch):
+    app = App('bigfish.software', 'https://bigfish.software', 'foo', 'bar')
+
+    def mock_post(url, data, allow_redirects):
+        assert not allow_redirects
+        assert url == 'https://bigfish.software/oauth/token'
+        assert data == {
+            'grant_type': 'password',
+            'client_id': app.client_id,
+            'client_secret': app.client_secret,
+            'username': 'user',
+            'password': 'pass',
+            'scope': SCOPES,
+        }
+
+        return MockResponse(is_redirect=True)
+
+    monkeypatch.setattr(requests, 'post', mock_post)
+
+    with pytest.raises(AuthenticationError):
+        login(app, 'user', 'pass')