from datetime import timedelta import pytest from fastapi import Request, status from fastapi.exceptions import HTTPException from decorators.auth import protected_route from handler.auth import oauth_handler from handler.database import db_user_handler from utils.router import APIRouter def test_create_oauth_token(): token = oauth_handler.create_access_token(data={"sub": "test_user"}) assert isinstance(token, str) async def test_get_current_active_user_from_bearer_token(admin_user): token = oauth_handler.create_access_token( data={ "sub": admin_user.username, "iss": "romm:oauth", "scopes": " ".join(admin_user.oauth_scopes), }, ) user, claims = await oauth_handler.get_current_active_user_from_bearer_token(token) if not user or not claims: pytest.fail("User or claims not found") assert user.id == admin_user.id assert claims["sub"] == admin_user.username assert claims["iss"] == "romm:oauth" assert set(claims["scopes"].split()).issubset(admin_user.oauth_scopes) assert claims["type"] == "access" async def test_get_current_active_user_from_bearer_token_invalid_token(): with pytest.raises(HTTPException): await oauth_handler.get_current_active_user_from_bearer_token("invalid_token") async def test_get_current_active_user_from_bearer_token_invalid_user(): token = oauth_handler.create_access_token( data={"sub": "invalid_user", "iss": "romm:oauth"} ) with pytest.raises(HTTPException): await oauth_handler.get_current_active_user_from_bearer_token(token) async def test_get_current_active_user_from_bearer_token_disabled_user(admin_user): token = oauth_handler.create_access_token( data={ "sub": admin_user.username, "iss": "romm:oauth", "scopes": " ".join(admin_user.oauth_scopes), }, ) db_user_handler.update_user(admin_user.id, {"enabled": False}) try: await oauth_handler.get_current_active_user_from_bearer_token(token) except HTTPException as e: assert e.status_code == status.HTTP_401_UNAUTHORIZED assert e.detail == "Disabled user" async def test_get_current_active_user_from_bearer_token_expired_token(admin_user): token = oauth_handler.create_access_token( data={ "sub": admin_user.username, "iss": "romm:oauth", "scopes": " ".join(admin_user.oauth_scopes), }, expires_delta=timedelta(seconds=-1), ) with pytest.raises(HTTPException) as exc: await oauth_handler.get_current_active_user_from_bearer_token(token) assert exc.value.status_code == status.HTTP_401_UNAUTHORIZED def test_protected_route(): router = APIRouter() @protected_route(router.get, "/test") def test_route(request: Request): return {"test": "test"} req = Request({"type": "http", "method": "GET", "url": "/test"}) assert test_route(req) == {"test": "test"}