[go: nahoru, domu]
Skip to content

Commit

Permalink
Skip tests that fail with auth emulator
Browse files Browse the repository at this point in the history
  • Loading branch information
@muru
muru committed Mar 5, 2021
1 parent 6837b74 commit 17e28e6
Show file tree
Hide file tree
Showing 2 changed files with 76 additions and 6 deletions.
52 changes: 46 additions & 6 deletions integration/test_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
"""Integration tests for firebase_admin.auth module."""
import base64
import datetime
import os
import random
import string
import time
Expand All @@ -32,11 +33,18 @@
from firebase_admin import credentials


_verify_token_url = 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken'
_verify_password_url = 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword'
_password_reset_url = 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/resetPassword'
_verify_email_url = 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/setAccountInfo'
_email_sign_in_url = 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/emailLinkSignin'
_EMULATOR_HOST_ENV_VAR = 'FIREBASE_AUTH_EMULATOR_HOST'
URL_PREFIX = 'https://www.googleapis.com/identitytoolkit'

emulator_host = os.getenv(_EMULATOR_HOST_ENV_VAR)
if emulator_host:
URL_PREFIX = 'http://{0}/www.googleapis.com/identitytoolkit'.format(emulator_host)

_verify_token_url = '{0}/v3/relyingparty/verifyCustomToken'.format(URL_PREFIX)
_verify_password_url = '{0}/v3/relyingparty/verifyPassword'.format(URL_PREFIX)
_password_reset_url = '{0}/v3/relyingparty/resetPassword'.format(URL_PREFIX)
_verify_email_url = '{0}/v3/relyingparty/setAccountInfo'.format(URL_PREFIX)
_email_sign_in_url = '{0}/v3/relyingparty/emailLinkSignin'.format(URL_PREFIX)

ACTION_LINK_CONTINUE_URL = 'http://localhost?a=1&b=5#f=1'

Expand Down Expand Up @@ -123,6 +131,8 @@ def test_custom_token(api_key):
assert claims['uid'] == 'user1'

def test_custom_token_without_service_account(api_key):
if emulator_host:
pytest.skip("Not supported with auth emulator")
google_cred = firebase_admin.get_app().credential.get_credential()
cred = CredentialWrapper.from_existing_credential(google_cred)
custom_app = firebase_admin.initialize_app(cred, {
Expand Down Expand Up @@ -427,7 +437,8 @@ def test_create_user(new_user):
assert user.disabled is False
assert user.custom_claims is None
assert user.user_metadata.creation_timestamp > 0
assert user.user_metadata.last_sign_in_timestamp is None
if not emulator_host:
assert user.user_metadata.last_sign_in_timestamp is None
assert len(user.provider_data) == 0
with pytest.raises(auth.UidAlreadyExistsError):
auth.create_user(uid=new_user.uid)
Expand Down Expand Up @@ -560,6 +571,9 @@ def test_verify_id_token_revoked(new_user, api_key):
# verify_id_token succeeded because it didn't check revoked.
assert claims['iat'] * 1000 < user.tokens_valid_after_timestamp

if emulator_host:
pytest.skip("Not supported with auth emulator")

with pytest.raises(auth.RevokedIdTokenError) as excinfo:
claims = auth.verify_id_token(id_token, check_revoked=True)
assert str(excinfo.value) == 'The Firebase ID token has been revoked.'
Expand Down Expand Up @@ -604,6 +618,8 @@ def test_import_users():
auth.delete_user(uid)

def test_import_users_with_password(api_key):
if emulator_host:
pytest.skip("Not supported with auth emulator")
uid, email = _random_id()
password_hash = base64.b64decode(
'V358E8LdWJXAO7muq0CufVpEOXaj8aFiC7T/rcaGieN04q/ZPJ08WhJEHGjj9lz/2TT+/86N5VjVoc5DdBhBiw==')
Expand Down Expand Up @@ -687,6 +703,8 @@ def oidc_provider():


def test_create_oidc_provider_config(oidc_provider):
if emulator_host:
pytest.skip("Not supported with auth emulator")
assert isinstance(oidc_provider, auth.OIDCProviderConfig)
assert oidc_provider.client_id == 'OIDC_CLIENT_ID'
assert oidc_provider.issuer == 'https://oidc.com/issuer'
Expand All @@ -695,6 +713,8 @@ def test_create_oidc_provider_config(oidc_provider):


def test_get_oidc_provider_config(oidc_provider):
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_config = auth.get_oidc_provider_config(oidc_provider.provider_id)
assert isinstance(provider_config, auth.OIDCProviderConfig)
assert provider_config.provider_id == oidc_provider.provider_id
Expand All @@ -705,6 +725,8 @@ def test_get_oidc_provider_config(oidc_provider):


def test_list_oidc_provider_configs(oidc_provider):
if emulator_host:
pytest.skip("Not supported with auth emulator")
page = auth.list_oidc_provider_configs()
result = None
for provider_config in page.iterate_all():
Expand All @@ -716,6 +738,8 @@ def test_list_oidc_provider_configs(oidc_provider):


def test_update_oidc_provider_config():
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_config = _create_oidc_provider_config()
try:
provider_config = auth.update_oidc_provider_config(
Expand All @@ -733,6 +757,8 @@ def test_update_oidc_provider_config():


def test_delete_oidc_provider_config():
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_config = _create_oidc_provider_config()
auth.delete_oidc_provider_config(provider_config.provider_id)
with pytest.raises(auth.ConfigurationNotFoundError):
Expand All @@ -747,6 +773,8 @@ def saml_provider():


def test_create_saml_provider_config(saml_provider):
if emulator_host:
pytest.skip("Not supported with auth emulator")
assert isinstance(saml_provider, auth.SAMLProviderConfig)
assert saml_provider.idp_entity_id == 'IDP_ENTITY_ID'
assert saml_provider.sso_url == 'https://example.com/login'
Expand All @@ -758,6 +786,8 @@ def test_create_saml_provider_config(saml_provider):


def test_get_saml_provider_config(saml_provider):
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_config = auth.get_saml_provider_config(saml_provider.provider_id)
assert isinstance(provider_config, auth.SAMLProviderConfig)
assert provider_config.provider_id == saml_provider.provider_id
Expand All @@ -771,6 +801,8 @@ def test_get_saml_provider_config(saml_provider):


def test_list_saml_provider_configs(saml_provider):
if emulator_host:
pytest.skip("Not supported with auth emulator")
page = auth.list_saml_provider_configs()
result = None
for provider_config in page.iterate_all():
Expand All @@ -782,6 +814,8 @@ def test_list_saml_provider_configs(saml_provider):


def test_update_saml_provider_config():
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_config = _create_saml_provider_config()
try:
provider_config = auth.update_saml_provider_config(
Expand All @@ -806,13 +840,17 @@ def test_update_saml_provider_config():


def test_delete_saml_provider_config():
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_config = _create_saml_provider_config()
auth.delete_saml_provider_config(provider_config.provider_id)
with pytest.raises(auth.ConfigurationNotFoundError):
auth.get_saml_provider_config(provider_config.provider_id)


def _create_oidc_provider_config():
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_id = 'oidc.{0}'.format(_random_string())
return auth.create_oidc_provider_config(
provider_id=provider_id,
Expand All @@ -823,6 +861,8 @@ def _create_oidc_provider_config():


def _create_saml_provider_config():
if emulator_host:
pytest.skip("Not supported with auth emulator")
provider_id = 'saml.{0}'.format(_random_string())
return auth.create_saml_provider_config(
provider_id=provider_id,
Expand Down
30 changes: 30 additions & 0 deletions tests/test_token_gen.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@

import firebase_admin
from firebase_admin import auth
from firebase_admin import _auth_utils
from firebase_admin import credentials
from firebase_admin import exceptions
from firebase_admin import _token_gen
Expand Down Expand Up @@ -219,6 +220,8 @@ class TestCreateCustomToken:

@pytest.mark.parametrize('values', valid_args.values(), ids=list(valid_args))
def test_valid_params(self, auth_app, values):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
user, claims = values
custom_token = auth.create_custom_token(user, claims, app=auth_app)
verify_custom_token(custom_token, claims)
Expand All @@ -230,10 +233,14 @@ def test_invalid_params(self, auth_app, values):
auth.create_custom_token(user, claims, app=auth_app)

def test_noncert_credential(self, user_mgt_app):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
with pytest.raises(ValueError):
auth.create_custom_token(MOCK_UID, app=user_mgt_app)

def test_sign_with_iam(self):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
options = {'serviceAccountId': 'test-service-account', 'projectId': 'mock-project-id'}
app = firebase_admin.initialize_app(
testutils.MockCredential(), name='iam-signer-app', options=options)
Expand All @@ -248,6 +255,8 @@ def test_sign_with_iam(self):
firebase_admin.delete_app(app)

def test_sign_with_iam_error(self):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
options = {'serviceAccountId': 'test-service-account', 'projectId': 'mock-project-id'}
app = firebase_admin.initialize_app(
testutils.MockCredential(), name='iam-signer-app', options=options)
Expand All @@ -264,6 +273,8 @@ def test_sign_with_iam_error(self):
firebase_admin.delete_app(app)

def test_sign_with_discovered_service_account(self):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
request = testutils.MockRequest(200, 'discovered-service-account')
options = {'projectId': 'mock-project-id'}
app = firebase_admin.initialize_app(testutils.MockCredential(), name='iam-signer-app',
Expand All @@ -287,6 +298,8 @@ def test_sign_with_discovered_service_account(self):
firebase_admin.delete_app(app)

def test_sign_with_discovery_failure(self):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
request = testutils.MockFailedRequest(Exception('test error'))
options = {'projectId': 'mock-project-id'}
app = firebase_admin.initialize_app(testutils.MockCredential(), name='iam-signer-app',
Expand Down Expand Up @@ -431,6 +444,8 @@ def test_valid_token_check_revoked(self, user_mgt_app, id_token):

@pytest.mark.parametrize('id_token', valid_tokens.values(), ids=list(valid_tokens))
def test_revoked_token_check_revoked(self, user_mgt_app, revoked_tokens, id_token):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, MOCK_REQUEST)
_instrument_user_manager(user_mgt_app, 200, revoked_tokens)
with pytest.raises(auth.RevokedIdTokenError) as excinfo:
Expand Down Expand Up @@ -460,13 +475,18 @@ def test_invalid_arg(self, user_mgt_app, id_token):

@pytest.mark.parametrize('id_token', invalid_tokens.values(), ids=list(invalid_tokens))
def test_invalid_token(self, user_mgt_app, id_token):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, MOCK_REQUEST)
with pytest.raises(auth.InvalidIdTokenError) as excinfo:
auth.verify_id_token(id_token, app=user_mgt_app)
assert isinstance(excinfo.value, exceptions.InvalidArgumentError)
assert excinfo.value.http_response is None

def test_expired_token(self, user_mgt_app):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, MOCK_REQUEST)
_overwrite_cert_request(user_mgt_app, MOCK_REQUEST)
id_token = self.invalid_tokens['ExpiredToken']
with pytest.raises(auth.ExpiredIdTokenError) as excinfo:
Expand Down Expand Up @@ -505,6 +525,8 @@ def test_custom_token(self, auth_app):
assert str(excinfo.value) == message

def test_certificate_request_failure(self, user_mgt_app):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, testutils.MockRequest(404, 'not found'))
with pytest.raises(auth.CertificateFetchError) as excinfo:
auth.verify_id_token(TEST_ID_TOKEN, app=user_mgt_app)
Expand Down Expand Up @@ -580,13 +602,17 @@ def test_invalid_args(self, user_mgt_app, cookie):

@pytest.mark.parametrize('cookie', invalid_cookies.values(), ids=list(invalid_cookies))
def test_invalid_cookie(self, user_mgt_app, cookie):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, MOCK_REQUEST)
with pytest.raises(auth.InvalidSessionCookieError) as excinfo:
auth.verify_session_cookie(cookie, app=user_mgt_app)
assert isinstance(excinfo.value, exceptions.InvalidArgumentError)
assert excinfo.value.http_response is None

def test_expired_cookie(self, user_mgt_app):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, MOCK_REQUEST)
cookie = self.invalid_cookies['ExpiredCookie']
with pytest.raises(auth.ExpiredSessionCookieError) as excinfo:
Expand Down Expand Up @@ -620,6 +646,8 @@ def test_custom_token(self, auth_app):
auth.verify_session_cookie(custom_token, app=auth_app)

def test_certificate_request_failure(self, user_mgt_app):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
_overwrite_cert_request(user_mgt_app, testutils.MockRequest(404, 'not found'))
with pytest.raises(auth.CertificateFetchError) as excinfo:
auth.verify_session_cookie(TEST_SESSION_COOKIE, app=user_mgt_app)
Expand All @@ -632,6 +660,8 @@ def test_certificate_request_failure(self, user_mgt_app):
class TestCertificateCaching:

def test_certificate_caching(self, user_mgt_app, httpserver):
if _auth_utils.is_emulated():
pytest.skip("Not supported with auth emulator")
httpserver.serve_content(MOCK_PUBLIC_CERTS, 200, headers={'Cache-Control': 'max-age=3600'})
verifier = _token_gen.TokenVerifier(user_mgt_app)
verifier.cookie_verifier.cert_url = httpserver.url
Expand Down

0 comments on commit 17e28e6

Please sign in to comment.