bunny-lab/Borealis-Github-Replica
1
0
Fork 0
mirror of https://github.com/bunny-lab-io/Borealis.git synced 2025-10-26 17:41:58 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
1b6d0151249e7ed22fb0739bee8cb03bdd35c691
Borealis-Github-Replica/Data/Engine/Unit_Tests/test_tokens_api.py

93 lines
2.8 KiB
Python
Raw Blame History

from __future__ import annotations
import hashlib
import sqlite3
from datetime import datetime, timedelta, timezone
from flask.testing import FlaskClient
from .conftest import EngineTestHarness
def _iso(dt: datetime) -> str:
return dt.astimezone(timezone.utc).isoformat()
def test_refresh_token_success(engine_harness: EngineTestHarness) -> None:
harness = engine_harness
client: FlaskClient = harness.app.test_client()
guid = "54E8C9E2-6B3D-4B51-A456-4ACB94C45F00"
refresh_token = "refresh-token-value"
token_hash = hashlib.sha256(refresh_token.encode("utf-8")).hexdigest()
now = datetime.now(tz=timezone.utc)
expires_at = now + timedelta(days=1)
with sqlite3.connect(str(harness.db_path)) as conn:
cur = conn.cursor()
cur.execute(
"""
INSERT INTO devices (guid, hostname, created_at, last_seen, ssl_key_fingerprint,
token_version, status, key_added_at)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)
""",
(
guid,
"device-one",
int(now.timestamp()),
int(now.timestamp()),
"fingerprint",
1,
"active",
_iso(now),
),
)
cur.execute(
"""
INSERT INTO refresh_tokens (id, guid, token_hash, created_at, expires_at, revoked_at, last_used_at)
VALUES (?, ?, ?, ?, ?, NULL, NULL)
""",
(
"token-row",
guid,
token_hash,
_iso(now),
_iso(expires_at),
),
)
conn.commit()
response = client.post(
"/api/agent/token/refresh",
json={"guid": guid, "refresh_token": refresh_token},
)
assert response.status_code == 200
payload = response.get_json()
assert payload["token_type"] == "Bearer"
assert payload["expires_in"] == 900
assert isinstance(payload["access_token"], str) and payload["access_token"]
with sqlite3.connect(str(harness.db_path)) as conn:
cur = conn.cursor()
cur.execute(
"SELECT last_used_at, revoked_at FROM refresh_tokens WHERE guid = ?",
(guid,),
)
row = cur.fetchone()
assert row is not None
last_used_at, revoked_at = row
assert last_used_at is not None
assert revoked_at is None
def test_refresh_token_requires_payload(engine_harness: EngineTestHarness) -> None:
client: FlaskClient = engine_harness.app.test_client()
response = client.post(
"/api/agent/token/refresh",
json={"guid": "", "refresh_token": ""},
)
assert response.status_code == 400
payload = response.get_json()
assert payload["error"] == "invalid_request"
Reference in New Issue View Git Blame Copy Permalink