Metadata-Version: 2.1
Name: pytest-iam
Version: 0.0.2
Summary: A fully functional OAUTH2 / OpenID Connect (OIDC) server to be used in your testsuite
Home-page: https://gitlab.com/yaal/pytest-iam
License: MIT
Keywords: oidc,oauth,oauth2,openid,identity,pytest,unit tests,iam
Author: Yaal Coop
Author-email: contact@yaal.coop
Requires-Python: >=3.8,<4.0
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Web Environment
Classifier: Framework :: Pytest
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: Implementation :: CPython
Requires-Dist: canaille[oidc] (>=0.0.32,<0.0.33)
Requires-Dist: faker (>=19.3.0,<20.0.0)
Requires-Dist: portpicker (>=1.6.0,<2.0.0)
Requires-Dist: pytest (>=7.0.0,<8.0.0)
Project-URL: Repository, https://gitlab.com/yaal/pytest-iam
Description-Content-Type: text/markdown

pytest-iam
==========

pytest-iam spawns a lightweight OAuth2 / OpenID Server in a thread to be used in your test suite.
The machinery involves [Canaille](https://canaille.yaal.coop) and [Authlib](https://authlib.org).

Installation
------------

```console
pip install pytest-iam
```

Usage
-----

pytest-iam provides a ``iam_server`` fixture that comes with several features:

- ``iam_server.url`` returns the temporary server url
- ``iam_server.models`` provides a modules containing different models (``User``, ``Group``, ``Client``, ``Token`` and ``AuthorizationCode``). Read the [canaille documentation](https://canaille.readthedocs.io/en/latest/reference.html) to find how to handle those models.
- ``iam_server.random_user()`` and ``iam_server.random_group()`` can generate random data for your tests

To run a full authentication process in your test, you can write something like this:

```python
@pytest.fixture
def user(iam_server):
    # Creates a user on the identity provider
    user = iam_server.models.User(
        user_name="user",
        emails=["email@example.org"],
        password="password",
    )
    user.save()
    return user

@pytest.fixture
def client(iam_server):
    # Creates a client on the identity provider
    client = iam_server.models.Client(
        client_id="client_id",
        client_secret="client_secret",
        client_name="my super app",
        client_uri="http://example.org",
        redirect_uris=["http://example.org/authorize"],
        grant_types=["authorization_code"],
        response_types=["code", "token", "id_token"],
        token_endpoint_auth_method="client_secret_basic",
        scope=["openid", "profile", "groups"],
    )
    client.save()
    return client

def test_authentication(iam_server, testapp, user, client):
    iam_server.login(user)
    iam_server.consent(user)

    # attempt to access a protected page
    response = testapp.get("/protected", status=302)

    # authorization code request at the IAM
    res = requests.get(res.location, allow_redirects=False)

    # access to the redirection URI
    res = testclient.get(res.headers["Location"])
    res.mustcontain("Hello World!")
```

