End-to-end test case

rayluo · rayluo · commit e8be841aab13 · 2020-11-16T21:43:08.000-08:00
diff --git a/oauth2cli/authcode.py b/oauth2cli/authcode.py
@@ -210,16 +210,17 @@ def __exit__(self, exc_type, exc_val, exc_tb):
     args = parser.parse_args()
     client = Client({"authorization_endpoint": args.endpoint}, args.client_id)
     with AuthCodeReceiver(port=args.port) as receiver:
-        auth_uri = client.build_auth_request_uri(
-            "code",
+        flow = client.initiate_auth_code_flow(
             scope=args.scope.split() if args.scope else None,
-            redirect_uri="http://{h}:{p}".format(h=args.host, p=receiver.get_port()))
+            redirect_uri="http://{h}:{p}".format(h=args.host, p=receiver.get_port()),
+            )
         print(json.dumps(receiver.get_auth_response(
-            auth_uri=auth_uri,
+            auth_uri=flow["auth_uri"],
             welcome_template=
                 "<a href='$auth_uri'>Sign In</a>, or <a href='$abort_uri'>Abort</a",
             error_template="Oh no. $error",
             success_template="Oh yeah. Got $code",
             timeout=60,
+            state=flow["state"],  # Optional
             ), indent=4))
 
diff --git a/tests/test_client.py b/tests/test_client.py
@@ -10,7 +10,7 @@
 import requests
 
 from oauth2cli.oidc import Client
-from oauth2cli.authcode import obtain_auth_code
+from oauth2cli.authcode import obtain_auth_code, AuthCodeReceiver
 from oauth2cli.assertion import JwtSigner
 from tests import unittest, Oauth2TestCase
 from tests.http_client import MinimalHttpClient, MinimalResponse
@@ -153,6 +153,33 @@ def test_auth_code(self):
             redirect_uri=redirect_uri)
         self.assertLoosely(result, lambda: self.assertIn('access_token', result))
 
+    @unittest.skipUnless(
+        "authorization_endpoint" in CONFIG.get("openid_configuration", {}),
+        "authorization_endpoint missing")
+    def test_auth_code_flow(self):
+        with AuthCodeReceiver(port=CONFIG.get("listen_port")) as receiver:
+            flow = self.client.initiate_auth_code_flow(
+                redirect_uri="http://localhost:%d" % receiver.get_port(),
+                scope=CONFIG.get("scope"),
+                )
+            auth_response = receiver.get_auth_response(
+                auth_uri=flow["auth_uri"],
+                state=flow["state"],  # Optional but recommended
+                timeout=120,
+                welcome_template="""<html><body>
+                    authorization_endpoint = {a}, client_id = {i}
+                    <a href="$auth_uri">Sign In</a> or <a href="$abort_uri">Abort</a>
+                    </body></html>""".format(
+                        a=CONFIG["openid_configuration"]["authorization_endpoint"],
+                        i=CONFIG.get("client_id")),
+                )
+            self.assertIsNotNone(
+                auth_response.get("code"), "Error: {}, Detail: {}".format(
+                    auth_response.get("error"), auth_response))
+            result = self.client.obtain_token_by_auth_code_flow(flow, auth_response)
+                #TBD: data={"resource": CONFIG.get("resource")},  # MSFT AAD v1 only
+            self.assertLoosely(result, lambda: self.assertIn('access_token', result))
+
     @unittest.skipUnless(
         CONFIG.get("openid_configuration", {}).get("device_authorization_endpoint"),
         "device_authorization_endpoint is missing")
