Coverage for ivatar/test_utils.py: 100%

38 statements  

« prev     ^ index     » next       coverage.py v7.5.1, created at 2024-05-18 23:09 +0000

1# -*- coding: utf-8 -*- 

2""" 

3Test our utils from ivatar.utils 

4""" 

5 

6from django.test import TestCase 

7 

8from ivatar.utils import is_trusted_url, openid_variations 

9 

10 

11class Tester(TestCase): 

12 """ 

13 Main test class 

14 """ 

15 

16 def test_openid_variations(self): 

17 """ 

18 Test if the OpenID variation "generator" does the correct thing 

19 """ 

20 openid0 = "http://user.url/" 

21 openid1 = "http://user.url" 

22 openid2 = "https://user.url/" 

23 openid3 = "https://user.url" 

24 

25 # First variation 

26 self.assertEqual(openid_variations(openid0)[0], openid0) 

27 self.assertEqual(openid_variations(openid0)[1], openid1) 

28 self.assertEqual(openid_variations(openid0)[2], openid2) 

29 self.assertEqual(openid_variations(openid0)[3], openid3) 

30 

31 # Second varitations 

32 self.assertEqual(openid_variations(openid1)[0], openid0) 

33 self.assertEqual(openid_variations(openid1)[1], openid1) 

34 self.assertEqual(openid_variations(openid1)[2], openid2) 

35 self.assertEqual(openid_variations(openid1)[3], openid3) 

36 

37 # Third varitations 

38 self.assertEqual(openid_variations(openid2)[0], openid0) 

39 self.assertEqual(openid_variations(openid2)[1], openid1) 

40 self.assertEqual(openid_variations(openid2)[2], openid2) 

41 self.assertEqual(openid_variations(openid2)[3], openid3) 

42 

43 # Forth varitations 

44 self.assertEqual(openid_variations(openid3)[0], openid0) 

45 self.assertEqual(openid_variations(openid3)[1], openid1) 

46 self.assertEqual(openid_variations(openid3)[2], openid2) 

47 self.assertEqual(openid_variations(openid3)[3], openid3) 

48 

49 def test_is_trusted_url(self): 

50 test_gravatar_true = is_trusted_url("https://gravatar.com/avatar/63a75a80e6b1f4adfdb04c1ca02e596c", [ 

51 { 

52 "schemes": [ 

53 "http", 

54 "https" 

55 ], 

56 "host_equals": "gravatar.com", 

57 "path_prefix": "/avatar/" 

58 } 

59 ]) 

60 self.assertTrue(test_gravatar_true) 

61 

62 test_gravatar_false = is_trusted_url("https://gravatar.com.example.org/avatar/63a75a80e6b1f4adfdb04c1ca02e596c", [ 

63 { 

64 "schemes": [ 

65 "http", 

66 "https" 

67 ], 

68 "host_suffix": ".gravatar.com", 

69 "path_prefix": "/avatar/" 

70 } 

71 ]) 

72 self.assertFalse(test_gravatar_false) 

73 

74 test_open_redirect = is_trusted_url("https://github.com/SethFalco/?boop=https://secure.gravatar.com/avatar/205e460b479e2e5b48aec07710c08d50", [ 

75 { 

76 "schemes": [ 

77 "http", 

78 "https" 

79 ], 

80 "host_suffix": ".gravatar.com", 

81 "path_prefix": "/avatar/" 

82 } 

83 ]) 

84 self.assertFalse(test_open_redirect) 

85 

86 test_multiple_filters = is_trusted_url("https://ui-avatars.com/api/blah", [ 

87 { 

88 "schemes": [ 

89 "https" 

90 ], 

91 "host_equals": "ui-avatars.com", 

92 "path_prefix": "/api/" 

93 }, 

94 { 

95 "schemes": [ 

96 "http", 

97 "https" 

98 ], 

99 "host_suffix": ".gravatar.com", 

100 "path_prefix": "/avatar/" 

101 } 

102 ]) 

103 self.assertTrue(test_multiple_filters) 

104 

105 test_url_prefix_true = is_trusted_url("https://ui-avatars.com/api/blah", [ 

106 { 

107 "url_prefix": "https://ui-avatars.com/api/" 

108 } 

109 ]) 

110 self.assertTrue(test_url_prefix_true) 

111 

112 test_url_prefix_false = is_trusted_url("https://ui-avatars.com/api/blah", [ 

113 { 

114 "url_prefix": "https://gravatar.com/avatar/" 

115 } 

116 ]) 

117 self.assertFalse(test_url_prefix_false)