Coverage for ivatar/test_utils.py: 100%

37 statements  

« prev     ^ index     » next       coverage.py v7.11.0, created at 2025-11-04 00:07 +0000

1""" 

2Test our utils from ivatar.utils 

3""" 

4 

5from django.test import TestCase 

6 

7from ivatar.utils import is_trusted_url, openid_variations 

8 

9 

10class Tester(TestCase): 

11 """ 

12 Main test class 

13 """ 

14 

15 def test_openid_variations(self): 

16 """ 

17 Test if the OpenID variation "generator" does the correct thing 

18 """ 

19 openid0 = "http://user.url/" 

20 openid1 = "http://user.url" 

21 openid2 = "https://user.url/" 

22 openid3 = "https://user.url" 

23 

24 # First variation 

25 self.assertEqual(openid_variations(openid0)[0], openid0) 

26 self.assertEqual(openid_variations(openid0)[1], openid1) 

27 self.assertEqual(openid_variations(openid0)[2], openid2) 

28 self.assertEqual(openid_variations(openid0)[3], openid3) 

29 

30 # Second varitations 

31 self.assertEqual(openid_variations(openid1)[0], openid0) 

32 self.assertEqual(openid_variations(openid1)[1], openid1) 

33 self.assertEqual(openid_variations(openid1)[2], openid2) 

34 self.assertEqual(openid_variations(openid1)[3], openid3) 

35 

36 # Third varitations 

37 self.assertEqual(openid_variations(openid2)[0], openid0) 

38 self.assertEqual(openid_variations(openid2)[1], openid1) 

39 self.assertEqual(openid_variations(openid2)[2], openid2) 

40 self.assertEqual(openid_variations(openid2)[3], openid3) 

41 

42 # Forth varitations 

43 self.assertEqual(openid_variations(openid3)[0], openid0) 

44 self.assertEqual(openid_variations(openid3)[1], openid1) 

45 self.assertEqual(openid_variations(openid3)[2], openid2) 

46 self.assertEqual(openid_variations(openid3)[3], openid3) 

47 

48 def test_is_trusted_url(self): 

49 test_gravatar_true = is_trusted_url( 

50 "https://gravatar.com/avatar/63a75a80e6b1f4adfdb04c1ca02e596c", 

51 [ 

52 { 

53 "schemes": ["http", "https"], 

54 "host_equals": "gravatar.com", 

55 "path_prefix": "/avatar/", 

56 } 

57 ], 

58 ) 

59 self.assertTrue(test_gravatar_true) 

60 

61 test_gravatar_false = is_trusted_url( 

62 "https://gravatar.com.example.org/avatar/63a75a80e6b1f4adfdb04c1ca02e596c", 

63 [ 

64 { 

65 "schemes": ["http", "https"], 

66 "host_suffix": ".gravatar.com", 

67 "path_prefix": "/avatar/", 

68 } 

69 ], 

70 ) 

71 self.assertFalse(test_gravatar_false) 

72 

73 test_open_redirect = is_trusted_url( 

74 "https://github.com/SethFalco/?boop=https://secure.gravatar.com/avatar/205e460b479e2e5b48aec07710c08d50", 

75 [ 

76 { 

77 "schemes": ["http", "https"], 

78 "host_suffix": ".gravatar.com", 

79 "path_prefix": "/avatar/", 

80 } 

81 ], 

82 ) 

83 self.assertFalse(test_open_redirect) 

84 

85 test_multiple_filters = is_trusted_url( 

86 "https://ui-avatars.com/api/blah", 

87 [ 

88 { 

89 "schemes": ["https"], 

90 "host_equals": "ui-avatars.com", 

91 "path_prefix": "/api/", 

92 }, 

93 { 

94 "schemes": ["http", "https"], 

95 "host_suffix": ".gravatar.com", 

96 "path_prefix": "/avatar/", 

97 }, 

98 ], 

99 ) 

100 self.assertTrue(test_multiple_filters) 

101 

102 test_url_prefix_true = is_trusted_url( 

103 "https://ui-avatars.com/api/blah", 

104 [{"url_prefix": "https://ui-avatars.com/api/"}], 

105 ) 

106 self.assertTrue(test_url_prefix_true) 

107 

108 test_url_prefix_false = is_trusted_url( 

109 "https://ui-avatars.com/api/blah", 

110 [{"url_prefix": "https://gravatar.com/avatar/"}], 

111 ) 

112 self.assertFalse(test_url_prefix_false)