From dcc4b6ad776cbf6694424df22d7d44c192d97cec Mon Sep 17 00:00:00 2001 From: sevignyj <41591249+sevignyj@users.noreply.github.com> Date: Mon, 18 Dec 2023 13:36:23 -0500 Subject: [PATCH 1/5] add nonce for authz, and minor bugfix with trailing slash (#154) --- tests/unit/test_okta.py | 34 +++++++++++++++++++++++++++++----- tokendito/okta.py | 36 +++++++++++++++++++++++++++--------- tokendito/user.py | 3 +++ 3 files changed, 59 insertions(+), 14 deletions(-) diff --git a/tests/unit/test_okta.py b/tests/unit/test_okta.py index 4bddcd5..d5ce9fd 100644 --- a/tests/unit/test_okta.py +++ b/tests/unit/test_okta.py @@ -543,7 +543,7 @@ def test_create_authz_cookies(): """Test create_authz_cookies.""" from tokendito import okta - pytest_oauth2_session_data = {"state": "pyteststate"} + pytest_oauth2_session_data = {"state": "pyteststate", "nonce": "pytestnonce"} pytest_oauth2_config = { "client_id": "123", @@ -637,6 +637,9 @@ def test_get_authorize_code(): response.url = "https://example.com?code=pytest" assert okta.get_authorize_code(response, "sessionToken") == "pytest" + response.url = "https//example.com?error=login_required" + assert okta.get_authorize_code(response, None) is None + def test_authorization_code_enabled(): """Test authorization_code_enabled.""" @@ -687,12 +690,33 @@ def test_authorize_request(mocker): assert okta.authorize_request(pytest_oauth2_config, pytest_oauth2_session_data) == "pytest" -def test_generate_oauth2_session_data(): - """Test generate_oauth2_session_data.""" +def test_get_nonce(mocker): + """Test get_nonce.""" + from tokendito import okta + + response = Mock() + response.text = """ + +