Added test to reject bad state tokens

This commit is contained in:
Tsa6 2017-09-29 17:25:12 -04:00
parent 8d3f54ae3f
commit 491a86f478

View File

@ -44,3 +44,9 @@ class TestLogin(TestCase):
self.assertEqual(client.session['user_id'], '935a41b5-b38d-42c3-96ef-653402fc44ca') self.assertEqual(client.session['user_id'], '935a41b5-b38d-42c3-96ef-653402fc44ca')
self.assertEqual(client.session['token'],'1accesstoken1') self.assertEqual(client.session['token'],'1accesstoken1')
self.assertEqual(client.session['disp_name'], 'Mr. Smith') self.assertEqual(client.session['disp_name'], 'Mr. Smith')
def test_reject_bad_state(self):
with responses.RequestsMock() as rm:
client = Client()
resp = client.get('/login/redirect?state=%s&code=%s'%('bad_state', 'code'))
self.assertEqual(resp.status_code, 400)