Fix: test assertions for missing claim on AuthProvider (#2127)

cal-itp · May 31, 2024 · 8308d7b · 8308d7b
2 parents 7f75d0f + 1d4eb88
commit 8308d7b
Show file tree

Hide file tree

Showing 7 changed files with 61 additions and 59 deletions.
diff --git a/tests/pytest/conftest.py b/tests/pytest/conftest.py
@@ -274,12 +274,11 @@ def mocked_session_verifier_oauth(mocker, model_EligibilityVerifier_AuthProvider
 
 
 @pytest.fixture
-def mocked_session_verifier_auth_required(
-    mocker, model_EligibilityVerifier_AuthProvider_with_verification, mocked_session_verifier_oauth
+def mocked_session_verifier_uses_auth_verification(
+    model_EligibilityVerifier_AuthProvider_with_verification, mocked_session_verifier_oauth
 ):
-    mock_verifier = mocker.Mock(spec=model_EligibilityVerifier_AuthProvider_with_verification)
+    mock_verifier = model_EligibilityVerifier_AuthProvider_with_verification
     mock_verifier.name = model_EligibilityVerifier_AuthProvider_with_verification.name
-    mock_verifier.is_auth_required = True
     mock_verifier.auth_provider.sign_out_button_template = (
         model_EligibilityVerifier_AuthProvider_with_verification.auth_provider.sign_out_button_template
     )
@@ -291,11 +290,12 @@ def mocked_session_verifier_auth_required(
 
 
 @pytest.fixture
-def mocked_session_verifier_auth_not_required(mocked_session_verifier_auth_required):
-    # mocked_session_verifier_auth_required.return_value is the Mock(spec=model_EligibilityVerifier) from that fixture
-    mocked_session_verifier_auth_required.return_value.is_auth_required = False
-    mocked_session_verifier_auth_required.return_value.uses_auth_verification = False
-    return mocked_session_verifier_auth_required
+def mocked_session_verifier_does_not_use_auth_verification(
+    mocked_session_verifier_uses_auth_verification, model_AuthProvider_without_verification
+):
+    mocked_verifier = mocked_session_verifier_uses_auth_verification
+    mocked_verifier.auth_provider = model_AuthProvider_without_verification
+    return mocked_verifier
 
 
 @pytest.fixture

diff --git a/tests/pytest/eligibility/test_verify.py b/tests/pytest/eligibility/test_verify.py
@@ -52,21 +52,23 @@ def test_eligibility_from_api_no_verified_types(
 
 
 @pytest.mark.django_db
-def test_eligibility_from_oauth_auth_not_required(mocked_session_verifier_auth_not_required, model_TransitAgency):
-    # mocked_session_verifier_auth_not_required is Mocked version of the session.verifier() function
+def test_eligibility_from_oauth_does_not_use_auth_verification(
+    mocked_session_verifier_does_not_use_auth_verification, model_TransitAgency
+):
+    # mocked_session_verifier_does_not_use_auth_verification is Mocked version of the session.verifier() function
     # call it (with a None request) to return a verifier object
-    verifier = mocked_session_verifier_auth_not_required(None)
+    verifier = mocked_session_verifier_does_not_use_auth_verification(None)
 
     types = eligibility_from_oauth(verifier, "claim", model_TransitAgency)
 
     assert types == []
 
 
 @pytest.mark.django_db
-def test_eligibility_from_oauth_auth_claim_mismatch(mocked_session_verifier_auth_required, model_TransitAgency):
-    # mocked_session_verifier_auth_required is Mocked version of the session.verifier() function
+def test_eligibility_from_oauth_auth_claim_mismatch(mocked_session_verifier_uses_auth_verification, model_TransitAgency):
+    # mocked_session_verifier_uses_auth_verification is Mocked version of the session.verifier() function
     # call it (with a None request) to return a verifier object
-    verifier = mocked_session_verifier_auth_required(None)
+    verifier = mocked_session_verifier_uses_auth_verification(None)
     verifier.auth_claim = "claim"
 
     types = eligibility_from_oauth(verifier, "some_other_claim", model_TransitAgency)
@@ -76,11 +78,11 @@ def test_eligibility_from_oauth_auth_claim_mismatch(mocked_session_verifier_auth
 
 @pytest.mark.django_db
 def test_eligibility_from_oauth_auth_claim_match(
-    mocked_session_verifier_auth_required, model_EligibilityType, model_TransitAgency
+    mocked_session_verifier_uses_auth_verification, model_EligibilityType, model_TransitAgency
 ):
-    # mocked_session_verifier_auth_required is Mocked version of the session.verifier() function
+    # mocked_session_verifier_uses_auth_verification is Mocked version of the session.verifier() function
     # call it (with a None request) to return a verifier object
-    verifier = mocked_session_verifier_auth_required.return_value
+    verifier = mocked_session_verifier_uses_auth_verification.return_value
     verifier.auth_provider.claim = "claim"
     verifier.eligibility_type = model_EligibilityType
 

diff --git a/tests/pytest/eligibility/test_views.py b/tests/pytest/eligibility/test_views.py
@@ -171,7 +171,9 @@ def test_index_calls_session_logout(client, session_logout_spy):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_agency", "mocked_verifier_selection_form", "mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures(
+    "mocked_session_agency", "mocked_verifier_selection_form", "mocked_session_verifier_uses_auth_verification"
+)
 def test_start_verifier_auth_required_logged_in(mocker, client):
     mock_session = mocker.patch("benefits.eligibility.views.session")
     mock_session.logged_in.return_value = True
@@ -183,7 +185,9 @@ def test_start_verifier_auth_required_logged_in(mocker, client):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_agency", "mocked_verifier_selection_form", "mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures(
+    "mocked_session_agency", "mocked_verifier_selection_form", "mocked_session_verifier_uses_auth_verification"
+)
 def test_start_verifier_auth_required_not_logged_in(mocker, client):
     mock_session = mocker.patch("benefits.eligibility.views.session")
     mock_session.logged_in.return_value = False
@@ -196,7 +200,7 @@ def test_start_verifier_auth_required_not_logged_in(mocker, client):
 
 @pytest.mark.django_db
 @pytest.mark.usefixtures(
-    "mocked_session_agency", "mocked_verifier_selection_form", "mocked_session_verifier_auth_not_required"
+    "mocked_session_agency", "mocked_verifier_selection_form", "mocked_session_verifier_does_not_use_auth_verification"
 )
 def test_start_verifier_auth_not_required(client):
     path = reverse(ROUTE_START)
@@ -226,7 +230,7 @@ def test_confirm_get_unverified(mocker, client):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_agency", "mocked_session_eligibility", "mocked_session_verifier_auth_not_required")
+@pytest.mark.usefixtures("mocked_session_agency", "mocked_session_eligibility", "mocked_session_verifier")
 def test_confirm_get_verified(client, mocked_session_update):
     path = reverse(ROUTE_CONFIRM)
     response = client.get(path)

diff --git a/tests/pytest/enrollment/test_views.py b/tests/pytest/enrollment/test_views.py
@@ -354,7 +354,7 @@ def test_success_no_verifier(client):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_success_authentication_logged_in(mocker, client, model_TransitAgency, model_EligibilityType):
     mock_session = mocker.patch("benefits.enrollment.views.session")
     mock_session.logged_in.return_value = True
@@ -370,7 +370,7 @@ def test_success_authentication_logged_in(mocker, client, model_TransitAgency, m
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_success_authentication_not_logged_in(mocker, client, model_TransitAgency, model_EligibilityType):
     mock_session = mocker.patch("benefits.enrollment.views.session")
     mock_session.logged_in.return_value = False
@@ -385,7 +385,7 @@ def test_success_authentication_not_logged_in(mocker, client, model_TransitAgenc
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_agency", "mocked_session_verifier_auth_not_required")
+@pytest.mark.usefixtures("mocked_session_agency", "mocked_session_verifier_does_not_use_auth_verification")
 def test_success_no_authentication(mocker, client, model_EligibilityType):
     mock_session = mocker.patch("benefits.enrollment.views.session")
     mock_session.eligibility.return_value = model_EligibilityType

diff --git a/tests/pytest/oauth/test_analytics.py b/tests/pytest/oauth/test_analytics.py
@@ -4,17 +4,10 @@
 
 
 @pytest.mark.django_db
-def test_OAuthEvent_checks_verifier_uses_auth_verification(app_request, mocked_session_verifier_auth_required):
-    mocked_verifier = mocked_session_verifier_auth_required(app_request)
-
-    OAuthEvent(app_request, "event type")
-
-    mocked_verifier.uses_auth_verification.assert_called_once
-
-
-@pytest.mark.django_db
-def test_OAuthEvent_verifier_client_name_when_uses_auth_verification(app_request, mocked_session_verifier_auth_required):
-    mocked_verifier = mocked_session_verifier_auth_required(app_request)
+def test_OAuthEvent_verifier_client_name_when_uses_auth_verification(
+    app_request, mocked_session_verifier_uses_auth_verification
+):
+    mocked_verifier = mocked_session_verifier_uses_auth_verification(app_request)
     mocked_verifier.auth_provider.client_name = "ClientName"
 
     event = OAuthEvent(app_request, "event type")
@@ -24,7 +17,7 @@ def test_OAuthEvent_verifier_client_name_when_uses_auth_verification(app_request
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_not_required")
+@pytest.mark.usefixtures("mocked_session_verifier_does_not_use_auth_verification")
 def test_OAuthEvent_verifier_no_client_name_when_does_not_use_auth_verification(app_request):
     event = OAuthEvent(app_request, "event type")
 

diff --git a/tests/pytest/oauth/test_middleware_authverifier_required.py b/tests/pytest/oauth/test_middleware_authverifier_required.py
@@ -21,7 +21,7 @@ def test_authverifier_required_no_verifier(app_request, mocked_view, decorated_v
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_not_required")
+@pytest.mark.usefixtures("mocked_session_verifier_does_not_use_auth_verification")
 def test_authverifier_required_no_authverifier(app_request, mocked_view, decorated_view):
     response = decorated_view(app_request)
 

diff --git a/tests/pytest/oauth/test_views.py b/tests/pytest/oauth/test_views.py
@@ -16,7 +16,7 @@ def mocked_analytics_module(mocked_analytics_module):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_login_no_oauth_client(mocked_oauth_create_client, app_request):
     mocked_oauth_create_client.return_value = None
 
@@ -33,23 +33,25 @@ def test_login_no_session_verifier(app_request):
 
 
 @pytest.mark.django_db
-def test_login(mocked_oauth_create_client, mocked_session_verifier_auth_required, mocked_analytics_module, app_request):
+def test_login(
+    mocked_oauth_create_client, mocked_session_verifier_uses_auth_verification, mocked_analytics_module, app_request
+):
     assert not session.logged_in(app_request)
 
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_redirect.return_value = HttpResponse("authorize redirect")
 
     login(app_request)
 
-    mocked_verifier = mocked_session_verifier_auth_required.return_value
+    mocked_verifier = mocked_session_verifier_uses_auth_verification.return_value
     mocked_oauth_create_client.assert_called_once_with(mocked_verifier.auth_provider.client_name)
     mocked_oauth_client.authorize_redirect.assert_called_with(app_request, "https://testserver/oauth/authorize")
     mocked_analytics_module.started_sign_in.assert_called_once()
     assert not session.logged_in(app_request)
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_authorize_no_oauth_client(mocked_oauth_create_client, app_request):
     mocked_oauth_create_client.return_value = None
 
@@ -66,7 +68,7 @@ def test_authorize_no_session_verifier(app_request):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_authorize_fail(mocked_oauth_create_client, app_request):
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_access_token.return_value = None
@@ -82,7 +84,7 @@ def test_authorize_fail(mocked_oauth_create_client, app_request):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_authorize_success(mocked_oauth_create_client, mocked_analytics_module, app_request):
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token"}
@@ -99,8 +101,10 @@ def test_authorize_success(mocked_oauth_create_client, mocked_analytics_module,
 
 @pytest.mark.django_db
 @pytest.mark.usefixtures("mocked_analytics_module")
-def test_authorize_success_with_claim_true(mocked_session_verifier_auth_required, mocked_oauth_create_client, app_request):
-    verifier = mocked_session_verifier_auth_required.return_value
+def test_authorize_success_with_claim_true(
+    mocked_session_verifier_uses_auth_verification, mocked_oauth_create_client, app_request
+):
+    verifier = mocked_session_verifier_uses_auth_verification.return_value
     verifier.auth_provider.claim = "claim"
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token", "userinfo": {"claim": "1"}}
@@ -116,11 +120,11 @@ def test_authorize_success_with_claim_true(mocked_session_verifier_auth_required
 @pytest.mark.django_db
 @pytest.mark.usefixtures("mocked_analytics_module")
 def test_authorize_success_with_claim_false(
-    mocked_session_verifier_auth_required,
+    mocked_session_verifier_uses_auth_verification,
     mocked_oauth_create_client,
     app_request,
 ):
-    verifier = mocked_session_verifier_auth_required.return_value
+    verifier = mocked_session_verifier_uses_auth_verification.return_value
     verifier.auth_provider.claim = "claim"
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token", "userinfo": {"claim": "0"}}
@@ -136,19 +140,18 @@ def test_authorize_success_with_claim_false(
 @pytest.mark.django_db
 @pytest.mark.usefixtures("mocked_analytics_module")
 def test_authorize_success_without_verifier_claim(
-    mocked_session_verifier_auth_required, mocked_oauth_create_client, app_request
+    mocked_session_verifier_uses_auth_verification, mocked_oauth_create_client, app_request
 ):
-    verifier = mocked_session_verifier_auth_required.return_value
+    verifier = mocked_session_verifier_uses_auth_verification.return_value
     verifier.auth_provider.claim = ""
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token", "userinfo": {"claim": "True"}}
 
     result = authorize(app_request)
 
-    mocked_oauth_client.authorize_access_token.assert_called_with(app_request)
     assert session.oauth_claim(app_request) is None
-    assert result.status_code == 302
-    assert result.url == reverse(ROUTE_CONFIRM)
+    assert result.status_code == 200
+    assert result.template_name == TEMPLATE_USER_ERROR
 
 
 @pytest.mark.django_db
@@ -161,9 +164,9 @@ def test_authorize_success_without_verifier_claim(
     ],
 )
 def test_authorize_success_without_claim_in_response(
-    mocked_session_verifier_auth_required, mocked_oauth_create_client, app_request, access_token_response
+    mocked_session_verifier_uses_auth_verification, mocked_oauth_create_client, app_request, access_token_response
 ):
-    verifier = mocked_session_verifier_auth_required.return_value
+    verifier = mocked_session_verifier_uses_auth_verification.return_value
     verifier.auth_provider.claim = "claim"
     mocked_oauth_client = mocked_oauth_create_client.return_value
     mocked_oauth_client.authorize_access_token.return_value = access_token_response
@@ -177,7 +180,7 @@ def test_authorize_success_without_claim_in_response(
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_cancel(mocked_analytics_module, app_request):
     unverified_route = reverse(ROUTE_UNVERIFIED)
 
@@ -197,7 +200,7 @@ def test_cancel_no_session_verifier(app_request):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_logout_no_oauth_client(mocked_oauth_create_client, app_request):
     mocked_oauth_create_client.return_value = None
 
@@ -214,7 +217,7 @@ def test_logout_no_session_verifier(app_request):
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_logout(mocker, mocked_oauth_create_client, mocked_analytics_module, app_request):
     # logout internally calls deauthorize_redirect
     # this mocks that function and a success response
@@ -241,7 +244,7 @@ def test_logout(mocker, mocked_oauth_create_client, mocked_analytics_module, app
 
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures("mocked_session_verifier_auth_required")
+@pytest.mark.usefixtures("mocked_session_verifier_uses_auth_verification")
 def test_post_logout(app_request, mocked_analytics_module):
     origin = reverse(ROUTE_INDEX)
     session.update(app_request, origin=origin)