/
test_credentials.py
86 lines (66 loc) · 2.78 KB
/
test_credentials.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# -*- coding: utf-8 -*-
"""
test
~~~~
Flask-CORS is a simple extension to Flask allowing you to support cross
origin resource sharing (CORS) using a simple decorator.
:copyright: (c) 2014 by Cory Dolphin.
:license: MIT, see LICENSE for more details.
"""
from ..base_test import FlaskCorsTestCase, AppConfigTest
from flask import Flask
from flask_cors import *
from flask_cors.core import *
class SupportsCredentialsCase(FlaskCorsTestCase):
def setUp(self):
self.app = Flask(__name__)
@self.app.route('/test_credentials_supported')
@cross_origin(supports_credentials=True)
def test_credentials_supported():
return 'Credentials!'
@self.app.route('/test_credentials_unsupported')
@cross_origin(supports_credentials=False)
def test_credentials_unsupported():
return 'Credentials!'
@self.app.route('/test_default')
@cross_origin()
def test_default():
return 'Open!'
def test_credentials_supported(self):
''' The specified route should return the
Access-Control-Allow-Credentials header.
'''
resp = self.get('/test_credentials_supported', origin='www.example.com')
self.assertEquals(resp.headers.get(ACL_CREDENTIALS), 'true')
def test_default(self):
''' The default behavior should be to disallow credentials.
'''
resp = self.get('/test_default', origin='www.example.com')
self.assertFalse(ACL_CREDENTIALS in resp.headers)
resp = self.get('/test_default')
self.assertFalse(ACL_CREDENTIALS in resp.headers)
def test_credentials_unsupported(self):
''' The default behavior should be to disallow credentials.
'''
resp = self.get('/test_credentials_unsupported', origin='www.example.com')
self.assertFalse(ACL_CREDENTIALS in resp.headers)
resp = self.get('/test_credentials_unsupported')
self.assertFalse(ACL_CREDENTIALS in resp.headers)
class AppConfigExposeHeadersTestCase(AppConfigTest, SupportsCredentialsCase):
def __init__(self, *args, **kwargs):
super(AppConfigExposeHeadersTestCase, self).__init__(*args, **kwargs)
def test_credentials_supported(self):
self.app.config['CORS_SUPPORTS_CREDENTIALS'] = True
@self.app.route('/test_credentials_supported')
@cross_origin()
def test_credentials_supported():
return 'Credentials!'
super(AppConfigExposeHeadersTestCase, self).test_credentials_supported()
def test_open_request(self):
@self.app.route('/test_default')
@cross_origin()
def test_default():
return 'Open!'
super(AppConfigExposeHeadersTestCase, self).test_default()
if __name__ == "__main__":
unittest.main()