diff --git a/tests/mixins.py b/tests/mixins.py index 96ac278c..2540bce7 100644 --- a/tests/mixins.py +++ b/tests/mixins.py @@ -108,6 +108,55 @@ def test_refresh_error(self): self.assertIsNotNone(response.errors) +class AsyncRefreshMixin: + async def test_refresh(self): + with catch_signal(token_refreshed) as token_refreshed_handler, back_to_the_future(seconds=1): + + response = await self.execute( + { + "token": self.token, + } + ) + + data = response.data["refreshToken"] + token = data["token"] + payload = data["payload"] + + self.assertEqual(token_refreshed_handler.call_count, 1) + + self.assertIsNone(response.errors) + self.assertNotEqual(token, self.token) + self.assertUsernameIn(data["payload"]) + self.assertEqual(payload["origIat"], self.payload.origIat) + self.assertGreater(payload["exp"], self.payload.exp) + + async def test_missing_token(self): + response = await self.execute({}) + self.assertIsNotNone(response.errors) + + async def test_refresh_expired(self): + with refresh_expired(): + response = await self.execute( + { + "token": self.token, + } + ) + + self.assertIsNotNone(response.errors) + + @OverrideJwtSettings(JWT_ALLOW_REFRESH=False) + async def test_refresh_error(self): + reload(strawberry_django_jwt.mutations) + token = get_token(self.user, origIat=None) + response = await self.execute( + { + "token": token, + } + ) + + self.assertIsNotNone(response.errors) + + class CookieTokenAuthMixin: def test_token_auth(self): response = self.execute( diff --git a/tests/test_mutations.py b/tests/test_mutations.py index 964528a4..f7070f23 100644 --- a/tests/test_mutations.py +++ b/tests/test_mutations.py @@ -130,6 +130,80 @@ def test(self) -> str: ) +class RefreshAsyncTests(mixins.AsyncRefreshMixin, AsyncSchemaTestCase): + query = """ + mutation RefreshToken($token: String) { + refreshToken(token: $token) { + token + payload { + username + origIat + exp + } + refreshExpiresIn + } + }""" + + @strawberry.type + class Mutation: + refresh_token = strawberry_django_jwt.mutations.RefreshAsync.refresh + + @OverrideJwtSettings(JWT_HIDE_TOKEN_FIELDS=True) + async def test_hidden_token_fields(self): + reload(strawberry_django_jwt.mixins) + reload(strawberry_django_jwt.mutations) + + @strawberry.type + class Mutation(JSONWebTokenMixin): + @strawberry.field + @dispose_extra_kwargs + def test(self) -> str: + return str(self) + + self.client.schema(query=self.Query, mutation=Mutation) + + query = """ + mutation RefreshToken($token: String) { + test(token: $token) + }""" + + token = get_token(self.user) + response = await self.client.execute(query, {"token": token}) + + self.assertEqual(len(response.errors), 1) + self.assertEqual( + response.errors[0].message, + "Unknown argument 'token' on field 'Mutation.test'.", + ) + + @OverrideJwtSettings(JWT_HIDE_TOKEN_FIELDS=False) + async def test_visible_token_fields(self): + reload(strawberry_django_jwt.mixins) + reload(strawberry_django_jwt.mutations) + + @strawberry.type + class Mutation(JSONWebTokenMixin): + @strawberry.field + @dispose_extra_kwargs + def test(self) -> str: + return str(self) + + self.client.schema(query=self.Query, mutation=Mutation) + + query = """ + mutation RefreshToken($token: String) { + test(token: $token) + }""" + + token = get_token(self.user) + response = await self.client.execute(query, {"token": token}) + + self.assertEqual( + response.data.get("test").replace('"', "'"), + json.dumps({"token": token}).replace('"', "'"), + ) + + class CookieTokenAuthTests(mixins.CookieTokenAuthMixin, CookieTestCase): query = f""" mutation TokenAuth($username: String!, $password: String!) {{