wip

id.saladeaula.digital/tests/conftest.py

@@ -20,6 +20,8 @@ def pytest_configure():
     os.environ['JWT_SECRET'] = 'secret'
     os.environ['DYNAMODB_PARTITION_KEY'] = PK
     os.environ['DYNAMODB_SORT_KEY'] = SK
+    os.environ['OAUTH2_SCOPES_SUPPORTED'] = 'openid profile email'
+    # os.environ['POWERTOOLS_LOGGER_LOG_EVENT'] = 'true'
 
 
 @dataclass

id.saladeaula.digital/tests/routes/test_authorize.py

@@ -42,16 +42,14 @@ def test_authorize(
     assert 'Location' in r['headers']
 
     r = dynamodb_persistence_layer.query(
-        key_cond_expr='#pk = :pk AND begins_with(#sk, :sk)',
+        key_cond_expr='#pk = :pk',
         expr_attr_name={
             '#pk': 'id',
-            '#sk': 'sk',
         },
         expr_attr_values={
-            ':pk': f'OAUTH2_CODE#CLIENT_ID#{client_id}',
-            ':sk': 'CODE',
+            ':pk': 'OAUTH2#CODE',
         },
     )
 
     # One item was added from seeds
-    assert len(r['items']) == 2
+    assert len(r['items']) == 3

id.saladeaula.digital/tests/routes/test_login.py

@@ -1,4 +1,5 @@
 from http import HTTPMethod
+from urllib.parse import urlencode
 
 from ..conftest import HttpApiProxy, LambdaContext
 
@@ -18,7 +19,7 @@ def test_html(
         lambda_context,
     )
 
-    print(r)
+    # print(r)
 
 
 def test_login(
@@ -34,9 +35,15 @@ def test_login(
             headers={
                 'Content-Type': 'application/x-www-form-urlencoded',
             },
-            body='username=sergio@somosbeta.com.br&password=pytest@123&continue=https://localhost',
+            body=urlencode(
+                {
+                    'username': 'sergio@somosbeta.com.br',
+                    'password': 'pytest@123',
+                    'continue': 'http://localhost',
+                }
+            ),
         ),
         lambda_context,
     )
 
-    print(r)
+    # print(r)

id.saladeaula.digital/tests/routes/test_token.py

@@ -1,4 +1,6 @@
-from http import HTTPMethod
+import json
+import pprint
+from http import HTTPMethod, HTTPStatus
 from urllib.parse import urlencode
 
 from layercake.dynamodb import DynamoDBPersistenceLayer
@@ -29,11 +31,43 @@ def test_token(
                     'code': 'kyqp3oSuRFTfuBaCmq3XOgGWg67l42Kt3D6xPEj7Yd3MLdi9',
                     'client_id': client_id,
                     'code_verifier': '9072df2d3709425993e733f38fb27a825b8860e699364ce9abafdf51077c0bdb4e456ddb741147a4bec4eeda782d92cc',
-                    # 'client_secret': '1nFD8alDbGHgc3g1RLY960xyRJVee0SlMoIB0MUlSuiJy28W',
+                }
+            ),
+        ),
+        lambda_context,
+    )
+    assert r['statusCode'] == HTTPStatus.OK
+    data = json.loads(r['body'])
+
+    # print(data)
+    r = dynamodb_persistence_layer.query(
+        key_cond_expr='#pk = :pk',
+        expr_attr_name={
+            '#pk': 'id',
+        },
+        expr_attr_values={
+            ':pk': 'OAUTH2#TOKEN',
+        },
+    )
+    # pprint.pp(r['items'])
+
+    r = app.lambda_handler(
+        http_api_proxy(
+            raw_path='/token',
+            method=HTTPMethod.POST,
+            headers={
+                'Content-Type': 'application/x-www-form-urlencoded',
+            },
+            body=urlencode(
+                {
+                    'grant_type': 'refresh_token',
+                    'refresh_token': data['refresh_token'],
+                    'client_id': client_id,
                 }
             ),
         ),
         lambda_context,
     )
 
-    print(r)
+    assert r['statusCode'] == HTTPStatus.OK
+    # print(r['body'])

id.saladeaula.digital/tests/seeds.jsonl

@@ -1,6 +1,6 @@
 // OAuth2
-{"id": "OAUTH2_CLIENT", "sk": "CLIENT_ID#d72d4005-1fa7-4430-9754-80d5e2487bb6", "secret": "1nFD8alDbGHgc3g1RLY960xyRJVee0SlMoIB0MUlSuiJy28W", "name": "pytest", "scope": "openid profile", "redirect_uris": ["https://localhost/callback"], "response_types": ["code"], "grant_types": ["authorization_code", "refresh_token"], "token_endpoint_auth_method": "none"}
-{"id": "OAUTH2_CODE#CLIENT_ID#d72d4005-1fa7-4430-9754-80d5e2487bb6", "sk": "CODE#kyqp3oSuRFTfuBaCmq3XOgGWg67l42Kt3D6xPEj7Yd3MLdi9", "redirect_uri": "https://localhost/callback", "user_id": "357db1c5-7442-4075-98a3-fbe5c938a419", "nonce": null, "scope": "openid profile email", "response_type": "code", "code_challenge": "ejYEIGKQUgMnNh4eV0sftb0hXdLwkvKm6OHXRYvC--I", "code_challenge_method": "S256"}
+{"id": "OAUTH2", "sk": "CLIENT_ID#d72d4005-1fa7-4430-9754-80d5e2487bb6", "client_secret": "1nFD8alDbGHgc3g1RLY960xyRJVee0SlMoIB0MUlSuiJy28W", "name": "pytest", "scope": "openid profile", "redirect_uris": ["https://localhost/callback"], "response_types": ["code"], "grant_types": ["authorization_code", "refresh_token"], "scope": "openid profile email", "token_endpoint_auth_method": "none"}
+{"id": "OAUTH2#CODE", "sk": "CODE#kyqp3oSuRFTfuBaCmq3XOgGWg67l42Kt3D6xPEj7Yd3MLdi9", "client_id": "d72d4005-1fa7-4430-9754-80d5e2487bb6", "redirect_uri": "https://localhost/callback", "user_id": "357db1c5-7442-4075-98a3-fbe5c938a419", "nonce": null, "scope": "openid profile email", "response_type": "code", "code_challenge": "ejYEIGKQUgMnNh4eV0sftb0hXdLwkvKm6OHXRYvC--I", "code_challenge_method": "S256", "created_at": "2025-08-07T12:38:26.550431-03:00"}
 
 // Post-migration: uncomment the following line
 // {"id": "EMAIL", "sk": "sergio@somosbeta.com.br", "user_id": "357db1c5-7442-4075-98a3-fbe5c938a419"}