Warning
This document is for an old release of Galaxy. You can alternatively view this page in the latest release if it exists or view the top of the latest release's documentation.
Source code for galaxy_test.api.test_authenticate
from urllib.parse import urljoin
from requests import get
from galaxy_test.base.api_util import baseauth_headers
from galaxy_test.base.decorators import requires_new_user
from galaxy_test.base.populators import skip_without_tool
from ._framework import ApiTestCase
TEST_USER_EMAIL = "auth_user_test@bx.psu.edu"
TEST_USER_PASSWORD = "testpassword1"
[docs]class TestAuthenticateApi(ApiTestCase):
[docs] @requires_new_user
def test_auth(self):
self._setup_user(TEST_USER_EMAIL, TEST_USER_PASSWORD)
baseauth_url = self._api_url("authenticate/baseauth", use_key=False)
headers = baseauth_headers(TEST_USER_EMAIL, TEST_USER_PASSWORD)
auth_response = get(baseauth_url, headers=headers)
self._assert_status_code_is(auth_response, 200)
auth_dict = auth_response.json()
self._assert_has_keys(auth_dict, "api_key")
# Verify key...
random_api_url = self._api_url("users", use_key=False)
random_api_response = get(random_api_url, params=dict(key=auth_dict["api_key"]))
self._assert_status_code_is(random_api_response, 200)
[docs] @skip_without_tool("test_data_source")
def test_tool_runner_session_cookie_handling(self):
response = get(self.url)
tool_runner_session_cookie = response.cookies["galaxytoolrunnersession"]
galaxy_session_cookie = response.cookies["galaxysession"]
assert tool_runner_session_cookie != galaxy_session_cookie
root_response = get(self.url, cookies={"galaxytoolrunnersession": tool_runner_session_cookie})
root_response.raise_for_status()
# Browser will only send cookie to /tool_runner path, but let's make sure it isn't accepted.
# Galaxy responds with a new session and sessioncookie in that case.
# (We might want to redirect to the login page instead if require_login is set?)
assert root_response.cookies["galaxysession"] != galaxy_session_cookie
tool_runner_response = get(
urljoin(self.url, "tool_runner?tool_id=test_data_source"),
cookies={"galaxytoolrunnersession": tool_runner_session_cookie},
)
tool_runner_response.raise_for_status()
# Verify that we're not returning the sessioncookie
assert "galaxysession" not in tool_runner_response.cookies
# Make sure history for original session received job
current_history_json_response = get(
urljoin(self.url, "history/current_history_json"), cookies={"galaxysession": galaxy_session_cookie}
)
current_history_json_response.raise_for_status()
current_history = current_history_json_response.json()
assert current_history["contents_active"]["active"] == 1
[docs] def test_anon_history_creation(self):
# First request:
# We don't create any histories, just return a session cookie
response = get(self.url)
cookie = {"galaxysession": response.cookies["galaxysession"]}
# Check that we don't have any histories (API doesn't auto-create new histories)
histories_response = get(
urljoin(
self.url,
"api/histories",
)
)
assert not histories_response.json()
# Second request, we know client follows conventions by including cookies,
# default history is created.
get(self.url, cookies=cookie)
second_histories_response = get(
urljoin(self.url, "history/current_history_json"),
cookies=cookie,
)
assert second_histories_response.json()