MCPcopy
hub / github.com/encode/starlette / test_cookie_lenient_parsing

Function test_cookie_lenient_parsing

tests/test_requests.py:359–390  ·  tests/test_requests.py::test_cookie_lenient_parsing

The following test is based on a cookie set by Okta, a well-known authorization service. It turns out that it's common practice to set cookies that would be invalid according to the spec.

(test_client_factory: TestClientFactory)

Source from the content-addressed store, hash-verified

357
358
359def test_cookie_lenient_parsing(test_client_factory: TestClientFactory) -> None:
360 class="st">"""
361 The following test is based on a cookie set by Okta, a well-known authorization
362 service. It turns out that it&class="cm">#x27;s common practice to set cookies that would be
363 invalid according to the spec.
364 class="st">"""
365 tough_cookie = (
366 class="st">"provider-oauth-nonce=validAsciiblabla; "
367 &class="cm">#x27;okta-oauth-redirect-params={class="st">"responseType":class="st">"code",class="st">"state":class="st">"somestate",'
368 &class="cm">#x27;class="st">"nonce":class="st">"somenonce",class="st">"scopes":[class="st">"openid",class="st">"profile",class="st">"email",class="st">"phone"],'
369 &class="cm">#x27;class="st">"urls":{class="st">"issuer":class="st">"https://subdomain.okta.com/oauth2/authServer",'
370 &class="cm">#x27;class="st">"authorizeUrl":class="st">"https://subdomain.okta.com/oauth2/authServer/v1/authorize",'
371 &class="cm">#x27;class="st">"userinfoUrl":class="st">"https://subdomain.okta.com/oauth2/authServer/v1/userinfo"}}; '
372 class="st">"importantCookie=importantValue; sessionCookie=importantSessionValue"
373 )
374 expected_keys = {
375 class="st">"importantCookie",
376 class="st">"okta-oauth-redirect-params",
377 class="st">"provider-oauth-nonce",
378 class="st">"sessionCookie",
379 }
380
381 async def app(scope: Scope, receive: Receive, send: Send) -> None:
382 request = Request(scope, receive)
383 response = JSONResponse({class="st">"cookies": request.cookies})
384 await response(scope, receive, send)
385
386 client = test_client_factory(app)
387 response = client.get(class="st">"/", headers={class="st">"cookie": tough_cookie})
388 result = response.json()
389 assert len(result[class="st">"cookies"]) == 4
390 assert set(result[class="st">"cookies"].keys()) == expected_keys
391
392
393class="cm"># These test cases copied from Tornado's implementation

Callers

nothing calls this directly

Calls 4

test_client_factoryFunction · 0.85
jsonMethod · 0.80
getMethod · 0.45
keysMethod · 0.45

Tested by

no test coverage detected