Test the failure and success custom display

README.md

@@ -5,7 +5,7 @@
 <a href="https://github.com/Colin-b/requests_auth/actions"><img alt="Build status" src="https://github.com/Colin-b/requests_auth/workflows/Release/badge.svg"></a>
 <a href="https://github.com/Colin-b/requests_auth/actions"><img alt="Coverage" src="https://img.shields.io/badge/coverage-100%25-brightgreen"></a>
 <a href="https://github.com/psf/black"><img alt="Code style: black" src="https://img.shields.io/badge/code%20style-black-000000.svg"></a>
-<a href="https://github.com/Colin-b/requests_auth/actions"><img alt="Number of tests" src="https://img.shields.io/badge/tests-351 passed-blue"></a>
+<a href="https://github.com/Colin-b/requests_auth/actions"><img alt="Number of tests" src="https://img.shields.io/badge/tests-363 passed-blue"></a>
 <a href="https://pypi.org/project/requests-auth/"><img alt="Number of downloads" src="https://img.shields.io/pypi/dm/requests_auth"></a>
 </p>
 

tests/oauth2/authorization_code/test_oauth2_authorization_code.py

@@ -92,6 +92,73 @@ def test_oauth2_authorization_code_flow_uses_redirect_uri_domain(
     tab.assert_success()
 
 
+def test_oauth2_authorization_code_flow_uses_custom_success(
+    token_cache, responses: RequestsMock, browser_mock: BrowserMock
+):
+    auth = requests_auth.OAuth2AuthorizationCode(
+        "http://provide_code",
+        "http://provide_access_token",
+    )
+    requests_auth.OAuth2.display.success_html = (
+        "<body><div>SUCCESS: {display_time}</div></body>"
+    )
+    tab = browser_mock.add_response(
+        opened_url="http://provide_code?response_type=code&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F",
+        reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de",
+        displayed_html="<body><div>SUCCESS: {display_time}</div></body>",
+    )
+    responses.post(
+        "http://provide_access_token",
+        json={
+            "access_token": "2YotnFZFEjr1zCsicMWpAA",
+            "token_type": "example",
+            "expires_in": 3600,
+            "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA",
+            "example_parameter": "example_value",
+        },
+        match=[
+            urlencoded_params_matcher(
+                {
+                    "grant_type": "authorization_code",
+                    "redirect_uri": "http://localhost:5000/",
+                    "response_type": "code",
+                    "code": "SplxlOBeZQQYbYS6WxSbIA",
+                }
+            ),
+        ],
+    )
+    responses.get(
+        "http://authorized_only",
+        match=[header_matcher({"Authorization": "Bearer 2YotnFZFEjr1zCsicMWpAA"})],
+    )
+
+    requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_success()
+
+
+def test_oauth2_authorization_code_flow_uses_custom_failure(
+    token_cache, browser_mock: BrowserMock
+):
+    auth = requests_auth.OAuth2AuthorizationCode(
+        "http://provide_code",
+        "http://provide_access_token",
+    )
+    requests_auth.OAuth2.display.failure_html = "FAILURE: {display_time}\n{information}"
+    tab = browser_mock.add_response(
+        opened_url="http://provide_code?response_type=code&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F",
+        reply_url="http://localhost:5000#error=invalid_request",
+        displayed_html="FAILURE: {display_time}\n{information}",
+    )
+
+    with pytest.raises(requests_auth.InvalidGrantRequest):
+        requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_failure(
+        "invalid_request: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
+    )
+
+
 def test_oauth2_authorization_code_flow_get_code_is_sent_in_authorization_header_by_default(
     token_cache, responses: RequestsMock, browser_mock: BrowserMock
 ):

tests/oauth2/authorization_code/test_oauth2_authorization_code_okta.py

@@ -98,6 +98,75 @@ def test_oauth2_authorization_code_flow_uses_redirect_uri_domain(
     tab.assert_success()
 
 
+def test_oauth2_authorization_code_flow_uses_custom_success(
+    token_cache, responses: RequestsMock, browser_mock: BrowserMock
+):
+    auth = requests_auth.OktaAuthorizationCode(
+        "testserver.okta-emea.com",
+        "54239d18-c68c-4c47-8bdd-ce71ea1d50cd",
+    )
+    requests_auth.OAuth2.display.success_html = (
+        "<body><div>SUCCESS: {display_time}</div></body>"
+    )
+    tab = browser_mock.add_response(
+        opened_url="https://testserver.okta-emea.com/oauth2/default/v1/authorize?client_id=54239d18-c68c-4c47-8bdd-ce71ea1d50cd&scope=openid&response_type=code&state=5264d11c8b268ccf911ce564ca42fd75cea68c4a3c1ec3ac1ab20243891ab7cd5250ad4c2d002017c6e8ac2ba34954293baa5e0e4fd00bb9ffd4a39c45f1960b&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F",
+        reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=5264d11c8b268ccf911ce564ca42fd75cea68c4a3c1ec3ac1ab20243891ab7cd5250ad4c2d002017c6e8ac2ba34954293baa5e0e4fd00bb9ffd4a39c45f1960b",
+        displayed_html="<body><div>SUCCESS: {display_time}</div></body>",
+    )
+    responses.post(
+        "https://testserver.okta-emea.com/oauth2/default/v1/token",
+        json={
+            "access_token": "2YotnFZFEjr1zCsicMWpAA",
+            "token_type": "example",
+            "expires_in": 3600,
+            "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA",
+            "example_parameter": "example_value",
+        },
+        match=[
+            urlencoded_params_matcher(
+                {
+                    "grant_type": "authorization_code",
+                    "redirect_uri": "http://localhost:5000/",
+                    "client_id": "54239d18-c68c-4c47-8bdd-ce71ea1d50cd",
+                    "scope": "openid",
+                    "response_type": "code",
+                    "code": "SplxlOBeZQQYbYS6WxSbIA",
+                }
+            ),
+        ],
+    )
+    responses.get(
+        "http://authorized_only",
+        match=[header_matcher({"Authorization": "Bearer 2YotnFZFEjr1zCsicMWpAA"})],
+    )
+
+    requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_success()
+
+
+def test_oauth2_authorization_code_flow_uses_custom_failure(
+    token_cache, browser_mock: BrowserMock
+):
+    auth = requests_auth.OktaAuthorizationCode(
+        "testserver.okta-emea.com",
+        "54239d18-c68c-4c47-8bdd-ce71ea1d50cd",
+    )
+    requests_auth.OAuth2.display.failure_html = "FAILURE: {display_time}\n{information}"
+    tab = browser_mock.add_response(
+        opened_url="https://testserver.okta-emea.com/oauth2/default/v1/authorize?client_id=54239d18-c68c-4c47-8bdd-ce71ea1d50cd&scope=openid&response_type=code&state=5264d11c8b268ccf911ce564ca42fd75cea68c4a3c1ec3ac1ab20243891ab7cd5250ad4c2d002017c6e8ac2ba34954293baa5e0e4fd00bb9ffd4a39c45f1960b&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F",
+        reply_url="http://localhost:5000#error=invalid_request",
+        displayed_html="FAILURE: {display_time}\n{information}",
+    )
+
+    with pytest.raises(requests_auth.InvalidGrantRequest):
+        requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_failure(
+        "invalid_request: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
+    )
+
+
 def test_okta_authorization_code_flow_get_code_is_sent_in_authorization_header_by_default(
     token_cache, responses: RequestsMock, browser_mock: BrowserMock
 ):

tests/oauth2/authorization_code/test_oauth2_authorization_code_wakatime.py

@@ -93,6 +93,73 @@ def test_oauth2_authorization_code_flow_uses_redirect_uri_domain(
     tab.assert_success()
 
 
+def test_oauth2_authorization_code_flow_uses_custom_success(
+    token_cache, responses: RequestsMock, browser_mock: BrowserMock
+):
+    auth = requests_auth.WakaTimeAuthorizationCode(
+        "jPJQV0op6Pu3b66MWDi8b1wD",
+        "waka_sec_0c4MBGeR9LN74LzV5uelF9SgeQ32CqfeWpIuieneBbsL57dAAlqqJWDiVDJOlsSx61pVwHMKlsb3uMvU",
+        scope="email",
+    )
+    requests_auth.OAuth2.display.success_html = (
+        "<body><div>SUCCESS: {display_time}</div></body>"
+    )
+    tab = browser_mock.add_response(
+        opened_url="https://wakatime.com/oauth/authorize?client_id=jPJQV0op6Pu3b66MWDi8b1wD&client_secret=waka_sec_0c4MBGeR9LN74LzV5uelF9SgeQ32CqfeWpIuieneBbsL57dAAlqqJWDiVDJOlsSx61pVwHMKlsb3uMvU&scope=email&response_type=code&state=5d0adb208bdbecaf5cfb6de0bf4ba0aea52986f3fc5ea7bc30c4b2db449c17e5c9d15f9a3926476cdaf1c72e9f73c7cfdc624dde0187c38d8c6b04532770df2a&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F",
+        reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=5d0adb208bdbecaf5cfb6de0bf4ba0aea52986f3fc5ea7bc30c4b2db449c17e5c9d15f9a3926476cdaf1c72e9f73c7cfdc624dde0187c38d8c6b04532770df2a",
+        displayed_html="<body><div>SUCCESS: {display_time}</div></body>",
+    )
+    responses.post(
+        "https://wakatime.com/oauth/token",
+        body="access_token=waka_tok_12345&token_type=bearer&expires_in=3600&refresh_token=waka_ref_12345&scope=email&example_parameter=example_value",
+        content_type="text/html; charset=utf-8",
+        match=[
+            urlencoded_params_matcher(
+                {
+                    "grant_type": "authorization_code",
+                    "redirect_uri": "http://localhost:5000/",
+                    "client_id": "jPJQV0op6Pu3b66MWDi8b1wD",
+                    "client_secret": "waka_sec_0c4MBGeR9LN74LzV5uelF9SgeQ32CqfeWpIuieneBbsL57dAAlqqJWDiVDJOlsSx61pVwHMKlsb3uMvU",
+                    "scope": "email",
+                    "response_type": "code",
+                    "code": "SplxlOBeZQQYbYS6WxSbIA",
+                }
+            )
+        ],
+    )
+    responses.get(
+        "https://authorized_only",
+        match=[header_matcher({"Authorization": "Bearer waka_tok_12345"})],
+    )
+
+    requests.get("https://authorized_only", auth=auth)
+
+    tab.assert_success()
+
+
+def test_oauth2_authorization_code_flow_uses_custom_failure(
+    token_cache, browser_mock: BrowserMock
+):
+    auth = requests_auth.WakaTimeAuthorizationCode(
+        "jPJQV0op6Pu3b66MWDi8b1wD",
+        "waka_sec_0c4MBGeR9LN74LzV5uelF9SgeQ32CqfeWpIuieneBbsL57dAAlqqJWDiVDJOlsSx61pVwHMKlsb3uMvU",
+        scope="email",
+    )
+    requests_auth.OAuth2.display.failure_html = "FAILURE: {display_time}\n{information}"
+    tab = browser_mock.add_response(
+        opened_url="https://wakatime.com/oauth/authorize?client_id=jPJQV0op6Pu3b66MWDi8b1wD&client_secret=waka_sec_0c4MBGeR9LN74LzV5uelF9SgeQ32CqfeWpIuieneBbsL57dAAlqqJWDiVDJOlsSx61pVwHMKlsb3uMvU&scope=email&response_type=code&state=5d0adb208bdbecaf5cfb6de0bf4ba0aea52986f3fc5ea7bc30c4b2db449c17e5c9d15f9a3926476cdaf1c72e9f73c7cfdc624dde0187c38d8c6b04532770df2a&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F",
+        reply_url="http://localhost:5000#error=invalid_request",
+        displayed_html="FAILURE: {display_time}\n{information}",
+    )
+
+    with pytest.raises(requests_auth.InvalidGrantRequest):
+        requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_failure(
+        "invalid_request: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
+    )
+
+
 def test_multiple_scopes_are_comma_separated(
     token_cache, responses: RequestsMock, browser_mock: BrowserMock
 ):

tests/oauth2/authorization_code_pkce/test_oauth2_authorization_code_pkce.py

@@ -101,6 +101,80 @@ def test_oauth2_pkce_flow_uses_redirect_uri_domain(
     tab.assert_success()
 
 
+def test_oauth2_pkce_flow_uses_custom_success(
+    token_cache, responses: RequestsMock, monkeypatch, browser_mock: BrowserMock
+):
+    monkeypatch.setattr(
+        requests_auth._oauth2.authorization_code_pkce.os, "urandom", lambda x: b"1" * 63
+    )
+    auth = requests_auth.OAuth2AuthorizationCodePKCE(
+        "http://provide_code",
+        "http://provide_access_token",
+    )
+    requests_auth.OAuth2.display.success_html = (
+        "<body><div>SUCCESS: {display_time}</div></body>"
+    )
+    tab = browser_mock.add_response(
+        opened_url="http://provide_code?response_type=code&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F&code_challenge=5C_ph_KZ3DstYUc965SiqmKAA-ShvKF4Ut7daKd3fjc&code_challenge_method=S256",
+        reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de",
+        displayed_html="<body><div>SUCCESS: {display_time}</div></body>",
+    )
+    responses.post(
+        "http://provide_access_token",
+        json={
+            "access_token": "2YotnFZFEjr1zCsicMWpAA",
+            "token_type": "example",
+            "expires_in": 3600,
+            "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA",
+            "example_parameter": "example_value",
+        },
+        match=[
+            urlencoded_params_matcher(
+                {
+                    "code_verifier": "MTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTEx",
+                    "grant_type": "authorization_code",
+                    "redirect_uri": "http://localhost:5000/",
+                    "response_type": "code",
+                    "code": "SplxlOBeZQQYbYS6WxSbIA",
+                }
+            ),
+        ],
+    )
+    responses.get(
+        "http://authorized_only",
+        match=[header_matcher({"Authorization": "Bearer 2YotnFZFEjr1zCsicMWpAA"})],
+    )
+
+    requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_success()
+
+
+def test_oauth2_pkce_flow_uses_custom_failure(
+    token_cache, monkeypatch, browser_mock: BrowserMock
+):
+    monkeypatch.setattr(
+        requests_auth._oauth2.authorization_code_pkce.os, "urandom", lambda x: b"1" * 63
+    )
+    auth = requests_auth.OAuth2AuthorizationCodePKCE(
+        "http://provide_code",
+        "http://provide_access_token",
+    )
+    requests_auth.OAuth2.display.failure_html = "FAILURE: {display_time}\n{information}"
+    tab = browser_mock.add_response(
+        opened_url="http://provide_code?response_type=code&state=163f0455b3e9cad3ca04254e5a0169553100d3aa0756c7964d897da316a695ffed5b4f46ef305094fd0a88cfe4b55ff257652015e4aa8f87b97513dba440f8de&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F&code_challenge=5C_ph_KZ3DstYUc965SiqmKAA-ShvKF4Ut7daKd3fjc&code_challenge_method=S256",
+        reply_url="http://localhost:5000#error=invalid_request",
+        displayed_html="FAILURE: {display_time}\n{information}",
+    )
+
+    with pytest.raises(requests_auth.InvalidGrantRequest):
+        requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_failure(
+        "invalid_request: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
+    )
+
+
 def test_oauth2_pkce_flow_get_code_is_sent_in_authorization_header_by_default(
     token_cache, responses: RequestsMock, monkeypatch, browser_mock: BrowserMock
 ):

tests/oauth2/authorization_code_pkce/test_oauth2_authorization_code_pkce_okta.py

@@ -107,6 +107,82 @@ def test_oauth2_pkce_flow_uses_redirect_uri_domain(
     tab.assert_success()
 
 
+def test_oauth2_pkce_flow_uses_custom_success(
+    token_cache, responses: RequestsMock, monkeypatch, browser_mock: BrowserMock
+):
+    monkeypatch.setattr(
+        requests_auth._oauth2.authorization_code_pkce.os, "urandom", lambda x: b"1" * 63
+    )
+    auth = requests_auth.OktaAuthorizationCodePKCE(
+        "testserver.okta-emea.com",
+        "54239d18-c68c-4c47-8bdd-ce71ea1d50cd",
+    )
+    requests_auth.OAuth2.display.success_html = (
+        "<body><div>SUCCESS: {display_time}</div></body>"
+    )
+    tab = browser_mock.add_response(
+        opened_url="https://testserver.okta-emea.com/oauth2/default/v1/authorize?client_id=54239d18-c68c-4c47-8bdd-ce71ea1d50cd&scope=openid&response_type=code&state=5264d11c8b268ccf911ce564ca42fd75cea68c4a3c1ec3ac1ab20243891ab7cd5250ad4c2d002017c6e8ac2ba34954293baa5e0e4fd00bb9ffd4a39c45f1960b&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F&code_challenge=5C_ph_KZ3DstYUc965SiqmKAA-ShvKF4Ut7daKd3fjc&code_challenge_method=S256",
+        reply_url="http://localhost:5000#code=SplxlOBeZQQYbYS6WxSbIA&state=5264d11c8b268ccf911ce564ca42fd75cea68c4a3c1ec3ac1ab20243891ab7cd5250ad4c2d002017c6e8ac2ba34954293baa5e0e4fd00bb9ffd4a39c45f1960b",
+        displayed_html="<body><div>SUCCESS: {display_time}</div></body>",
+    )
+    responses.post(
+        "https://testserver.okta-emea.com/oauth2/default/v1/token",
+        json={
+            "access_token": "2YotnFZFEjr1zCsicMWpAA",
+            "token_type": "example",
+            "expires_in": 3600,
+            "refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA",
+            "example_parameter": "example_value",
+        },
+        match=[
+            urlencoded_params_matcher(
+                {
+                    "code_verifier": "MTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTEx",
+                    "grant_type": "authorization_code",
+                    "redirect_uri": "http://localhost:5000/",
+                    "client_id": "54239d18-c68c-4c47-8bdd-ce71ea1d50cd",
+                    "scope": "openid",
+                    "response_type": "code",
+                    "code": "SplxlOBeZQQYbYS6WxSbIA",
+                }
+            ),
+        ],
+    )
+    responses.get(
+        "http://authorized_only",
+        match=[header_matcher({"Authorization": "Bearer 2YotnFZFEjr1zCsicMWpAA"})],
+    )
+
+    requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_success()
+
+
+def test_oauth2_pkce_flow_uses_custom_failure(
+    token_cache, monkeypatch, browser_mock: BrowserMock
+):
+    monkeypatch.setattr(
+        requests_auth._oauth2.authorization_code_pkce.os, "urandom", lambda x: b"1" * 63
+    )
+    auth = requests_auth.OktaAuthorizationCodePKCE(
+        "testserver.okta-emea.com",
+        "54239d18-c68c-4c47-8bdd-ce71ea1d50cd",
+    )
+    requests_auth.OAuth2.display.failure_html = "FAILURE: {display_time}\n{information}"
+    tab = browser_mock.add_response(
+        opened_url="https://testserver.okta-emea.com/oauth2/default/v1/authorize?client_id=54239d18-c68c-4c47-8bdd-ce71ea1d50cd&scope=openid&response_type=code&state=5264d11c8b268ccf911ce564ca42fd75cea68c4a3c1ec3ac1ab20243891ab7cd5250ad4c2d002017c6e8ac2ba34954293baa5e0e4fd00bb9ffd4a39c45f1960b&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2F&code_challenge=5C_ph_KZ3DstYUc965SiqmKAA-ShvKF4Ut7daKd3fjc&code_challenge_method=S256",
+        reply_url="http://localhost:5000#error=invalid_request",
+        displayed_html="FAILURE: {display_time}\n{information}",
+    )
+
+    with pytest.raises(requests_auth.InvalidGrantRequest):
+        requests.get("http://authorized_only", auth=auth)
+
+    tab.assert_failure(
+        "invalid_request: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
+    )
+
+
 def test_oauth2_pkce_flow_get_code_is_sent_in_authorization_header_by_default(
     token_cache, responses: RequestsMock, monkeypatch, browser_mock: BrowserMock
 ):