How to test an API endpoint with Django-rest-framework using Django-oauth-toolkit for authentication

0 votes

I have a Django-rest-framework viewset/router to define an API endpoint. The viewset is defined as such:

class DocumentViewSet(viewsets.ModelViewSet):
    permission_classes = [permissions.IsAuthenticated, TokenHasReadWriteScope]
    model = Document

And the router is defined as

router = DefaultRouter()
router.register(r'documents', viewsets.DocumentViewSet)

with url pattern url(r'^api/', include(router.urls))

I can hit this endpoint in the browser/through curl just fine by getting the right access token and using it for authorization. However, it's not clear how to write tests against this endpoint.

Here is what I've tried:

class DocumentAPITests(APITestCase):
    def test_get_all_documents(self):
        user = User.objects.create_user('test', 'test@test.com', 'test')
        client = APIClient()
        client.credentials(username="test", password="test")
        response = client.get("/api/documents/")
        self.assertEqual(response.status_code, 200)

This fails with an HTTP 401 response from the client.get() call. What is the right way to test an API endpoint in DRF using django-oauth-toolkit for oauth2 authentication?

Jul 2, 2020 in Python by kartik
 • 37,520 points 2,850 views

1 answer to this question.

0 votes

Hello @kartik,

You should avoid making unneeded API calls, especially for multi-part processes like OAuth, and only create the few model objects that are required.

def setUp(self):
    self.test_user = UserModel.objects.create_user("test_user", "test@user.com", "123456")

    self.application = Application(
        name="Test Application",
        redirect_uris="http://localhost",
        user=self.test_user,
        client_type=Application.CLIENT_CONFIDENTIAL,
        authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
    )
    self.application.save()

def test_revoke_access_token(self):
    from datetime import datetime
    from django.utils import timezone

    tok = AccessToken.objects.create(
        user=self.test_user, token='1234567890',
        application=self.application, scope='read write',
        expires=timezone.now() + datetime.timedelta(days=1)
    )

From there you just need to authenticate using the token that has been generated. You can do this by injecting the Authorization header, or you can use the force_authenticate method provided by Django REST Framework.

Hope it works!!

Thank You!!

answered Jul 2, 2020 by Niroj
 • 82,840 points

Related Questions In Python

0 votes
1 answer

How to secure APIs for Registration and Login in Django Rest Framework?

Hello @kartik, you cannot have an authentication system ...READ MORE

answered Jun 25, 2020 in Python by Niroj
 • 82,840 points 2,871 views
0 votes
1 answer

how to fetch user details and send it to his email address using django rest framework

Hello @mahesh, First you have to fetch user ...READ MORE

answered Aug 18, 2020 in Python by Niroj
 • 82,840 points 4,329 views
0 votes
1 answer

How to create login user using Django Rest Framework?

Hello @Reebika , For you query you can refer ...READ MORE

answered Oct 12, 2020 in Python by Niroj
 • 82,840 points 818 views
0 votes
1 answer

how to download and install Django rest framework?

To install Django, you can simply open ...READ MORE

answered Apr 24, 2018 in Python by Christine
 • 15,790 points 1,959 views
0 votes
1 answer

How do I access a user by his/her ID using django.contrib.auth.models.User in the latest release of Django?

Hi, there is only that way and ...READ MORE

answered Jan 10, 2019 in Python by Nymeria
 • 3,560 points 3,395 views
0 votes
0 answers

How can I update Git Code into a Docker container directly?

Hi all, with regard to the above ...READ MORE

Jan 22, 2019 in Python by Anirudh
• 2,090 points 1,807 views
0 votes
1 answer

How to temporarily disable a foreign key constraint in MySQL?

Hello @kartik, To turn off foreign key constraint ...READ MORE

answered Jun 23, 2020 in Python by Niroj
 • 82,840 points 2,437 views
0 votes
1 answer

How do I use Django templates without the rest of Django?

Hello @kartik, Let's say you have this important ...READ MORE

answered Jun 23, 2020 in Python by Niroj
 • 82,840 points 1,555 views
0 votes
1 answer

How to return the current user with Django Rest Framework?

Hello @kartik, The best way is to use ...READ MORE

answered Jun 25, 2020 in Python by Niroj
 • 82,840 points 12,026 views
0 votes
1 answer

How to PATCH a single field using Django Rest Framework?

Hello @kartik, Serializers allow partial updates by specifying partial=True when initializing ...READ MORE

answered Jun 25, 2020 in Python by Niroj
 • 82,840 points 15,379 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.