@@ -61,6 +61,7 @@ def mock_settings() -> MagicMock:
6161 settings .auth_retry_attempts = 3
6262 settings .auth_jwk_set_cache_ttl = 300
6363 settings .refresh_token = None
64+ settings .organization_id = None
6465 mock_settings .return_value = settings
6566 yield mock_settings
6667
@@ -339,25 +340,22 @@ def test_can_open_browser_false(record_property) -> None:
339340class TestAuthorizationCodeFlow :
340341 """Test cases for the authorization code flow with PKCE."""
341342
342- @pytest .mark .unit
343343 @staticmethod
344- def test_perform_authorization_code_flow_success (record_property , mock_settings ) -> None :
345- """Test successful authorization code flow with PKCE."""
346- record_property ("tested-item-id" , "SPEC-PLATFORM-SERVICE" )
347- # Mock OAuth session
344+ def _run_pkce_flow () -> tuple [str | None , MagicMock ]:
345+ """Set up common PKCE flow mocks, run the flow, and return (token, mock_session).
346+
347+ Returns:
348+ tuple: The returned token and the OAuth2Session mock for further assertions.
349+ """
348350 mock_session = MagicMock (spec = OAuth2Session )
349351 mock_session .authorization_url .return_value = ("https://test.auth/authorize?code_challenge=abc" , None )
350352 mock_session .fetch_token .return_value = {"access_token" : "pkce.token" }
351353
352- # Mock HTTP server
353354 mock_server = MagicMock ()
354-
355- # Setup mocks for the redirect URI parsing
356355 mock_redirect_parsed = MagicMock ()
357356 mock_redirect_parsed .hostname = "localhost"
358357 mock_redirect_parsed .port = 8000
359358
360- # Create a custom HTTPServer mock implementation that simulates a callback
361359 class MockHTTPServer :
362360 def __init__ (self , * args , ** kwargs ) -> None :
363361 pass
@@ -368,7 +366,6 @@ def __enter__(self) -> MagicMock:
368366 def __exit__ (self , * args ) -> None :
369367 pass
370368
371- # Create a mock for the auth result
372369 mock_auth_result = MagicMock ()
373370 mock_auth_result .token = "pkce.token" # noqa: S105 - Test credential
374371 mock_auth_result .error = None
@@ -379,20 +376,19 @@ def __exit__(self, *args) -> None:
379376 patch ("urllib.parse.urlparse" , return_value = mock_redirect_parsed ),
380377 patch ("aignostics.platform._authentication.AuthenticationResult" , return_value = mock_auth_result ),
381378 ):
382- # Simulate a successful server response by making handle_request set the token
383- def handle_request_side_effect ():
384- # This simulates what the HTTP handler would do on success
385- mock_auth_result .token = "pkce.token" # noqa: S105 - Test credential
386-
387- mock_server .handle_request .side_effect = handle_request_side_effect
388-
389- # Call the function under test
379+ mock_server .handle_request .side_effect = lambda : None
390380 token = _perform_authorization_code_with_pkce_flow ()
391381
392- # Assertions
393- assert token == "pkce.token" # noqa: S105 - Test credential
394- mock_server .handle_request .assert_called_once ()
395- mock_session .authorization_url .assert_called_once ()
382+ return token , mock_session
383+
384+ @pytest .mark .unit
385+ @staticmethod
386+ def test_perform_authorization_code_flow_success (record_property , mock_settings ) -> None :
387+ """Test successful authorization code flow with PKCE."""
388+ record_property ("tested-item-id" , "SPEC-PLATFORM-SERVICE" )
389+ token , mock_session = TestAuthorizationCodeFlow ._run_pkce_flow ()
390+ assert token == "pkce.token" # noqa: S105 - Test credential
391+ mock_session .authorization_url .assert_called_once ()
396392
397393 @pytest .mark .unit
398394 @staticmethod
@@ -471,52 +467,21 @@ def handle_request_side_effect():
471467 def test_perform_authorization_code_flow_with_organization (record_property , mock_settings ) -> None :
472468 """Test authorization code flow includes organization parameter when set."""
473469 record_property ("tested-item-id" , "SPEC-PLATFORM-SERVICE" )
474- mock_settings_instance = mock_settings .return_value
475- mock_settings_instance .organization = "test-org"
476-
477- # Mock OAuth session
478- mock_session = MagicMock (spec = OAuth2Session )
479- mock_session .authorization_url .return_value = ("https://test.auth/authorize?code_challenge=abc" , None )
480- mock_session .fetch_token .return_value = {"access_token" : "pkce.token" }
481-
482- # Mock HTTP server
483- mock_server = MagicMock ()
484- mock_redirect_parsed = MagicMock ()
485- mock_redirect_parsed .hostname = "localhost"
486- mock_redirect_parsed .port = 8000
487-
488- class MockHTTPServer :
489- def __init__ (self , * args , ** kwargs ) -> None :
490- pass
491-
492- def __enter__ (self ) -> MagicMock :
493- return mock_server
494-
495- def __exit__ (self , * args ) -> None :
496- pass
470+ mock_settings .return_value .organization_id = "test-org"
471+ token , mock_session = TestAuthorizationCodeFlow ._run_pkce_flow ()
472+ assert token == "pkce.token" # noqa: S105
473+ assert mock_session .authorization_url .call_args [1 ].get ("organization" ) == "test-org"
497474
498- mock_auth_result = MagicMock ()
499- mock_auth_result .token = "pkce.token" # noqa: S105
500- mock_auth_result .error = None
501-
502- with (
503- patch ("aignostics.platform._authentication.OAuth2Session" , return_value = mock_session ),
504- patch ("aignostics.platform._authentication.HTTPServer" , MockHTTPServer ),
505- patch ("urllib.parse.urlparse" , return_value = mock_redirect_parsed ),
506- patch ("aignostics.platform._authentication.AuthenticationResult" , return_value = mock_auth_result ),
507- ):
508-
509- def handle_request_side_effect ():
510- mock_auth_result .token = "pkce.token" # noqa: S105
511-
512- mock_server .handle_request .side_effect = handle_request_side_effect
513- token = _perform_authorization_code_with_pkce_flow ()
514-
515- # Assertions
516- assert token == "pkce.token" # noqa: S105
517- # Verify organization was passed to authorization_url
518- call_kwargs = mock_session .authorization_url .call_args [1 ]
519- assert call_kwargs .get ("organization" ) == "test-org"
475+ @pytest .mark .unit
476+ @staticmethod
477+ def test_perform_authorization_code_flow_without_organization (record_property , mock_settings ) -> None :
478+ """Test authorization code flow omits organization parameter when unset."""
479+ record_property ("tested-item-id" , "SPEC-PLATFORM-SERVICE" )
480+ # organization_id is None by default in mock_settings fixture
481+ assert mock_settings .return_value .organization_id is None
482+ token , mock_session = TestAuthorizationCodeFlow ._run_pkce_flow ()
483+ assert token == "pkce.token" # noqa: S105
484+ assert "organization" not in mock_session .authorization_url .call_args [1 ]
520485
521486
522487class TestDeviceFlow :
0 commit comments