Loading lib/galaxy_test/api/test_authenticate.py +27 −0 Original line number Diff line number Diff line import base64 from urllib.parse import urljoin from requests import get Loading Loading @@ -27,3 +28,29 @@ class AuthenticationApiTestCase(ApiTestCase): random_api_url = self._api_url("users", use_key=False) random_api_response = get(random_api_url, params=dict(key=auth_dict["api_key"])) self._assert_status_code_is(random_api_response, 200) def test_tool_runner_session_cookie_handling(self): response = get(self.url) tool_runner_session_cookie = response.cookies["galaxytoolrunnersession"] galaxy_session_cookie = response.cookies["galaxysession"] assert tool_runner_session_cookie != galaxy_session_cookie root_response = get(self.url, cookies={"galaxytoolrunnersession": tool_runner_session_cookie}) root_response.raise_for_status() # Browser will only send cookie to /tool_runner path, but let's make sure it isn't accepted. # Galaxy responds with a new session and sessioncookie in that case. # (We might want to redirect to the login page instead if require_login is set?) assert root_response.cookies["galaxysession"] != galaxy_session_cookie tool_runner_response = get( urljoin(self.url, "tool_runner?tool_id=test_data_source"), cookies={"galaxytoolrunnersession": tool_runner_session_cookie}, ) tool_runner_response.raise_for_status() # Verify that we're not returning the sessioncookie assert "galaxysession" not in tool_runner_response.cookies # Make sure history for original session received job current_history_json_response = get( urljoin(self.url, "history/current_history_json"), cookies={"galaxysession": galaxy_session_cookie} ) current_history_json_response.raise_for_status() current_history = current_history_json_response.json() assert current_history["contents_active"]["active"] == 1 Loading
lib/galaxy_test/api/test_authenticate.py +27 −0 Original line number Diff line number Diff line import base64 from urllib.parse import urljoin from requests import get Loading Loading @@ -27,3 +28,29 @@ class AuthenticationApiTestCase(ApiTestCase): random_api_url = self._api_url("users", use_key=False) random_api_response = get(random_api_url, params=dict(key=auth_dict["api_key"])) self._assert_status_code_is(random_api_response, 200) def test_tool_runner_session_cookie_handling(self): response = get(self.url) tool_runner_session_cookie = response.cookies["galaxytoolrunnersession"] galaxy_session_cookie = response.cookies["galaxysession"] assert tool_runner_session_cookie != galaxy_session_cookie root_response = get(self.url, cookies={"galaxytoolrunnersession": tool_runner_session_cookie}) root_response.raise_for_status() # Browser will only send cookie to /tool_runner path, but let's make sure it isn't accepted. # Galaxy responds with a new session and sessioncookie in that case. # (We might want to redirect to the login page instead if require_login is set?) assert root_response.cookies["galaxysession"] != galaxy_session_cookie tool_runner_response = get( urljoin(self.url, "tool_runner?tool_id=test_data_source"), cookies={"galaxytoolrunnersession": tool_runner_session_cookie}, ) tool_runner_response.raise_for_status() # Verify that we're not returning the sessioncookie assert "galaxysession" not in tool_runner_response.cookies # Make sure history for original session received job current_history_json_response = get( urljoin(self.url, "history/current_history_json"), cookies={"galaxysession": galaxy_session_cookie} ) current_history_json_response.raise_for_status() current_history = current_history_json_response.json() assert current_history["contents_active"]["active"] == 1
