pytest-iam

pytest-iam spawns a lightweight OAuth2 / OpenID Server (OIDC) / SCIM in a thread to be used in your test suite. The machinery involves Canaille and Authlib.

• Repository

• Package

• Documentation

Installation

uv add pytest-iam

Usage

pytest-iam provides tools to test your application authentication mechanism against a OAuth2/OIDC server, with SCIM support:

• It launches a Canaille instance on a random port;

• It provides a iam_server fixture that comes with several features:

  • the URL of the IAM server to configure your application

  • IAM models (Users, groups, clients, tokens etc.) to prepare your tests and check the side effects. More details on the reference

  • utilities to log-in users and give their consent to your application

  • utilities to generate random users and groups

To run a full authentication process for a client application in your test, you can write something like this:

def test_authentication(iam_server, test_client):
    # create a random user on the IAM server
    user = iam_server.random_user()

    # log the user in and make it consent all the clients
    iam_server.login(user)
    iam_server.consent(user)

    # 1. attempt to access a protected page, returns a redirection to the IAM
    res = test_client.get("/protected")

    # 2. authorization code request
    res = iam_server.test_client.get(res.location)

    # 3. load your application authorization endpoint
    res = test_client.get(res.location)

    # 4. now you have access to the protected page
    res = test_client.get("/protected")

    assert "Hello, world!" in res.text

Check the client application or resource server tutorials for more usecases.

Table of contents

• Client applications
• Resource servers
• Configuration
• Reference
• Changelog

Indices and tables

• Index

• Module Index

• Search Page