Speed up tests ~2x

Author: adamchainz

CHANGELOG.md

@@ -24,15 +24,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * #1273 Add caching of loading of OIDC private key.
 * #1285 Add post_logout_redirect_uris field in application views.
 * #1311 Add option to disable client_secret hashing to allow verifying JWTs' signatures.
-* #1264 Drop Python 3.7 and Django 2.2
-* #1264 Support Python 3.12 and Django 5.0
+* #1350 Support Python 3.12 and Django 5.0
 
-- ### Fixed
+### Fixed
 * #1322 Instructions in documentation on how to create a code challenge and code verifier
 * #1284 Allow to logout with no id_token_hint even if the browser session already expired
 * #1296 Added reverse function in migration 0006_alter_application_client_secret
 * #1336 Fix encapsulation for Redirect URI scheme validation
 
+### Removed
+* #1350 Remove support for Python 3.7 and Django 2.2
+
 ## [2.3.0] 2023-05-31
 
 ### WARNING

tests/test_application_views.py

@@ -14,13 +14,10 @@
 
 
 class BaseTest(TestCase):
-    def setUp(self):
-        self.foo_user = UserModel.objects.create_user("foo_user", "test@example.com", "123456")
-        self.bar_user = UserModel.objects.create_user("bar_user", "dev@example.com", "123456")
-
-    def tearDown(self):
-        self.foo_user.delete()
-        self.bar_user.delete()
+    @classmethod
+    def setUpTestData(cls):
+        cls.foo_user = UserModel.objects.create_user("foo_user", "test@example.com", "123456")
+        cls.bar_user = UserModel.objects.create_user("bar_user", "dev@example.com", "123456")
 
 
 @pytest.mark.usefixtures("oauth2_settings")
@@ -67,29 +64,26 @@ def test_application_registration_user(self):
 
 
 class TestApplicationViews(BaseTest):
-    def _create_application(self, name, user):
-        app = Application.objects.create(
+    @classmethod
+    def _create_application(cls, name, user):
+        return Application.objects.create(
             name=name,
             redirect_uris="http://example.com",
             post_logout_redirect_uris="http://other_example.com",
             client_type=Application.CLIENT_CONFIDENTIAL,
             authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
             user=user,
         )
-        return app
-
-    def setUp(self):
-        super().setUp()
-        self.app_foo_1 = self._create_application("app foo_user 1", self.foo_user)
-        self.app_foo_2 = self._create_application("app foo_user 2", self.foo_user)
-        self.app_foo_3 = self._create_application("app foo_user 3", self.foo_user)
 
-        self.app_bar_1 = self._create_application("app bar_user 1", self.bar_user)
-        self.app_bar_2 = self._create_application("app bar_user 2", self.bar_user)
+    @classmethod
+    def setUpTestData(cls):
+        super().setUpTestData()
+        cls.app_foo_1 = cls._create_application("app foo_user 1", cls.foo_user)
+        cls.app_foo_2 = cls._create_application("app foo_user 2", cls.foo_user)
+        cls.app_foo_3 = cls._create_application("app foo_user 3", cls.foo_user)
 
-    def tearDown(self):
-        super().tearDown()
-        get_application_model().objects.all().delete()
+        cls.app_bar_1 = cls._create_application("app bar_user 1", cls.bar_user)
+        cls.app_bar_2 = cls._create_application("app bar_user 2", cls.bar_user)
 
     def test_application_list(self):
         self.client.login(username="foo_user", password="123456")
@@ -132,8 +126,8 @@ def test_application_udpate(self):
         self.assertRedirects(response, reverse("oauth2_provider:detail", args=(self.app_foo_1.pk,)))
 
         self.app_foo_1.refresh_from_db()
-        self.assertEquals(self.app_foo_1.client_id, form_data["client_id"])
-        self.assertEquals(self.app_foo_1.redirect_uris, form_data["redirect_uris"])
-        self.assertEquals(self.app_foo_1.post_logout_redirect_uris, form_data["post_logout_redirect_uris"])
-        self.assertEquals(self.app_foo_1.client_type, form_data["client_type"])
-        self.assertEquals(self.app_foo_1.authorization_grant_type, form_data["authorization_grant_type"])
+        self.assertEqual(self.app_foo_1.client_id, form_data["client_id"])
+        self.assertEqual(self.app_foo_1.redirect_uris, form_data["redirect_uris"])
+        self.assertEqual(self.app_foo_1.post_logout_redirect_uris, form_data["post_logout_redirect_uris"])
+        self.assertEqual(self.app_foo_1.client_type, form_data["client_type"])
+        self.assertEqual(self.app_foo_1.authorization_grant_type, form_data["authorization_grant_type"])

tests/test_auth_backends.py

@@ -24,23 +24,20 @@ class BaseTest(TestCase):
     Base class for cases in this module
     """
 
-    def setUp(self):
-        self.user = UserModel.objects.create_user("user", "test@example.com", "123456")
-        self.app = ApplicationModel.objects.create(
+    factory = RequestFactory()
+
+    @classmethod
+    def setUpTestData(cls):
+        cls.user = UserModel.objects.create_user("user", "test@example.com", "123456")
+        cls.app = ApplicationModel.objects.create(
             name="app",
             client_type=ApplicationModel.CLIENT_CONFIDENTIAL,
             authorization_grant_type=ApplicationModel.GRANT_CLIENT_CREDENTIALS,
-            user=self.user,
+            user=cls.user,
         )
-        self.token = AccessTokenModel.objects.create(
-            user=self.user, token="tokstr", application=self.app, expires=now() + timedelta(days=365)
+        cls.token = AccessTokenModel.objects.create(
+            user=cls.user, token="tokstr", application=cls.app, expires=now() + timedelta(days=365)
         )
-        self.factory = RequestFactory()
-
-    def tearDown(self):
-        self.user.delete()
-        self.app.delete()
-        self.token.delete()
 
 
 class TestOAuth2Backend(BaseTest):
@@ -103,10 +100,6 @@ def test_get_user(self):
     }
 )
 class TestOAuth2Middleware(BaseTest):
-    def setUp(self):
-        super().setUp()
-        self.anon_user = AnonymousUser()
-
     def dummy_get_response(self, request):
         return HttpResponse()
 
@@ -131,7 +124,7 @@ def test_middleware_user_is_set(self):
         request.user = self.user
         m(request)
         self.assertIs(request.user, self.user)
-        request.user = self.anon_user
+        request.user = AnonymousUser()
         m(request)
         self.assertEqual(request.user.pk, self.user.pk)
 
@@ -176,10 +169,6 @@ def test_middleware_response_header(self):
     }
 )
 class TestOAuth2ExtraTokenMiddleware(BaseTest):
-    def setUp(self):
-        super().setUp()
-        self.anon_user = AnonymousUser()
-
     def dummy_get_response(self, request):
         return HttpResponse()
 

tests/test_authorization_code.py

@@ -43,29 +43,27 @@ def get(self, request, *args, **kwargs):
 
 @pytest.mark.usefixtures("oauth2_settings")
 class BaseTest(TestCase):
-    def setUp(self):
-        self.factory = RequestFactory()
-        self.test_user = UserModel.objects.create_user("test_user", "test@example.com", "123456")
-        self.dev_user = UserModel.objects.create_user("dev_user", "dev@example.com", "123456")
+    factory = RequestFactory()
 
-        self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"]
-        self.oauth2_settings.PKCE_REQUIRED = False
+    @classmethod
+    def setUpTestData(cls):
+        cls.test_user = UserModel.objects.create_user("test_user", "test@example.com", "123456")
+        cls.dev_user = UserModel.objects.create_user("dev_user", "dev@example.com", "123456")
 
-        self.application = Application.objects.create(
+        cls.application = Application.objects.create(
             name="Test Application",
             redirect_uris=(
                 "http://localhost http://example.com http://example.org custom-scheme://example.com"
             ),
-            user=self.dev_user,
+            user=cls.dev_user,
             client_type=Application.CLIENT_CONFIDENTIAL,
             authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
             client_secret=CLEARTEXT_SECRET,
         )
 
-    def tearDown(self):
-        self.application.delete()
-        self.test_user.delete()
-        self.dev_user.delete()
+    def setUp(self):
+        self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"]
+        self.oauth2_settings.PKCE_REQUIRED = False
 
 
 class TestRegressionIssue315(BaseTest):
@@ -1559,10 +1557,11 @@ def test_code_exchange_succeed_when_redirect_uri_match_with_multiple_query_param
 
 @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW)
 class TestOIDCAuthorizationCodeTokenView(BaseAuthorizationCodeTokenView):
-    def setUp(self):
-        super().setUp()
-        self.application.algorithm = Application.RS256_ALGORITHM
-        self.application.save()
+    @classmethod
+    def setUpTestData(cls):
+        super().setUpTestData()
+        cls.application.algorithm = Application.RS256_ALGORITHM
+        cls.application.save()
 
     def test_id_token_public(self):
         """
@@ -1636,11 +1635,15 @@ def test_id_token_code_exchange_succeed_when_redirect_uri_match_with_multiple_qu
 
 @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW)
 class TestOIDCAuthorizationCodeHSAlgorithm(BaseAuthorizationCodeTokenView):
+    @classmethod
+    def setUpTestData(cls):
+        super().setUpTestData()
+        cls.application.algorithm = Application.HS256_ALGORITHM
+        cls.application.save()
+
     def setUp(self):
         super().setUp()
         self.oauth2_settings.OIDC_RSA_PRIVATE_KEY = None
-        self.application.algorithm = Application.HS256_ALGORITHM
-        self.application.save()
 
     def test_id_token(self):
         """
@@ -1732,10 +1735,11 @@ def test_resource_access_deny(self):
 
 @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW)
 class TestOIDCAuthorizationCodeProtectedResource(BaseTest):
-    def setUp(self):
-        super().setUp()
-        self.application.algorithm = Application.RS256_ALGORITHM
-        self.application.save()
+    @classmethod
+    def setUpTestData(cls):
+        super().setUpTestData()
+        cls.application.algorithm = Application.RS256_ALGORITHM
+        cls.application.save()
 
     def test_id_token_resource_access_allowed(self):
         self.client.login(username="test_user", password="123456")

tests/test_client_credential.py

@@ -35,24 +35,21 @@ def get(self, request, *args, **kwargs):
 @pytest.mark.usefixtures("oauth2_settings")
 @pytest.mark.oauth2_settings(presets.DEFAULT_SCOPES_RW)
 class BaseTest(TestCase):
-    def setUp(self):
-        self.factory = RequestFactory()
-        self.test_user = UserModel.objects.create_user("test_user", "test@example.com", "123456")
-        self.dev_user = UserModel.objects.create_user("dev_user", "dev@example.com", "123456")
+    factory = RequestFactory()
 
-        self.application = Application.objects.create(
+    @classmethod
+    def setUpTestData(cls):
+        cls.test_user = UserModel.objects.create_user("test_user", "test@example.com", "123456")
+        cls.dev_user = UserModel.objects.create_user("dev_user", "dev@example.com", "123456")
+
+        cls.application = Application.objects.create(
             name="test_client_credentials_app",
-            user=self.dev_user,
+            user=cls.dev_user,
             client_type=Application.CLIENT_PUBLIC,
             authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS,
             client_secret=CLEARTEXT_SECRET,
         )
 
-    def tearDown(self):
-        self.application.delete()
-        self.test_user.delete()
-        self.dev_user.delete()
-
 
 class TestClientCredential(BaseTest):
     def test_client_credential_access_allowed(self):
@@ -98,7 +95,7 @@ def test_client_credential_user_is_none_on_access_token(self):
         self.assertIsNone(access_token.user)
 
 
-class TestView(OAuthLibMixin, View):
+class ExampleView(OAuthLibMixin, View):
     server_class = BackendApplicationServer
     validator_class = OAuth2Validator
     oauthlib_backend_class = OAuthLibCore
@@ -132,7 +129,7 @@ def test_extended_request(self):
         request = self.request_factory.get("/fake-req", **auth_headers)
         request.user = "fake"
 
-        test_view = TestView()
+        test_view = ExampleView()
         self.assertIsInstance(test_view.get_server(), BackendApplicationServer)
 
         valid, r = test_view.verify_request(request)
@@ -145,7 +142,7 @@ def test_raises_error_with_invalid_hex_in_query_params(self):
         request = self.request_factory.get("/fake-req?auth_token=%%7A")
 
         with pytest.raises(SuspiciousOperation):
-            TestView().verify_request(request)
+            ExampleView().verify_request(request)
 
     @patch("oauth2_provider.views.mixins.OAuthLibMixin.get_oauthlib_core")
     def test_reraises_value_errors_as_is(self, patched_core):
@@ -154,7 +151,7 @@ def test_reraises_value_errors_as_is(self, patched_core):
         request = self.request_factory.get("/fake-req")
 
         with pytest.raises(ValueError):
-            TestView().verify_request(request)
+            ExampleView().verify_request(request)
 
 
 class TestClientResourcePasswordBased(BaseTest):

tests/test_decorators.py

@@ -14,26 +14,24 @@
 
 
 class TestProtectedResourceDecorator(TestCase):
-    @classmethod
-    def setUpClass(cls):
-        cls.request_factory = RequestFactory()
-        super().setUpClass()
+    request_factory = RequestFactory()
 
-    def setUp(self):
-        self.user = UserModel.objects.create_user("test_user", "test@example.com", "123456")
-        self.application = Application.objects.create(
+    @classmethod
+    def setUpTestData(cls):
+        cls.user = UserModel.objects.create_user("test_user", "test@example.com", "123456")
+        cls.application = Application.objects.create(
             name="test_client_credentials_app",
-            user=self.user,
+            user=cls.user,
             client_type=Application.CLIENT_PUBLIC,
             authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS,
         )
 
-        self.access_token = AccessToken.objects.create(
-            user=self.user,
+        cls.access_token = AccessToken.objects.create(
+            user=cls.user,
             scope="read write",
             expires=timezone.now() + timedelta(seconds=300),
             token="secret-access-token-key",
-            application=self.application,
+            application=cls.application,
         )
 
     def test_access_denied(self):

tests/test_hybrid.py

@@ -48,30 +48,29 @@ def get(self, request, *args, **kwargs):
 
 @pytest.mark.usefixtures("oauth2_settings")
 class BaseTest(TestCase):
-    def setUp(self):
-        self.factory = RequestFactory()
-        self.hy_test_user = UserModel.objects.create_user("hy_test_user", "test_hy@example.com", "123456")
-        self.hy_dev_user = UserModel.objects.create_user("hy_dev_user", "dev_hy@example.com", "123456")
-        self.oauth2_settings.PKCE_REQUIRED = False
-        self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"]
+    factory = RequestFactory()
+
+    @classmethod
+    def setUpTestData(cls):
+        cls.hy_test_user = UserModel.objects.create_user("hy_test_user", "test_hy@example.com", "123456")
+        cls.hy_dev_user = UserModel.objects.create_user("hy_dev_user", "dev_hy@example.com", "123456")
 
-        self.application = Application(
+        cls.application = Application(
             name="Hybrid Test Application",
             redirect_uris=(
                 "http://localhost http://example.com http://example.org custom-scheme://example.com"
             ),
-            user=self.hy_dev_user,
+            user=cls.hy_dev_user,
             client_type=Application.CLIENT_CONFIDENTIAL,
             authorization_grant_type=Application.GRANT_OPENID_HYBRID,
             algorithm=Application.RS256_ALGORITHM,
             client_secret=CLEARTEXT_SECRET,
         )
-        self.application.save()
+        cls.application.save()
 
-    def tearDown(self):
-        self.application.delete()
-        self.hy_test_user.delete()
-        self.hy_dev_user.delete()
+    def setUp(self):
+        self.oauth2_settings.PKCE_REQUIRED = False
+        self.oauth2_settings.ALLOWED_REDIRECT_URI_SCHEMES = ["http", "custom-scheme"]
 
 
 @pytest.mark.oauth2_settings(presets.OIDC_SETTINGS_RW)