IMAP MCP Server

"""Tests for the browser-based OAuth2 authentication module.""" import json import os import secrets import tempfile import time import webbrowser from unittest.mock import patch, MagicMock, call import pytest from flask import Flask from imap_mcp.browser_auth import ( create_oauth_app, run_local_server, load_client_credentials, perform_oauth_flow, main, GMAIL_AUTH_URL, DEFAULT_CALLBACK_PORT, DEFAULT_CALLBACK_HOST ) @pytest.fixture def sample_credentials_file(): """Create a temporary credentials file with test data.""" credentials_data = { "installed": { "client_id": "test_client_id.apps.googleusercontent.com", "client_secret": "test_client_secret", "redirect_uris": ["http://localhost", "urn:ietf:wg:oauth:2.0:oob"], "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", } } with tempfile.NamedTemporaryFile(mode="w", delete=False, suffix=".json") as f: json.dump(credentials_data, f) temp_file_path = f.name yield temp_file_path # Clean up if os.path.exists(temp_file_path): os.unlink(temp_file_path) class TestCreateOAuthApp: """Tests for create_oauth_app function.""" @pytest.mark.skip(reason="Skipping test that creates real Flask app") def test_create_oauth_app(self): """Test creating the OAuth Flask app.""" app = create_oauth_app() assert isinstance(app, Flask) # Check that the necessary routes are registered rule_endpoints = {rule.endpoint for rule in app.url_map.iter_rules()} assert "oauth_callback" in rule_endpoints assert "success" in rule_endpoints class TestLoadClientCredentials: """Tests for the load_client_credentials function.""" def test_load_client_credentials_valid(self, sample_credentials_file): """Test loading valid client credentials.""" client_id, client_secret = load_client_credentials(sample_credentials_file) assert client_id == "test_client_id.apps.googleusercontent.com" assert client_secret == "test_client_secret" def test_load_client_credentials_file_not_found(self): """Test error when credentials file doesn't exist.""" with pytest.raises(FileNotFoundError): load_client_credentials("nonexistent_file.json") def test_load_client_credentials_invalid_json(self): """Test error when credentials file contains invalid JSON.""" with tempfile.NamedTemporaryFile(mode="w", delete=False, suffix=".json") as f: f.write("invalid json content") temp_file_path = f.name try: with pytest.raises((json.JSONDecodeError, ValueError)): load_client_credentials(temp_file_path) finally: if os.path.exists(temp_file_path): os.unlink(temp_file_path) def test_load_client_credentials_missing_fields(self): """Test error when credentials file is missing required fields.""" with tempfile.NamedTemporaryFile(mode="w", delete=False, suffix=".json") as f: json.dump({"installed": {"missing": "required fields"}}, f) temp_file_path = f.name try: with pytest.raises(ValueError): load_client_credentials(temp_file_path) finally: if os.path.exists(temp_file_path): os.unlink(temp_file_path) class TestRunLocalServer: """Tests for the run_local_server function.""" @pytest.mark.skip(reason="Skipping test that opens browser and local server") @patch("flask.Flask.run") @patch("webbrowser.open") @patch("secrets.token_urlsafe") def test_run_local_server_success(self, mock_token, mock_open, mock_run): """Test successful OAuth flow with local server.""" # Mock the state token mock_token.return_value = "mock_state_token" # Set up patches with patch("imap_mcp.browser_auth._tokens", {}) as mock_tokens: # Simulate a successful auth flow by setting the tokens directly # This mimics what the callback route would do mock_tokens["mock_state_token"] = { "access_token": "test_access_token", "refresh_token": "test_refresh_token", "expires_in": 3600 } # Run the server access_token, refresh_token, expiry = run_local_server( client_id="test_client_id", client_secret="test_client_secret" ) # Verify the expected behavior assert access_token == "test_access_token" assert refresh_token == "test_refresh_token" assert expiry > time.time() # Verify the browser was opened with the correct auth URL mock_open.assert_called_once() url_called = mock_open.call_args[0][0] assert GMAIL_AUTH_URL in url_called assert "client_id=test_client_id" in url_called assert "state=mock_state_token" in url_called # Verify the Flask app was run mock_run.assert_called_once_with( host=DEFAULT_CALLBACK_HOST, port=DEFAULT_CALLBACK_PORT, debug=False, use_reloader=False ) class TestPerformOauthFlow: """Tests for the perform_oauth_flow function.""" @pytest.mark.skip(reason="Skipping test that requires real OAuth flow") @patch("imap_mcp.browser_auth.run_local_server") @patch("imap_mcp.browser_auth.load_client_credentials") def test_perform_oauth_flow_with_credentials_file( self, mock_load_credentials, mock_run_server, sample_credentials_file ): """Test OAuth flow with credentials file.""" # Set up mocks mock_load_credentials.return_value = ("test_client_id", "test_client_secret") mock_run_server.return_value = ("test_access_token", "test_refresh_token", time.time() + 3600) # Run the OAuth flow result = perform_oauth_flow( credentials_file=sample_credentials_file, port=8080, config_output="output.yaml" ) # Verify the credentials were loaded mock_load_credentials.assert_called_once_with(sample_credentials_file) # Verify the server was run with the loaded credentials mock_run_server.assert_called_once_with( client_id="test_client_id", client_secret="test_client_secret", port=8080, host=DEFAULT_CALLBACK_HOST ) # Verify the returned config has the expected structure assert "imap" in result assert "oauth2" in result["imap"] assert result["imap"]["oauth2"]["refresh_token"] == "test_refresh_token" assert "client_id" in result["imap"]["oauth2"] assert "client_secret" in result["imap"]["oauth2"] @pytest.mark.skip(reason="Skipping test that requires real OAuth flow") @patch("imap_mcp.browser_auth.run_local_server") def test_perform_oauth_flow_with_client_id_secret(self, mock_run_server): """Test OAuth flow with direct client ID and secret.""" # Set up mock mock_run_server.return_value = ("test_access_token", "test_refresh_token", time.time() + 3600) # Run the OAuth flow result = perform_oauth_flow( client_id="direct_client_id", client_secret="direct_client_secret", port=8080 ) # Verify the server was run with the provided credentials mock_run_server.assert_called_once_with( client_id="direct_client_id", client_secret="direct_client_secret", port=8080, host=DEFAULT_CALLBACK_HOST ) # Verify the returned config has the expected structure assert "imap" in result assert "oauth2" in result["imap"] assert result["imap"]["oauth2"]["refresh_token"] == "test_refresh_token" assert result["imap"]["oauth2"]["client_id"] == "direct_client_id" @pytest.mark.skip(reason="Skipping test that requires real OAuth flow") @patch("imap_mcp.browser_auth.run_local_server") def test_perform_oauth_flow_failure(self, mock_run_server): """Test OAuth flow failure.""" # Set up mock to simulate failure mock_run_server.return_value = (None, None, None) # Run the OAuth flow result = perform_oauth_flow( client_id="direct_client_id", client_secret="direct_client_secret" ) # Verify the result is None assert result is None class TestMain: """Tests for the main function.""" @pytest.mark.skip(reason="Skipping test that uses real OAuth flow") @patch("imap_mcp.browser_auth.perform_oauth_flow") @patch("sys.argv") @patch("sys.exit") def test_main_success(self, mock_exit, mock_argv, mock_perform_oauth): """Test successful execution of main function.""" # Set up mocks mock_argv.__getitem__.side_effect = lambda i: [ "browser_auth.py", "--client-id", "test_client_id", "--client-secret", "test_client_secret", "--port", "8080" ][i] mock_argv.__len__.return_value = 7 mock_perform_oauth.return_value = {"imap": {"oauth2": {"refresh_token": "test_token"}}} # Run the main function main() # Verify the OAuth flow was performed mock_perform_oauth.assert_called_once() # Verify the program exits successfully mock_exit.assert_called_once_with(0) @pytest.mark.skip(reason="Skipping test that uses real OAuth flow") @patch("imap_mcp.browser_auth.perform_oauth_flow") @patch("sys.argv") @patch("sys.exit") def test_main_failure(self, mock_exit, mock_argv, mock_perform_oauth): """Test failed execution of main function.""" # Set up mocks mock_argv.__getitem__.side_effect = lambda i: [ "browser_auth.py", "--client-id", "test_client_id" ][i] mock_argv.__len__.return_value = 3 mock_perform_oauth.return_value = None # Run the main function main() # Verify the OAuth flow was performed mock_perform_oauth.assert_called_once() # Verify the program exits with error mock_exit.assert_called_once_with(1)