Delete refresh tokens when deleting devices

author: Richard van der Hoff <richard@matrix.org> 2016-07-26 11:09:47 +0100
committer: Richard van der Hoff <richard@matrix.org> 2016-07-26 11:10:37 +0100
commit: 8e0249416643f20f0c4cd8f2e19cf45ea63289d3 (patch)
tree: d8b872fe81bfa9f8d718fecab79db1e92e08f21e /tests
parent: Merge pull request #949 from matrix-org/rav/update_devices (diff)
download: synapse-8e0249416643f20f0c4cd8f2e19cf45ea63289d3.tar.xz
1 files changed, 34 insertions, 0 deletions
diff --git a/tests/storage/test_registration.py b/tests/storage/test_registration.py
index b03ca303a2..f7d74dea8e 100644
--- a/tests/storage/test_registration.py
+++ b/tests/storage/test_registration.py
@@ -128,6 +128,40 @@ class RegistrationStoreTestCase(unittest.TestCase):
         with self.assertRaises(StoreError):
             yield self.store.exchange_refresh_token(last_token, generator.generate)
 
+    @defer.inlineCallbacks
+    def test_user_delete_access_tokens(self):
+        # add some tokens
+        generator = TokenGenerator()
+        refresh_token = generator.generate(self.user_id)
+        yield self.store.register(self.user_id, self.tokens[0], self.pwhash)
+        yield self.store.add_access_token_to_user(self.user_id, self.tokens[1],
+                                                  self.device_id)
+        yield self.store.add_refresh_token_to_user(self.user_id, refresh_token,
+                                                   self.device_id)
+
+        # now delete some
+        yield self.store.user_delete_access_tokens(
+            self.user_id, device_id=self.device_id, delete_refresh_tokens=True)
+
+        # check they were deleted
+        user = yield self.store.get_user_by_access_token(self.tokens[1])
+        self.assertIsNone(user, "access token was not deleted by device_id")
+        with self.assertRaises(StoreError):
+            yield self.store.exchange_refresh_token(refresh_token,
+                                                    generator.generate)
+
+        # check the one not associated with the device was not deleted
+        user = yield self.store.get_user_by_access_token(self.tokens[0])
+        self.assertEqual(self.user_id, user["name"])
+
+        # now delete the rest
+        yield self.store.user_delete_access_tokens(
+            self.user_id, delete_refresh_tokens=True)
+
+        user = yield self.store.get_user_by_access_token(self.tokens[0])
+        self.assertIsNone(user,
+                          "access token was not deleted without device_id")
+
 
 class TokenGenerator:
     def __init__(self):
author	Richard van der Hoff <richard@matrix.org>	2016-07-26 11:09:47 +0100
committer	Richard van der Hoff <richard@matrix.org>	2016-07-26 11:10:37 +0100
commit	8e0249416643f20f0c4cd8f2e19cf45ea63289d3 (patch)
tree	d8b872fe81bfa9f8d718fecab79db1e92e08f21e /tests
parent	Merge pull request #949 from matrix-org/rav/update_devices (diff)
download	synapse-8e0249416643f20f0c4cd8f2e19cf45ea63289d3.tar.xz