geeViz.eeAuth.tests.test_eeCreds¶

Tests for the eeCreds high-level API.

Functions

`test_addCreds_bad_input_raises_useful_error`()
`test_addCreds_base64`()
`test_addCreds_bytes_input`()	Bytes input is decoded as UTF-8 or base64.
`test_addCreds_chains`()	addCreds returns self for fluent style.
`test_addCreds_dict_oauth`()
`test_addCreds_dict_oauth_from_refresh_token_only`()	Even without type=authorized_user, presence of refresh_token → OAuth.
`test_addCreds_dict_sa`()
`test_addCreds_json_string`()
`test_addCreds_path_to_file`()
`test_build_run_js_emits_tenant_pin_when_provided`()	`_build_run_js(tenant='foo')` must produce JS that re-assigns `authProxyAPIURL` to a tenant-prefixed origin path.
`test_create_proxy_app_with_eeCreds_lists_tenants`()
`test_current_falls_back_to_first`()	Without explicit .use(), .current() returns the first registered name.
`test_default_header_mentions_geeviz`()	The default tenant_header should be geeViz-branded so it's obviously library-owned in browser DevTools / packet captures.
`test_eeCreds_works_with_build_proxy_router`()	Polymorphism: build_proxy_router should accept an EECreds the same way it accepts an SARegistry.
`test_ee_persistent_refresh_token_only_credentials_work`()	The old `earthengine authenticate` credentials file format contains just `refresh_token` (and sometimes `scopes`) with no `client_id` / `client_secret` / `token_uri`.
`test_find_free_port_falls_back_to_os_assigned_when_all_taken`()	If every port in the explicit walk range is taken, the OS picks any free port (port 0 in bind() means ephemeral).
`test_find_free_port_returns_preferred_when_available`()	When the preferred port is bindable, return it as-is.
`test_find_free_port_walks_past_busy`()	When the preferred port is busy, walk up until a free one is found.
`test_geeviz_request_handler_503s_when_no_upstream_registered`()	If no upstream is registered, /ee-api requests must 503 cleanly rather than hanging or crashing the server.
`test_geeviz_request_handler_parses_tenant_from_path_prefix`(...)	`/ee-api/t/<tenant>/v1/...` must route to the named tenant regardless of process-wide `eeCreds.current()`.
`test_geeviz_request_handler_proxies_ee_api`(...)	End-to-end: stand up a stub upstream + the geeViz handler, hit /ee-api/* on the handler, and verify the request lands at the upstream with the tenant header stamped and the response streamed back.
`test_get_token_caches_and_refreshes`()	First get_token mints; second returns the cache; force_refresh re-mints.
`test_get_token_unknown_falls_back_to_first`()	Forgiving lookup — unknown name → first registered.
`test_info_without_args_returns_current`()
`test_launch_proxy_picks_alternate_port_when_preferred_busy`()	End-to-end: when proxy_port is busy, start() should still succeed on an alternate port, and proxy_url reflects the actual port.
`test_list_and_has`()
`test_map_view_bakes_tenant_into_run_js_not_url`()	The tenant must be baked into the per-session run_js (NOT the page URL).
`test_map_view_falls_back_without_eecreds_running`()	When eeCreds isn't started (proxy_url is None), Map.view() must fall back to the legacy direct-token mint path.
`test_map_view_uses_eeCreds_proxy_when_available`()	When eeCreds.proxy_url is set, Map.view() must register that upstream with the local HTTP server so /ee-api/* gets reverse-proxied — and keep the viewer URL empty (no proxy address baked in).
`test_module_singleton_exists_and_is_eecreds_instance`()
`test_oauth_user_provided_client_id_takes_precedence`()	If the JSON has its own client_id/client_secret (e.g. a custom OAuth app), those win over EE's well-known fallback.
`test_resolve_ee_tenant_precedence_request_then_referer_then_current`()	Tenant resolution order: explicit ?tenant on the request → ?tenant on the Referer URL → `eeCreds.current()`.
`test_router_helper_returns_apirouter`()
`test_set_ee_api_upstream_round_trip`()	`_set_ee_api_upstream` must accept a URL, normalize trailing slashes, and `None` must reset the upstream so the handler 503s.
`test_single_cred_used_automatically_without_use`()	If only one credential is registered, get_token returns it without any .use() call needed — the simplest possible path 'works automatically'.
`test_start_requires_registered_creds`()
`test_start_returns_status`()	start(launch_proxy=False, ee_init=False) is idempotent + reports state.
`test_stop_clears_proxy_state`()	eeCreds.stop() must clear the proxy thread + URL so the registry can be restarted cleanly.
`test_stop_is_safe_when_not_started`()	Calling stop() on a never-started registry should be a no-op rather than crashing.
`test_stop_then_restart`()	A stopped registry can be started again.
`test_sync_oauth_project_noop_when_already_correct`()	sync_oauth_project with the same project that's already set should be a no-op (no log noise, no token invalidation).
`test_sync_oauth_project_rejects_earthengine_legacy`()	The SDK placeholder `earthengine-legacy` must never propagate via sync_oauth_project — otherwise we'd just re-create the original bug after legacy init was somehow set to the placeholder.
`test_sync_oauth_project_updates_all_oauth_entries`()	sync_oauth_project should update every OAuth entry's project_id and invalidate cached tokens, so the next mint includes the new project.
`test_tenant_header_is_configurable`()	build_proxy_router must accept tenant_header= so deployments can use whatever name they want (e.g. AskTerra agent uses X-AskTerra-Tenant for back-compat).
`test_use_as_context_manager_restores_previous`()
`test_use_switches_tenant_immediately`()	Plain .use() (no with) takes effect right away.
`test_use_unknown_raises`()