Allow passing user and enterprise_id to JWTAuth

The initial commit that added the `user` parameter to `JWTAuth`
only allowed it to be passed when `enterprise_id=None` was
passed.

After playing around with this a little bit, I determined that
this is unnecessarily inflexible for developers. So this
constraint is now relaxed. They can both be passed, with `user`
taking precedence.

Fixup for Pull Request #178.

Author: jmoldow

boxsdk/auth/jwt_auth.py

@@ -40,10 +40,9 @@ def __init__(
     ):
         """Extends baseclass method.
 
-        At most one of `enterprise_id` and `user` may be non-`None`. If they
-        are both `None`, then the caller is required to manually call either
-        `authenticate_user()` or `authenticate_instance()` with the desired
-        `sub` claim in order to begin using this auth object.
+        If both `enterprise_id` and `user` are non-`None`, the `user` takes
+        precedence when `refresh()` is called. This can be overruled with a
+        call to `authenticate_instance()`.
 
         :param client_id:
             Box API key used for identifying the application the user is authenticating with.
@@ -59,7 +58,9 @@ def __init__(
             May be `None`, if the caller knows that it will not be
             authenticating as an enterprise instance / service account.
 
-            Must be `None` if `user` is passed.
+            If `user` is passed, this value is not used, unless
+            `authenticate_instance()` is called to clear the user and
+            authenticate as the enterprise instance.
         :type enterprise_id:
             `unicode` or `None`
         :param jwt_key_id:
@@ -82,7 +83,10 @@ def __init__(
             will be auto-authenticated at the time of the first API call or
             when calling `authenticate_user()` without any arguments.
 
-            Must be `None` if `enterprise_id` is passed.
+            Should be `None` if the intention is to authenticate as the
+            enterprise instance / service account. If both `enterprise_id` and
+            `user` are non-`None`, the `user` takes precedense when `refresh()`
+            is called.
 
             May be one of this application's created App User. Depending on the
             configured User Access Level, may also be any other App User or
@@ -117,8 +121,6 @@ def __init__(
         :type jwt_algorithm:
             `unicode`
         """
-        if enterprise_id and user:
-            raise TypeError("Cannot pass both 'enterprise_id' and 'user'.")
         user_id = self._normalize_user_id(user)
         super(JWTAuth, self).__init__(
             client_id,

test/unit/auth/test_jwt_auth.py

@@ -111,18 +111,10 @@ def _jwt_auth_init_mocks(**kwargs):
     return _jwt_auth_init_mocks
 
 
-def test_jwt_auth_constructor_raises_type_error_if_enterprise_id_and_user_both_passed(jwt_auth_init_mocks):
-    enterprise_id = 'fake_enterprise_id'
+def test_refresh_authenticates_with_user_if_enterprise_id_and_user_both_passed_to_constructor(jwt_auth_init_and_auth_mocks):
     user = 'fake_user_id'
-
-    # Make sure that constructing the `JWTAuth` object works when `user` is not
-    # passed.
-    with jwt_auth_init_mocks(enterprise_id=enterprise_id, assert_authed=False):
-        pass
-
-    with pytest.raises(TypeError):
-        with jwt_auth_init_mocks(enterprise_id=enterprise_id, user=user):
-            assert False
+    with jwt_auth_init_and_auth_mocks(sub=user, sub_type='user', enterprise_id='fake_enterprise_id', user=user) as oauth:
+        oauth.refresh(None)
 
 
 @pytest.mark.parametrize('jwt_auth_method_name', ['authenticate_user', 'authenticate_instance'])