def setUp(self):
self.validator = mock.MagicMock(spec=RequestValidator)
self.validator.get_default_redirect_uri.return_value = self.DEFAULT_REDIRECT_URI
self.validator.get_code_challenge.return_value = None
self.validator.authenticate_client.side_effect = self.set_client
self.web = WebApplicationServer(self.validator)
self.mobile = MobileApplicationServer(self.validator)
def setUp(self):
self.validator = mock.MagicMock(spec=RequestValidator)
self.validator.get_default_redirect_uri.return_value = None
self.web = WebApplicationServer(self.validator)
self.mobile = MobileApplicationServer(self.validator)
self.legacy = LegacyApplicationServer(self.validator)
self.backend = BackendApplicationServer(self.validator)
def setUp(self):
self.validator = mock.MagicMock(spec=RequestValidator)
self.validator.get_default_redirect_uri.return_value = TestScopeHandling.DEFAULT_REDIRECT_URI
self.validator.authenticate_client.side_effect = self.set_client
self.web = WebApplicationServer(self.validator)
self.mobile = MobileApplicationServer(self.validator)
self.legacy = LegacyApplicationServer(self.validator)
self.backend = BackendApplicationServer(self.validator)
def setUp(self):
self.validator = mock.MagicMock(spec=RequestValidator)
self.validator.get_default_redirect_uri.return_value = 'http://i.b./path'
self.web = WebApplicationServer(self.validator,
token_generator=self.inspect_client)
self.mobile = MobileApplicationServer(
self.validator, token_generator=self.inspect_client)
self.legacy = LegacyApplicationServer(
self.validator, token_generator=self.inspect_client)
self.backend = BackendApplicationServer(
self.validator, token_generator=self.inspect_client)
def setUp(self):
self.validator = mock.MagicMock(spec=RequestValidator)
self.validator.is_pkce_required.return_value = False
self.validator.get_code_challenge.return_value = None
self.validator.get_default_redirect_uri.return_value = 'http://i.b./path'
self.web = WebApplicationServer(self.validator,
token_generator=self.inspect_client)
self.mobile = MobileApplicationServer(self.validator,
token_generator=self.inspect_client)
self.legacy = LegacyApplicationServer(self.validator,
token_generator=self.inspect_client)
self.backend = BackendApplicationServer(self.validator,
token_generator=self.inspect_client)
self.token_uri = 'http://example.com/path'
self.auth_uri = 'http://example.com/path?client_id=abc&response_type=token'
# should be base64 but no added value in this unittest
self.basicauth_client_creds = {"Authorization": "john:doe"}
self.basicauth_client_id = {"Authorization": "john:"}
# request.client. The two former will be set when you validate
# the authorization code. Don't forget to save both the
# access_token and the refresh_token and set expiration for the
# access_token to now + expires_in seconds.
pass
def invalidate_authorization_code(self, client_id, code, request, *args,
**kwargs):
# Authorization codes are use once, invalidate it when a Bearer token
# has been acquired.
pass
# Protected resource request
def validate_bearer_token(self, token, scopes, request):
# Remember to check expiration and scope membership
pass
# Token refresh request
def get_original_scopes(self, refresh_token, request, *args, **kwargs):
# Obtain the token associated with the given refresh_token and
# return its scopes, these will be passed on to the refreshed
# access token if the client did not specify a scope during the
# request.
pass
validator = SkeletonValidator()
server = WebApplicationServer(validator)
import tornado.web
from oauthlib.oauth2 import WebApplicationServer
from tornado_oauth_manager.oauth import SkeletonValidator
server = WebApplicationServer(SkeletonValidator())
class AuthorizationHandler(tornado.web.RequestHandler):
def get(self):
client_id = self.get_argument('client_id')
scopes, credentials = server.validate_authorization_request(
self.request.uri, self.request.method,
self.request.body, self.request.headers)
self.write('<h1> Authorize access to %s </h1>' % client_id)
self.write('<form method="POST" action="/authorize">')
for scope in scopes or []:
self.write('<input type="checkbox" name="scopes" '
'value="%s"/> %s' % (scope, scope))
self.write('<input type="submit" value="Authorize"/>')
def post(self):
scopes = self.get_arguments('scopes')
credentials = {'user': '******'}
headers, body, status = server.create_authorization_response(
self.request.uri, self.request.method,
self.request.body, self.request.headers,
scopes, credentials)
self.write(repr((headers, body, status)))
body = urllib.parse.urlencode(req.params)
else:
body = req.stream.read()
uri = url_fix(req.uri)
return uri, req.method, body, req.headers
def patch_response(resp: falcon.Response, headers, body, status):
if body:
resp.body = body
resp.set_headers(headers)
if isinstance(status, int):
status = getattr(falcon, 'HTTP_{}'.format(status))
resp.status = status
return resp
auth_endpoint = WebApplicationServer(SimpleRequestValidator())
app = falcon.API()
app.add_route('/oauth/authorize',
AuthorizeHandler(authorization_endpoint=auth_endpoint))
app.add_route('/oauth/token',
TokenHandler(authorization_endpoint=auth_endpoint))
app.add_route('/oauth/callback', CallbackHandler())
app.add_route('/oauth/error', CallbackHandler())
if __name__ == '__main__':
from wsgiref.simple_server import make_server
service = make_server('localhost', 8000, app)
service.serve_forever()
def __init__(self, request):
self.request = request
self.user_svc = self.request.find_service(name='user')
validator = self.request.find_service(name='oauth_validator')
self.oauth = WebApplicationServer(validator)
from benwaonline_auth.database import db
from benwaonline_auth.models import User
from benwaonline_auth.schemas import UserSchema
from benwaonline_auth.oauth import twitter
from benwaonline_auth.bwoauth import auth
from benwaonline_auth.bwoauth.core import (
BenwaValidator,
generate_jwt_token,
generate_refresh_token,
)
validator = BenwaValidator()
server = WebApplicationServer(
validator,
token_generator=generate_jwt_token,
refresh_token_generator=generate_refresh_token,
)
@auth.errorhandler(errors.FatalClientError)
def handle_invalid_usage(error):
"""Error handler."""
response = dict(error.twotuples)
params = {
"redirect_uri": error.redirect_uri,
"client_id": error.client_id,
"scopes": error.scopes,
}
return jsonify({**response, **params}), 500
