Beispiel #1
0
 def setUp(self):
     super(RestfulCase, self).setUp()
     self.login = LOGIN
     self.password = PASSWORD
     self.client_key = CLIENT_KEY
     self.client_secret = CLIENT_SECRET
     self.callback_url = CALLBACK_URL
     self.version_url = self.url_prepare(VERSION_URL)
     self.database_url = self.url_prepare(DATABASE_URL)
     self.csrf_token_url = self.url_prepare(CSRF_URL)
     self.oauth1_request_token_url = self.url_prepare(
         OAUTH1_REQUEST_TOKEN_URL)
     self.oauth1_authorization_url = self.url_prepare(
         OAUTH1_AUTHORIZATION_URL)
     self.oauth1_access_token_url = self.url_prepare(
         OAUTH1_ACCESS_TOKEN_URL)
     self.oauth2_authorization_url = self.url_prepare(
         OAUTH2_AUTHORIZATION_URL)
     self.oauth2_access_token_url = self.url_prepare(
         OAUTH2_ACCESS_TOKEN_URL)
     self.oauth2_revoke_url = self.url_prepare(OAUTH2_REVOKE_URL)
     self.test_authentication_url = self.url_prepare(
         TEST_AUTHENTICATION_URL)
     self.field_names_url = self.url_prepare(FIELD_NAMES_URL)
     self.fields_url = self.url_prepare(FIELDS_URL)
     self.metadata_url = self.url_prepare(METADATA_URL)
     self.user_url = self.url_prepare(USER_URL)
     self.userinfo_url = self.url_prepare(USERINFO_URL)
     self.session_url = self.url_prepare(SESSION_URL)
     self.call_url = self.url_prepare(CALL_URL)
     self.xmlid_url = self.url_prepare(XMLID_URL)
     self.binary_url = self.url_prepare(BINARY_URL)
     self.upload_url = self.url_prepare(UPLOAD_URL)
     self.report_url = self.url_prepare(REPORT_URL)
     self.reports_url = self.url_prepare(REPORTS_URL)
     self.search_url = self.url_prepare(SEARCH_URL)
     self.name_url = self.url_prepare(NAME_URL)
     self.read_url = self.url_prepare(READ_URL)
     self.search_read_url = self.url_prepare(SEARCH_READ_URL)
     self.read_group_url = self.url_prepare(READ_GROUP_URL)
     self.create_url = self.url_prepare(CREATE_URL)
     self.write_url = self.url_prepare(WRITE_URL)
     self.unlink_url = self.url_prepare(UNLINK_URL)
     self.access_url = self.url_prepare(ACCESS_URL)
     self.access_rights_url = self.url_prepare(ACCESS_RIGHTS_URL)
     self.access_rules_url = self.url_prepare(ACCESS_RULES_URL)
     self.access_fields_url = self.url_prepare(ACCESS_FIELDS_URL)
     self.test_client_key = generate_token()
     self.test_client_secret = generate_token()
     self.env['muk_rest.oauth2'].create({
         'name': 'OAuth2 Test',
         'client_id': self.test_client_key,
         'client_secret': self.test_client_secret,
         'state': 'password'
     })
     self.origin_transport = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT')
     os.environ[
         'OAUTHLIB_INSECURE_TRANSPORT'] = 'OAUTHLIB_INSECURE_TRANSPORT'
Beispiel #2
0
class OAuth1(models.Model):

    _name = 'muk_rest.oauth1'
    _description = "OAuth1 Configuration"

    #----------------------------------------------------------
    # Database
    #----------------------------------------------------------

    oauth = fields.Many2one(comodel_name='muk_rest.oauth',
                            string='OAuth',
                            delegate=True,
                            required=True,
                            ondelete='cascade')

    consumer_key = fields.Char(string="Consumer Key",
                               required=True,
                               default=lambda x: security.generate_token())

    consumer_secret = fields.Char(string="Consumer Secret",
                                  required=True,
                                  default=lambda x: security.generate_token())

    #----------------------------------------------------------
    # Constraints
    #----------------------------------------------------------

    _sql_constraints = [
        ('consumer_key_unique', 'UNIQUE (consumer_key)',
         'Consumer Key must be unique.'),
        ('consumer_secret_unique', 'UNIQUE (consumer_secret)',
         'Consumer Secret must be unique.'),
    ]

    @api.constrains('consumer_key')
    def check_consumer_key(self):
        for record in self:
            if not (20 < len(record.consumer_key) < 50):
                raise ValidationError(
                    _("The consumer key must be between 20 and 50 characters long."
                      ))

    @api.constrains('consumer_secret')
    def check_consumer_secret(self):
        for record in self:
            if not (20 < len(record.consumer_secret) < 50):
                raise ValidationError(
                    _("The consumer secret must be between 20 and 50 characters long."
                      ))

    #----------------------------------------------------------
    # Create / Update / Delete
    #----------------------------------------------------------

    def unlink(self):
        self.mapped('oauth').unlink()
        return super(OAuth1, self).unlink()
Beispiel #3
0
 def setUp(self):
     super(SettingsTestCase, self).setUp()
     self.oauth_settings_client_key = generate_token()
     self.oauth_settings_client_secret = generate_token()
     self.oatuh_settings_client = self.env['muk_rest.oauth2'].create({
         'name':
         "Settings Test",
         'client_id':
         self.oauth_settings_client_key,
         'client_secret':
         self.oauth_settings_client_secret,
         'state':
         'password',
         'security':
         'advanced',
         'rules': [(0, 0, {
             'model': self.ref('base.model_res_partner')
         })]
     })
Beispiel #4
0
class OAuth2(models.Model):

    _name = 'muk_rest.oauth2'
    _description = "OAuth2 Configuration"

    #----------------------------------------------------------
    # Database
    #----------------------------------------------------------

    oauth = fields.Many2one(comodel_name='muk_rest.oauth',
                            string='OAuth',
                            delegate=True,
                            required=True,
                            ondelete='restrict')

    state = fields.Selection(selection=[
        ('authorization_code', 'Authorization Code'), ('implicit', 'Implicit'),
        ('password', 'Password Credentials'),
        ('client_credentials', 'Client Credentials')
    ],
                             string="OAuth Type",
                             required=True,
                             default='authorization_code')

    client_id = fields.Char(string="Client Key",
                            required=True,
                            default=lambda x: security.generate_token())

    client_secret = fields.Char(string="Client Secret",
                                states={
                                    'authorization_code': [('required', True)],
                                    'client_credentials': [('required', True)]
                                },
                                default=lambda x: security.generate_token())

    default_callback = fields.Many2one(
        comodel_name='muk_rest.callback',
        string="Default Callback",
        domain='[("id", "in", callbacks)]',
        context='{"default_oauth": active_id}',
        states={'authorization_code': [('required', True)]},
        ondelete='restrict')

    user = fields.Many2one(comodel_name='res.users',
                           string="User",
                           states={
                               'authorization_code': [('invisible', True)],
                               'implicit': [('invisible', True)],
                               'password': [('invisible', True)],
                               'client_credentials': [('required', True)]
                           },
                           ondelete='cascade')

    #----------------------------------------------------------
    # Constraints
    #----------------------------------------------------------

    _sql_constraints = [
        ('client_id_unique', 'UNIQUE (client_id)',
         'Client ID must be unique.'),
        ('client_secret_unique', 'UNIQUE (client_secret)',
         'Client Secret must be unique.'),
    ]
Beispiel #5
0
class OAuth2(models.Model):

    _name = 'muk_rest.oauth2'
    _description = "OAuth2 Configuration"

    #----------------------------------------------------------
    # Database
    #----------------------------------------------------------

    oauth = fields.Many2one(comodel_name='muk_rest.oauth',
                            string='OAuth',
                            delegate=True,
                            required=True,
                            ondelete='cascade')

    state = fields.Selection(selection=[
        ('authorization_code', 'Authorization Code'), ('implicit', 'Implicit'),
        ('password', 'Password Credentials'),
        ('client_credentials', 'Client Credentials')
    ],
                             string="OAuth Type",
                             required=True,
                             default='authorization_code')

    client_id = fields.Char(string="Client Key",
                            required=True,
                            default=lambda x: security.generate_token())

    client_secret = fields.Char(string="Client Secret",
                                states={
                                    'authorization_code': [('required', True)],
                                    'client_credentials': [('required', True)]
                                },
                                default=lambda x: security.generate_token())

    default_callback = fields.Many2one(compute='_compute_default_callback',
                                       comodel_name='muk_rest.callback',
                                       string="Default Callback")

    user = fields.Many2one(comodel_name='res.users',
                           string="User",
                           states={
                               'authorization_code': [('invisible', True)],
                               'implicit': [('invisible', True)],
                               'password': [('invisible', True)],
                               'client_credentials': [('required', True)]
                           },
                           ondelete='cascade')

    #----------------------------------------------------------
    # Constraints
    #----------------------------------------------------------

    _sql_constraints = [
        ('client_id_unique', 'UNIQUE (client_id)',
         'Client ID must be unique.'),
        ('client_secret_unique', 'UNIQUE (client_secret)',
         'Client Secret must be unique.'),
    ]

    @api.constrains('state', 'callbacks')
    def _check_default_callback(self):
        for record in self.filtered(
                lambda rec: rec.state == 'authorization_code'):
            if not record.default_callback:
                raise ValidationError(
                    _("Authorization Code needs a default callback."))

    #----------------------------------------------------------
    # Read
    #----------------------------------------------------------

    @api.depends('callbacks')
    def _compute_default_callback(self):
        for record in self:
            if len(record.callbacks) >= 1:
                record.default_callback = record.callbacks[0]

    #----------------------------------------------------------
    # Create / Update / Delete
    #----------------------------------------------------------

    @api.multi
    def unlink(self):
        self.mapped('oauth').unlink()
        return super(OAuth2, self).unlink()
Beispiel #6
0
 def setUp(self):
     super(AuthenticationTestCase, self).setUp()
     self.oauth1_oob_client_key = generate_token()
     self.oauth1_oob_client_secret = generate_token()
     self.oauth1_callback_client_key = generate_token()
     self.oauth1_callback_client_secret = generate_token()
     self.oauth2_web_client_key = generate_token()
     self.oauth2_web_client_secret = generate_token()
     self.oauth2_mobile_client_key = generate_token()
     self.oauth2_mobile_client_secret = generate_token()
     self.oauth2_legacy_client_key = generate_token()
     self.oauth2_legacy_client_secret = generate_token()
     self.oauth2_backend_client_key = generate_token()
     self.oauth2_backend_client_secret = generate_token()
     self.env['muk_rest.oauth1'].create({
         'name':
         'OAuth1 Test OOB',
         'consumer_key':
         self.oauth1_oob_client_key,
         'consumer_secret':
         self.oauth1_oob_client_secret
     })
     self.env['muk_rest.oauth1'].create({
         'name':
         'OAuth1 Test Callback',
         'consumer_key':
         self.oauth1_callback_client_key,
         'consumer_secret':
         self.oauth1_callback_client_secret,
         'callbacks': [(0, 0, {
             'url': self.callback_url
         })]
     })
     oauth_web = self.env['muk_rest.oauth2'].create({
         'name':
         'OAuth2 Test - Web Application Flow',
         'client_id':
         self.oauth2_web_client_key,
         'client_secret':
         self.oauth2_web_client_secret,
         'state':
         'authorization_code',
         'callbacks': [(0, 0, {
             'url': self.callback_url
         })]
     })
     oauth_mobile = self.env['muk_rest.oauth2'].create({
         'name':
         'OAuth2 Test - Mobile Application Flow',
         'client_id':
         self.oauth2_mobile_client_key,
         'client_secret':
         self.oauth2_mobile_client_secret,
         'state':
         'implicit',
         'callbacks': [(0, 0, {
             'url': self.callback_url
         })]
     })
     self.env['muk_rest.oauth2'].create({
         'name': 'OAuth2 Test - Legacy Application Flow',
         'client_id': self.oauth2_legacy_client_key,
         'client_secret': self.oauth2_legacy_client_secret,
         'state': 'password'
     })
     self.env['muk_rest.oauth2'].create({
         'name': 'OAuth2 Test - Backend Application Flow',
         'client_id': self.oauth2_backend_client_key,
         'client_secret': self.oauth2_backend_client_secret,
         'state': 'client_credentials',
         'user': SUPERUSER_ID
     })