Ejemplo n.º 1
0
 def post(self):
     client = OAuth_Client(
         name=self.request.get('name'),
         redirect_uri=self.request.get('redirect_uri'),
     )
     client.put()
     self.redirect(self.request.path)
Ejemplo n.º 2
0
 def validate_params(self):
     self.user = users.get_current_user()
     if self.request.method == 'POST' and not self.user:
         self.error(403)
         self.response.out.write("Authentication required.")
         return False
     
     self.redirect_uri = self.request.get('redirect_uri')
     if not self.redirect_uri:
         self.error(400)
         self.response.out.write("The parameter redirect_uri is required.")
         return False
     # TODO: validate url?
     
     if not self.request.get('response_type') in self.SUPPORTED_RESPONSE_TYPES:
         self.authz_error('unsupported_response_type', "The requested response type is not supported.")
         return False
     
     self.client = OAuth_Client.get_by_client_id(self.request.get('client_id'))
     if not self.client:
         self.authz_error('invalid_client', "The client identifier provided is invalid.")
         return False
     
     if self.client.redirect_uri:
         if self.client.redirect_uri != self.redirect_uri:
             self.authz_error('redirect_uri_mismatch', 
                 "The redirection URI provided does not match a pre-registered value.")
             return False
     
     return True
Ejemplo n.º 3
0
    def handle(self):
        # TODO: MUST require transport-level security
        client_id       = self.request.get('client_id')
        client_secret   = self.request.get('client_secret')
        grant_type      = self.request.get('grant_type')
        scope           = self.request.get('scope')
        
        if not grant_type in self.SUPPORTED_GRANT_TYPES:
            self.render_error('unsupported_grant_type', "Grant type not supported.")
            return
        
        client = OAuth_Client.authenticate(client_id, client_secret)
        if not client:
            self.render_error('invalid_client', "Inavlid client credentials.")
            return

        # Dispatch to one of the grant handlers below
        getattr(self, 'handle_%s' % grant_type)(client, scope)
Ejemplo n.º 4
0
    def handle(self):
        # TODO: MUST require transport-level security
        client_id = self.request.get('client_id')
        client_secret = self.request.get('client_secret')
        grant_type = self.request.get('grant_type')
        scope = self.request.get('scope')

        if not grant_type in self.SUPPORTED_GRANT_TYPES:
            self.render_error('unsupported_grant_type',
                              "Grant type not supported.")
            return

        client = OAuth_Client.authenticate(client_id, client_secret)
        if not client:
            self.render_error('invalid_client', "Inavlid client credentials.")
            return

        # Dispatch to one of the grant handlers below
        getattr(self, 'handle_%s' % grant_type)(client, scope)
Ejemplo n.º 5
0
    def validate_params(self):
        self.user = users.get_current_user()
        if self.request.method == 'POST' and not self.user:
            self.error(403)
            self.response.out.write("Authentication required.")
            return False

        self.redirect_uri = self.request.get('redirect_uri')
        if not self.redirect_uri:
            self.error(400)
            self.response.out.write("The parameter redirect_uri is required.")
            return False
        # TODO: validate url?

        if not self.request.get(
                'response_type') in self.SUPPORTED_RESPONSE_TYPES:
            self.authz_error('unsupported_response_type',
                             "The requested response type is not supported.")
            return False

        self.client = OAuth_Client.get_by_client_id(
            self.request.get('client_id'))
        if not self.client:
            self.authz_error('invalid_client',
                             "The client identifier provided is invalid.")
            return False

        if self.client.redirect_uri:
            if self.client.redirect_uri != self.redirect_uri:
                self.authz_error(
                    'redirect_uri_mismatch',
                    "The redirection URI provided does not match a pre-registered value."
                )
                return False

        return True
Ejemplo n.º 6
0
 def get(self):
     clients = OAuth_Client.all()
     self.response.out.write(
         template.render('templates/clients.html', locals()))
Ejemplo n.º 7
0
from webtest import TestApp
from main import application, ProtectedResourceHandler
from oauth.models import OAuth_Client
from google.appengine.api import apiproxy_stub_map, datastore_file_stub

app = TestApp(application())

# clear datastore
apiproxy_stub_map.apiproxy._APIProxyStubMap__stub_map['datastore_v3'].Clear()

# set up test client
client = OAuth_Client(name='test')
client.put()


def test_protected_resource_fail_naked():
    response = app.get('/protected/resource', status=400)
    assert not ProtectedResourceHandler.SECRET_PAYLOAD in str(response)


def test_protected_resource_success_flow():
    response = app.post(
        '/oauth/token',
        dict(
            grant_type='password',
            username='******',
            password='******',
            client_id=client.client_id,
            client_secret=client.client_secret,
            scope='read',
        ))
Ejemplo n.º 8
0
 def post(self):
     client = OAuth_Client(
         name            = self.request.get('name'),
         redirect_uri    = self.request.get('redirect_uri'), )
     client.put()
     self.redirect(self.request.path)
Ejemplo n.º 9
0
 def get(self):
     clients = OAuth_Client.all()
     self.response.out.write(
         template.render('templates/clients.html', locals()))