Ejemplo n.º 1
0
def create_auth_server():
    client_store = ClientStore()
    client_store.add_client(
        client_id="alexa.matsuoka",
        client_secret="xxxx",
        redirect_uris=[
            "https://layla.amazon.com/api/skill/link/M2Q7FOC6AVxxxx",
            "https://pitangui.amazon.com/api/skill/link/M2Q7FOC6AVxxxx",
            "https://alexa.amazon.co.jp/api/skill/link/M2Q7FOC6AVxxxx"
        ])

    token_store = TokenStore()
    token_store.save_token(
        AccessToken(client_id="alexa.matsuoka",
                    grant_type="authorization_code",
                    user_id="*****@*****.**",
                    token="xxxx"))

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store,
                        client_store=client_store,
                        token_generator=Uuid4(),
                        client_authentication_source=http_basic_auth)
    provider.add_grant(
        AuthorizationCodeGrant(site_adapter=TestSiteAdapter(),
                               unique_token=True))

    app = Application([
        url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
        url(provider.token_path, OAuth2Handler, dict(provider=provider)),
    ],
                      debug=False)

    return app
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(
            client_id="abc",
            client_secret="xyz",
            redirect_uris=["http://localhost:8081/callback"])

        token_store = TokenStore()

        auth_controller = Provider(access_token_store=token_store,
                                   auth_code_store=token_store,
                                   client_store=client_store,
                                   site_adapter=TestSiteAdapter(),
                                   token_generator=Uuid4())
        auth_controller.add_grant(AuthorizationCodeGrant())

        app = Wsgi(server=auth_controller)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

        print(
            "Starting implicit_grant oauth2 server on http://localhost:8080/..."
        )
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc",
                                client_secret="xyz",
                                redirect_uris=["http://localhost:8081/"])

        token_store = TokenStore()

        provider = Provider(access_token_store=token_store,
                            auth_code_store=token_store,
                            client_store=client_store,
                            token_generator=Uuid4())
        provider.add_grant(ImplicitGrant(site_adapter=TestSiteAdapter()))

        app = Application(provider=provider)

        httpd = make_server('', 8080, app)

        print(
            "Starting implicit_grant oauth2 server on http://localhost:8080/..."
        )
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Ejemplo n.º 4
0
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc", client_secret="xyz",
                                redirect_uris=[])

        token_store = TokenStore()
        token_gen = Uuid4()
        token_gen.expires_in['client_credentials'] = 3600

        auth_controller = Provider(
            access_token_store=token_store,
            auth_code_store=token_store,
            client_store=client_store,
            token_generator=token_gen)
        auth_controller.add_grant(ClientCredentialsGrant())

        app = Application(provider=auth_controller)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

        print("Starting implicit_grant oauth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Ejemplo n.º 5
0
def run_auth_server():
    client_store = ClientStore()
    client_store.add_client(client_id="abc", client_secret="xyz",
                            redirect_uris=[],
                            authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type])

    token_store = TokenStore()

    # Generator of tokens
    token_generator = oauth2.tokengenerator.Uuid4()
    token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store, client_store=client_store,
                        token_generator=token_generator)
    # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))
    provider.add_grant(ClientCredentialsGrant())

    try:
        app = Application([
            url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
            url(provider.token_path, OAuth2Handler, dict(provider=provider)),
        ])

        app.listen(8080)
        print("Starting OAuth2 server on http://localhost:8080/...")
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
Ejemplo n.º 6
0
def run_auth_server():
    client_store = ClientStore()
    # client_store.add_client(client_id="abc", client_secret="xyz",
    #                         redirect_uris=["http://localhost:8081/callback"])
    client_store.add_client(client_id="abc", client_secret="xyz",
                            redirect_uris=["http://localhost:8080/auth/realms/keycloak-express/broker/oidc/endpoint"])

    token_store = TokenStore()

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store, client_store=client_store,
                        token_generator=Uuid4())
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    try:
        app = Application([
            url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
            url(provider.token_path, OAuth2Handler, dict(provider=provider)),
        ])

        app.listen(8090)
        print("Starting OAuth2 server on http://localhost:8090/...")
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
Ejemplo n.º 7
0
def run_auth_server():
    client_store = ClientStore()
    client_store.add_client(client_id="abc", client_secret="xyz",
                            redirect_uris=["http://10.10.112.59:8081/callback"])
    client_store.add_client(client_id="bcd", client_secret="fff",
                            redirect_uris=["http://10.10.112.59:50000/callback"])
    client_store.add_client(client_id="9fdc2c7a1cee0cca54c150e3e0b822eb", client_secret="zzz",
                            redirect_uris=["http://10.10.112.59:8888/callback"])

    token_store = TokenStore()

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store, client_store=client_store,
                        token_generator=Uuid4())
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    settings = dict(
        template_path=os.path.join(os.path.dirname(__file__), "templates"),
        static_path=os.path.join(os.path.dirname(__file__), "static"),
        cookie_secret='61oETzKXQAGaYdkL5gEmGEJJFuYh7EQnp2XdTP1o/Vo=',
    )
    try:
        app = Application([
            url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
            url(provider.token_path, OAuth2Handler, dict(provider=provider)),
            url("/", MainHandler),
        ], **settings)

        app.listen(8080)
        print "Starting OAuth2 server on http://10.10.112.59:8080/..."
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
Ejemplo n.º 8
0
    def setUp(self):
        self.access_token_data = {
            "client_id": "myclient",
            "token": "xyz",
            "scopes": ["foo_read", "foo_write"],
            "data": {
                "name": "test"
            },
            "grant_type": "authorization_code"
        }
        self.auth_code = AuthorizationCode("myclient", "abc", 100,
                                           "http://localhost",
                                           ["foo_read", "foo_write"],
                                           {"name": "test"})

        self.test_store = TokenStore()
Ejemplo n.º 9
0
 def setUp(self):
     self.access_token_data = {"client_id": "myclient",
                               "token": "xyz",
                               "scopes": ["foo_read", "foo_write"],
                               "data": {"name": "test"},
                               "grant_type": "authorization_code"}
     self.auth_code = AuthorizationCode("myclient", "abc", 100,
                                        "http://localhost",
                                        ["foo_read", "foo_write"],
                                        {"name": "test"})
     
     self.test_store = TokenStore()
Ejemplo n.º 10
0
class MemoryTokenStoreTestCase(unittest.TestCase):
    def setUp(self):
        self.access_token_data = {"client_id": "myclient",
                                  "token": "xyz",
                                  "scopes": ["foo_read", "foo_write"],
                                  "data": {"name": "test"},
                                  "grant_type": "authorization_code"}
        self.auth_code = AuthorizationCode("myclient", "abc", 100,
                                           "http://localhost",
                                           ["foo_read", "foo_write"],
                                           {"name": "test"})
        
        self.test_store = TokenStore()
    
    def test_fetch_by_code(self):
        with self.assertRaises(AuthCodeNotFound):
            self.test_store.fetch_by_code("unknown")
    
    def test_save_code_and_fetch_by_code(self):
        success = self.test_store.save_code(self.auth_code)
        self.assertTrue(success)
        
        result = self.test_store.fetch_by_code(self.auth_code.code)
        
        self.assertEqual(result, self.auth_code)
    
    def test_save_token_and_fetch_by_token(self):
        access_token = AccessToken(**self.access_token_data)
        
        success = self.test_store.save_token(access_token)
        self.assertTrue(success)
        
        result = self.test_store.fetch_by_token(access_token.token)
        
        self.assertEqual(result, access_token)
Ejemplo n.º 11
0
def run_auth_server(port=8282):
    print("Starting OAuth2 server on port:" + str(port))

    client_store = ClientStore()
    client_store.add_client(client_id="abc",
                            client_secret="xyz",
                            redirect_uris=["http://0.0.0.0:5000/"])

    token_store = TokenStore()

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store,
                        client_store=client_store,
                        token_generator=Uuid4())
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    app = Application(provider=provider)

    httpd = make_server('', port, app, handler_class=OAuthRequestHandler)

    httpd.serve_forever()
Ejemplo n.º 12
0
    def get(self):
        try:
            client_store = ClientStore()
            client_store.add_client(client_id="abc", client_secret="xyz",
                                    redirect_uris=[],
                                    authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type])

            token_store = TokenStore()

            # Generator of tokens
            token_generator = oauth2.tokengenerator.Uuid4()
            token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600

            provider = Provider(access_token_store=token_store,
                                auth_code_store=token_store, client_store=client_store,
                                token_generator=token_generator)
            # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))
            provider.add_grant(ClientCredentialsGrant())
        except Exception as e:
            result = {"success":0,"return_code":unicode(e),"error_msg":utils.format_error()}

        self.finish(result)
Ejemplo n.º 13
0
def run_auth_server():
	try:
		client_store = ClientStore()
		client_store.add_client(client_id="abc", client_secret="xyz",
								redirect_uris=["http://localhost:8081/callback"])

		token_store = TokenStore()

		provider = TestProvider(
			access_token_store=token_store,
			auth_code_store=token_store,
			client_store=client_store,
			token_generator=Uuid4())

		app = OAuthApplication(provider=provider)

		httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

		print("Starting OAuth2 server on http://localhost:8080/...")
		httpd.serve_forever()
	except KeyboardInterrupt:
		httpd.server_close()
Ejemplo n.º 14
0
class MemoryTokenStoreTestCase(unittest.TestCase):
    def setUp(self):
        self.access_token_data = {
            "client_id": "myclient",
            "token": "xyz",
            "scopes": ["foo_read", "foo_write"],
            "data": {
                "name": "test"
            },
            "grant_type": "authorization_code"
        }
        self.auth_code = AuthorizationCode("myclient", "abc", 100,
                                           "http://localhost",
                                           ["foo_read", "foo_write"],
                                           {"name": "test"})

        self.test_store = TokenStore()

    def test_fetch_by_code(self):
        with self.assertRaises(AuthCodeNotFound):
            self.test_store.fetch_by_code("unknown")

    def test_save_code_and_fetch_by_code(self):
        success = self.test_store.save_code(self.auth_code)
        self.assertTrue(success)

        result = self.test_store.fetch_by_code(self.auth_code.code)

        self.assertEqual(result, self.auth_code)

    def test_save_token_and_fetch_by_token(self):
        access_token = AccessToken(**self.access_token_data)

        success = self.test_store.save_token(access_token)
        self.assertTrue(success)

        result = self.test_store.fetch_by_token(access_token.token)

        self.assertEqual(result, access_token)
Ejemplo n.º 15
0
# -*- coding: utf-8 -*-

import cherrypy
from . import verify, client_credentials, password
from oauth2.tokengenerator import Uuid4
from oauth2.store.memory import ClientStore, TokenStore

tokens = TokenStore()
clients = ClientStore()
clients.add_client(client_id="novareto", client_secret="test",
                        redirect_uris=[])

tickets = Uuid4()
tickets.expires_in['client_credentials'] = 7200


def run():
    cherrypy.config.update({
        'server.socket_host': '0.0.0.0',
        'server.socket_port': 8085,
    })

    cherrypy.tree.graft(
        client_credentials.make_application(tokens, clients, tickets),
        '/auth.client')

    cherrypy.tree.graft(
        password.make_application(tokens, clients, tickets),
        '/auth.passwd')

    cherrypy.tree.graft(
Ejemplo n.º 16
0
    def __init__(self, dbconnection):
        self.templates = os.path.join(os.path.dirname(__file__),
                                      "../templates")
        self.static = os.path.join(os.path.dirname(__file__), "../static")

        # DataBase connection
        self.dbconnection = dbconnection

        ##
        # OAuth authentication service (token provider)
        # Client Store (will be taken from db)
        client_store = ClientStore()
        client_store.add_client(client_id="abc",
                                client_secret="xyz",
                                redirect_uris=["http://localhost:8111"])

        ##
        # OAuth Token Store (in memory)
        token_store = TokenStore()

        # Generator of tokens
        token_generator = Uuid4()
        #token_generator.expires_in[ClientCredentialsGrant.grant_type] = 3600

        ##
        # OAuth Provider
        provider = Provider(access_token_store=token_store,
                            auth_code_store=token_store,
                            client_store=client_store,
                            token_generator=token_generator)

        #provider.token_path = '/oauth/token'

        # Support for the authorization code grant
        provider.add_grant(
            AuthorizationCodeGrant(site_adapter=CodeGrant(self.templates)))
        # provider.add_grant(
        #     ImplicitGrant(site_adapter=Authentication())
        # )

        logger.debug(provider.authorize_path)
        logger.debug(provider.token_path)
        ##
        # Auth handlers
        auth_handlers = [
            web.url(provider.authorize_path, OAuth2Handler,
                    dict(provider=provider)),
            web.url(provider.token_path, OAuth2Handler,
                    dict(provider=provider))
        ]

        ##
        # Web
        web_handlers = [
            web.url(r"/login", login.Index),
            web.url(r"/logout", logout.Index),
            web.url(r"/password/(.*)", password.Index),
            web.url(r"/forgot_password", password.Forgot),
            web.url(r"/registration", registration.Index),
            web.url(r'/', home.Index),
            web.url(r'/settings', home.User),
            web.url(r'/projects', projects.Projects),
            web.url(r'/slices/([a-z0-9\._\-]+)', slices.Slices),
            web.url(r'/users', users.Users),
            web.url(r'/users/?(' + self.urn_regex + ')', users.Users),
            web.url(r'/activity', activity.Index),
            web.url(r'/confirm/(' + self.uuid_regex + ')?', confirm.Index),
            web.url(r'/status', status.Index),
            web.url(r'/static/(.*)', web.StaticFileHandler,
                    {'path': self.static}),
            web.url(r'/test', test.Index),
            web.url(r"/addOrganization", addOrganization.Index)
        ]

        ##
        # REST API

        rest_handlers = [
            web.url(r'/api/v1/activity?([A-Za-z0-9-]+)?', ActivityHandler),
            web.url(r'/api/v1/activity/(' + self.uuid_regex + ')?',
                    ActivityHandler),
            web.url(r'/api/v1/confirm/(' + self.uuid_regex + ')?',
                    ConfirmHandler),
            web.url(r'/api/v1/requests?([A-Za-z0-9-]+)?', RequestsHandler),
            web.url(r'/api/v1/requests/(' + self.uuid_regex + ')?',
                    RequestsHandler),
            web.url(r'/api/v1/usertoken?', UserTokenHandler),
            web.url(r'/api/v1/login', LoginHandler),
            web.url(r'/api/v1/password', PasswordHandler),
            web.url(r'/api/v1/password/(.*)', PasswordHandler),
            web.url(r'/api/v1/resources$', ResourcesHandler),
            web.url(r'/api/v1/resources/(' + self.urn_regex + ')?$',
                    ResourcesHandler),
            web.url(r'/api/v1/resources/(' + self.urn_regex + ')?/?(leases)?$',
                    ResourcesHandler),
            web.url(r'/api/v1/resources/(' + self.urn_regex + ')?/?(slices)?$',
                    ResourcesHandler),
            web.url(
                r'/api/v1/resources/(' + self.urn_regex + ')?/?(testbeds)?$',
                ResourcesHandler),
            # leases
            web.url(r'/api/v1/leases$', LeasesHandler),
            web.url(r'/api/v1/leases/([A-Za-z0-9-]+)?', LeasesHandler),
            web.url(r'/api/v1/profile$', ProfileHandler),
            # testbeds
            web.url(
                r'/api/v1/testbeds/?(' + self.urn_regex + ')?/?(resources)?$',
                TestbedsHandler),
            web.url(r'/api/v1/testbeds/?(' + self.urn_regex + ')?/?(leases)?$',
                    TestbedsHandler),
            # users
            web.url(r'/api/v1/users$', UsersHandler),
            web.url(r'/api/v1/users/(' + self.email_regex + ')$',
                    UsersHandler),
            web.url(
                r'/api/v1/users/?(' + self.urn_regex +
                ')?/?(authorities|projects|slices)?$', UsersHandler),
            web.url(r'/api/v1/users/?(authorities|projects|slices)?$',
                    UsersHandler),
            # authorities
            web.url(r'/api/v1/authorities$', AuthoritiesHandler),
            web.url(
                r'/api/v1/authorities/?(' + self.urn_regex +
                ')?/?(users|projects)?$', AuthoritiesHandler),
            # projects
            web.url(
                r'/api/v1/projects/?(' + self.urn_regex +
                ')?/?(users|slices)?$', ProjectsHandler),
            # slices
            web.url(
                r'/api/v1/slices/?(' + self.hrn_regex +
                ')?/?(users|resources)?$', SlicesHandler),
            web.url(
                r'/api/v1/slices/?(' + self.urn_regex +
                ')?/?(users|resources)?$', SlicesHandler),

            # F-Interop sessions
            # security based on the slice id
            web.url(
                r'/api/v1/finterop/sessions/?(' + self.urn_regex +
                ')?/?(start|stop)?$', FinteropSessionsHandler),
            web.url(
                r'/api/v1/finterop/sessions/?(' + self.hrn_regex +
                ')?/?(start|stop)?$', FinteropSessionsHandler),
            web.url(
                r'/api/v1/finterop/sessions/?([a-zA-Z0-9]+)?/?(start|stop)?$',
                FinteropSessionsHandler),
            #web.url(r'/api/v1/finterop/sessions/?([a-zA-Z0-9]+)?/resources$', ResourceRepoHandler),
        ]

        ##
        # Websockets API
        # SockJSRouter: configure Websocket
        WebsocketRouter = SockJSRouter(WebsocketsHandler, '/api/v1/live')

        ##
        # URLs handlers
        handlers = auth_handlers + web_handlers + rest_handlers + WebsocketRouter.urls

        settings = dict(
            cookie_secret=config.web["cookie_secret"],
            login_url="/login",
            token_secret=config.web["token_secret"],
            template_path=self.templates,
            static_path=self.static,
            #xsrf_cookies=True,
            debug=True)

        web.Application.__init__(self, handlers, **settings)