def test_register_site_command():
# preset register client command response
c = Client(config_location)
c.oxd_id = None
assert_is_none(c.oxd_id)
c.register_site()
assert_is_not_none(c.oxd_id)
def test_register_site_command():
# preset register client command response
c = Client(config_location)
c.oxd_id = None
assert_is_none(c.oxd_id)
c.register_site()
assert_is_not_none(c.oxd_id)
def test_openid_commands(config_file):
"""function that runs the commands in a interactive manner
:param config_file: config file location
"""
c = Client(config_file)
print "\n=> Setup Client"
setup_data = c.setup_client()
logging.info("Received: %s", setup_data)
print "\n=> Get Client Token"
tokens = c.get_client_token(auto_update=False)
logging.info("Received: %s", tokens)
print "\n=> Introspect Access Token"
introspection = c.introspect_access_token(
access_token=tokens['access_token'])
logging.info("Received: %s", introspection)
print "\n=> Update site registration"
updated = c.update_site()
c.config.set("client", "scope", "openid,profile")
logging.info("Received: %s", updated)
print "\n=> Getting auth URL"
auth_url = c.get_authorization_url()
print "Visit this URL in your browser: ", auth_url
logging.info("Received: %s", auth_url)
print "\n=> Getting tokens by code"
callback_url = raw_input("Enter redirected URL to parse tokens: ")
parsed = urlparse.urlparse(callback_url)
params = urlparse.parse_qs(parsed.query)
tokens = c.get_tokens_by_code(params['code'][0], params['state'][0])
logging.info("Received: %s", tokens)
print "\n=> Getting user info"
claims = c.get_user_info(tokens['access_token'])
logging.info("Received: %s", claims)
print "\n=> Getting new access token using refresh token"
new_token = c.get_access_token_by_refresh_token(tokens["refresh_token"])
logging.info("Received: %s", new_token)
print "\n=> Getting Logout URI"
logout_uri = c.get_logout_uri()
logging.info("Received: %s", logout_uri)
print "Visit this URL to logout: ", logout_uri
print "\n=> Register Site"
reg = c.register_site()
logging.info("Received: %s", reg)
print "\n=> Remove Site"
oxd_id = c.remove_site()
logging.info("Received: %s", oxd_id)
def logout():
logout_user()
if os.path.exists(current_app.config["OXD_CLIENT_CONFIG_FILE"]):
config = current_app.config["OXD_CLIENT_CONFIG_FILE"]
oxc = Client(config)
# If site is not registered, first register it
if not oxc.config.get('oxd', 'id'):
oxc.register_site()
logout_url = oxc.get_logout_uri()
return redirect(logout_url)
pw_file = os.path.join(current_app.config['DATA_DIR'], '.pw')
if os.path.exists(pw_file):
os.remove(pw_file)
return redirect(url_for("auth.login"))
def test_register_raises_runtime_error_for_oxd_error_response():
config = os.path.join(this_dir, 'data', 'no_oxdid.cfg')
c = Client(config)
with assert_raises(RuntimeError):
c.register_site()
def test_uma_rp_get_rpt_force_new():
c = Client(uma_config)
c.register_site()
rpt2 = c.uma_rp_get_rpt(True)
assert_is_instance(rpt2, str)
def test_uma_rp_get_rpt():
c = Client(uma_config)
c.register_site()
rpt = c.uma_rp_get_rpt()
assert_is_instance(rpt, str)
def run_commands(config):
"""function that runs the commands for UMA RS app context
:param config: config file location
:return: None
"""
c = Client(config)
print "\n=> Registering client using register_site()"
oxd_id = c.register_site()
logging.info("Received: %s", oxd_id)
print "\n=> Protecting Resource: "
rset = ResourceSet()
r = rset.add("/photoz")
r.set_scope("GET", "https://photoz.example.com/uma/scope/view")
print rset
protected = c.uma_rs_protect(rset.dump())
logging.info("Received: %s", protected)
print "\n=> Checking Access for URL /photoz, with method GET"
access_status = c.uma_rs_check_access(rpt=None,
path='/photoz',
http_method='GET')
print "\n=> Checking Access Response:", access_status
logging.info('Received: %s', access_status)
print "\n=> Get RPT (Need Info Error)"
need_info = c.uma_rp_get_rpt(ticket=access_status['ticket'])
logging.info('Received: %s', need_info)
print "\n=> Get Claims Gathering Url"
claims_url = c.uma_rp_get_claims_gathering_url(
ticket=need_info['details']['ticket'])
print "Visit this URL in your browser: ", claims_url
logging.info('Received: %s', claims_url)
print "\n=> Get RPT"
callback_url = raw_input(
"Enter redirected URL to parse ticket and state: ")
parsed = urlparse.urlparse(callback_url)
params = urlparse.parse_qs(parsed.query)
rpt_resp = c.uma_rp_get_rpt(ticket=params['ticket'][0],
state=params['state'][0])
logging.info("Received: %s", rpt_resp)
print "\n=> Introspect RPT"
introspection = c.introspect_rpt(rpt=rpt_resp['access_token'])
logging.info('Received: %s', introspection)
print "\n=> Checking Access for URL /photoz, with RPT and method GET"
access = c.uma_rs_check_access(rpt=rpt_resp['access_token'],
path='/photoz',
http_method='GET')
print "\n=> Checking Access Response:", access
logging.info('Received: %s', access)
print "\n=> Protecting Resource with Scope_expression"
rset = ResourceSet()
r = rset.add("/photo")
scope_expr = {
"rule": {
"and": [{
"or": [{
"var": 0
}, {
"var": 1
}]
}, {
"var": 2
}]
},
"data": [
"http://photoz.example.com/dev/actions/all",
"http://photoz.example.com/dev/actions/add",
"http://photoz.example.com/dev/actions/internalClient"
]
}
r.set_expression("GET", scope_expr)
print rset
protected = c.uma_rs_protect(rset.dump())
logging.info("Received: %s", protected)
print "\n=> Checking Access for URL /photo, with scope_expression"
access_status = c.uma_rs_check_access(rpt=None,
path='/photo',
http_method='GET')
print "\n=> Checking Access Response:", access_status
logging.info('Received: %s', access_status)
def test_register_raises_runtime_error_for_oxd_error_response():
config = os.path.join(this_dir, "data", "no_oxdid.cfg")
c = Client(config)
with assert_raises(RuntimeError):
c.register_site()
def test_uma_rp_get_rpt_force_new():
c = Client(uma_config)
c.register_site()
rpt2 = c.uma_rp_get_rpt(True)
assert_is_instance(rpt2, str)
def test_uma_rp_get_rpt():
c = Client(uma_config)
c.register_site()
rpt = c.uma_rp_get_rpt()
assert_is_instance(rpt, str)
