def test_uma_rs_protect():
c = Client(uma_config)
resources = [
{
"path": "/photo",
"conditions": [{"httpMethods": ["GET"], "scopes": ["http://photoz.example.com/dev/actions/view"]}],
}
]
assert_true(c.uma_rs_protect(resources))
def test_uma_rs_protect():
c = Client(uma_config)
resources = [{
"path":
"/photo",
"conditions": [{
"httpMethods": ["GET"],
"scopes": ["http://photoz.example.com/dev/actions/view"]
}]
}]
assert_true(c.uma_rs_protect(resources))
def run_commands(config):
"""function that runs the commands for UMA RS app context
:param config: config file location
:return: None
"""
c = Client(config)
print "\n=> Setup client"
oxd_id = c.setup_client()
logging.info("Received: %s", oxd_id)
print "\n=> Get Client Token"
tokens = c.get_client_token(auto_update=False)
logging.info("Received: %s", tokens)
print "\n=> Protecting Resource: "
rset = ResourceSet()
r = rset.add("/photoz")
r.set_scope("GET", "https://photoz.example.com/uma/scope/view")
print rset
protected = c.uma_rs_protect(rset.dump())
logging.info("Received: %s", protected)
print "\n=> Checking Access for URL /photoz, with method GET"
access_status = c.uma_rs_check_access(rpt=None,
path='/photoz',
http_method='GET')
print "\n=> Checking Access Response:", access_status
logging.info('Received: %s', access_status)
print "\n=> Get RPT (Need Info Error)"
need_info = c.uma_rp_get_rpt(ticket=access_status['ticket'])
logging.info('Received: %s', need_info)
print "\n=> Get Claims Gathering Url"
claims_url = c.uma_rp_get_claims_gathering_url(
ticket=need_info['details']['ticket'])
print "Visit this URL in your browser: ", claims_url
logging.info('Received: %s', claims_url)
print "\n=> Get RPT"
callback_url = raw_input(
"Enter redirected URL to parse ticket and state: ")
parsed = urlparse.urlparse(callback_url)
params = urlparse.parse_qs(parsed.query)
rpt_resp = c.uma_rp_get_rpt(ticket=params['ticket'][0],
state=params['state'][0])
logging.info("Received: %s", rpt_resp)
print "\n=> Introspect RPT"
introspection = c.introspect_rpt(rpt=rpt_resp['access_token'])
logging.info('Received: %s', introspection)
print "\n=> Checking Access for URL /photoz, with RPT and method GET"
access = c.uma_rs_check_access(rpt=rpt_resp['access_token'],
path='/photoz',
http_method='GET')
print "\n=> Checking Access Response:", access
logging.info('Received: %s', access)
print "\n=> Protecting Resource with Scope_expression"
rset = ResourceSet()
r = rset.add("/photo")
scope_expr = {
"rule": {
"and": [{
"or": [{
"var": 0
}, {
"var": 1
}]
}, {
"var": 2
}]
},
"data": [
"http://photoz.example.com/dev/actions/all",
"http://photoz.example.com/dev/actions/add",
"http://photoz.example.com/dev/actions/internalClient"
]
}
r.set_expression("GET", scope_expr)
print rset
protected = c.uma_rs_protect(rset.dump())
logging.info("Received: %s", protected)
print "\n=> Checking Access for URL /photo, with scope_expression"
access_status = c.uma_rs_check_access(rpt=None,
path='/photo',
http_method='GET')
print "\n=> Checking Access Response:", access_status
logging.info('Received: %s', access_status)
