def validate_client_id(client_id): if not client_id: return False try: db_oauth_client.get_client(client_id) return True except db_exceptions.NoDataFoundException: return False
def test_update(self): oauth_client = self.create_dummy_application() db_oauth_client.update( client_id=oauth_client["client_id"], name="Testing Application", desc="An app for testing", ) client = db_oauth_client.get_client(oauth_client["client_id"]) self.assertEqual(client["name"], "Testing Application") self.assertEqual(client["desc"], "An app for testing")
def delete(client_id): try: application = db_oauth_client.get_client(client_id) except db_exceptions.NoDataFoundException: raise NotFound() if str(application["user_id"]) != current_user.id: raise NotFound() db_oauth_client.delete(application["client_id"]) flash.success(gettext('You have deleted an application.')) return redirect(url_for('.index'))
def authorize_prompt(): """OAuth 2.0 authorization endpoint.""" response_type = request.args.get('response_type') client_id = request.args.get('client_id') redirect_uri = request.args.get('redirect_uri') scope = request.args.get('scope') state = request.args.get('state') if request.method == 'GET': # Client requests access oauth.validate_authorization_request(client_id, response_type, redirect_uri, scope) client = db_oauth_client.get_client(client_id) return render_template('oauth/prompt.html', client=client, scope=scope, cancel_url=build_url(redirect_uri, dict(error='access_denied'))) if request.method == 'POST': # User grants access to the client oauth.validate_authorization_request(client_id, response_type, redirect_uri, scope) code = oauth.generate_grant(client_id, current_user.id, redirect_uri, scope) return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def authorize_prompt(): """OAuth 2.0 authorization endpoint.""" response_type = request.args.get('response_type') client_id = request.args.get('client_id') redirect_uri = request.args.get('redirect_uri') scope = request.args.get('scope') state = request.args.get('state') if request.method == 'GET': # Client requests access oauth.validate_authorization_request(client_id, response_type, redirect_uri, scope) client = db_oauth_client.get_client(client_id) return render_template('oauth/prompt.html', client=client, scope=scope, cancel_url=build_url( redirect_uri, dict(error='access_denied'))) if request.method == 'POST': # User grants access to the client oauth.validate_authorization_request(client_id, response_type, redirect_uri, scope) code = oauth.generate_grant(client_id, current_user.id, redirect_uri, scope) return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def edit(client_id): try: application = db_oauth_client.get_client(client_id) except db_exceptions.NoDataFoundException: raise NotFound() if str(application["user_id"]) != current_user.id: raise NotFound() form = ApplicationForm() if form.validate_on_submit(): db_oauth_client.update( client_id=application["client_id"], name=form.name.data, desc=form.desc.data, website=form.website.data, redirect_uri=form.redirect_uri.data, ) flash.success(gettext("You have updated an application!")) return redirect(url_for('.index')) form.name.data = application["name"] form.desc.data = application["desc"] form.website.data = application["website"] form.redirect_uri.data = application["redirect_uri"] return render_template('profile/applications/edit.html', form=form)
def validate_client_redirect_uri(client_id, redirect_uri): client = db_oauth_client.get_client(client_id) if client is None or isinstance(redirect_uri, str) is False: return False return client["redirect_uri"] == redirect_uri.split('?')[0]
def validate_client_secret(client_id, client_secret): client = db_oauth_client.get_client(client_id) if client is None: return False return client["client_secret"] == client_secret
def test_delete(self): oauth_client = self.create_dummy_application() db_oauth_client.delete(oauth_client["client_id"]) with self.assertRaises(NoDataFoundException): db_oauth_client.get_client(oauth_client["client_id"])