def test_downloader_view_new_download(self):
self.assertTrue(self.login())
ci = 1
at = 5
newToken = AccessToken(id=at,
accessToken="testToken",
userID="0",
serviceType="google",
tokenTime=timezone.now(),
userInfo="noInfo",
cloudItem=CloudItem.objects.get(id=ci))
newToken.save()
#first get the normal page
r = self.client.get("/download/" + str(ci) + "/" + str(at) + "/",
secure=True)
self.assertContains(r, "No download have been started")
#take last download
d = Download.objects.latest("downTime")
self.assertEquals(at, d.tokenID.id)
#button has not been click
self.assertEquals(constConfig.THREAD_NOTCLICKED, d.threadStatus)
def callback(request):
client_id = settings.CROPLET_API_CLIENT_ID
client_secret = settings.CROPLET_SECRET_API_KEY
error = request.GET.get('error')
auth_code = request.GET.get('code')
if (error != None):
pass
elif (auth_code != None):
data = {'grant_type': 'authorization_code',
'code': auth_code,
'client_id': client_id,
'client_secret': client_secret}
response = requests.post(
'http://localhost:8000/oauth2/access_token/', data)
response = json.loads(response.text)
if hasattr(request.user, "access_token"):
AccessToken.objects.get(user=request.user).delete()
token = AccessToken(user=request.user)
access_token = response.get('access_token')
if access_token:
accessToken = AccessToken(user=request.user, access_token=access_token)
accessToken.save()
request.user.access_token = token
request.user.save()
return redirect(reverse('map'))
def token(request):
# 验证应用端合法性
client = oauth_server.authorize(request.META.get('HTTP_AUTHORIZATION'))
if not client:
response = HttpResponse('401 Unauthorized', status=401)
response['WWW-Authenticate'] = 'Basic realm="Please provide your client_id and client_secret."'
return response
# 验证是否为令牌表单
form = TokenForm(request.POST)
if not form.is_valid():
return error_response('invalid_request')
grant_type = form.cleaned_data['grant_type']
code = form.cleaned_data['code']
redirect_uri = form.cleaned_data['redirect_uri']
# 处理authorization_code请求
if grant_type == 'authorization_code':
try:
code = AuthorizationCode.objects.filter(expire_time__gte=datetime.datetime.now()).get(client=client, code=UUID(bytes=urlsafe_base64_decode(code)), redirect_uri=redirect_uri)
except AuthorizationCode.DoesNotExist:
return error_response('invalid_grant')
try:
token = AccessToken(client=client, user=code.user, code=code.code, expire_time=datetime.datetime.now() + datetime.timedelta(hours=1))
token.save()
except IntegrityError:
AccessToken.objects.get(code=code.code).delete()
code.delete()
return error_response('invalid_grant')
return success_response(urlsafe_base64_encode(token.token.bytes))
else:
return error_response('unsupported_grant_type')
def _get_access_token(user, auth_code):
client_id = settings.CROPLET_API_CLIENT_ID
client_secret = settings.CROPLET_SECRET_API_KEY
post_data = {
'grant_type': 'authorization_code',
'code': auth_code,
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': 'http://localhost:8005/callback/'
}
response = requests.post('{cropr_url}/oauth2/token/'.format(cropr_url=settings.CROPR_URL), post_data)
if response.status_code != 200:
Grant.objects.filter(user=user).delete()
response = json.loads(response.text)
if (hasattr(user, "access_token")):
AccessToken.objects.filter(user=user).delete()
token = AccessToken(user=user)
access_token = response.get('access_token')
if access_token:
accessToken = AccessToken(user=user, access_token=access_token)
accessToken.save()
user.access_token = token
user.save()
def test_verify(self):
user_id = '1'
access_token = AccessToken(self.access_token_store, user_id=user_id)
access_token.save()
fetched_data = access_token.verify()
assert fetched_data['client_id'] == user_id
assert 0 <= fetched_data['expires_in'] <= 3600
def post(self):
user = self.get_current_user()
access_token = AccessToken(self.application.access_token_store,
user_id=user.id)
access_token.save()
data = {
"user": user,
"access_token": access_token,
}
self.render("mypage.pug", **data)
def oauth_callback(request):
"""Accept the authorization from the server and store the data we use to communicate with the Weavr"""
token = request.REQUEST.get('oauth_token')
verifier = request.REQUEST.get('oauth_verifier')
confirmed = request.REQUEST.get('oauth_callback_confirmed')
# Make sure we have the required parameters
if (not verifier) or (not token):
return render_error("missing params")
if not confirmed:
return render_error("connection wasn't confirmed")
# Get the token and store the verifier
request_token = get_object_or_404(RequestToken, oauth_key=token)
if not request_token:
return render_error("invalid request token")
prosthetic = request_token.prosthetic
cls = prosthetic.get_class()
if not cls:
raise Exception("Can't get class for prosthtic")
# verify the token and create a local object
verified_token = oauth.OAuthToken(request_token.oauth_key,
request_token.oauth_secret)
access_token = request_token.prosthetic.wrangler().get_access_token(
verified_token, verifier)
access_object = AccessToken(oauth_key=access_token.key,
oauth_secret=access_token.secret,
prosthetic=request_token.prosthetic,
enabled=True)
# make an API call with the token before we save it.
configuration = access_object.get_json("/1/weavr/configuration")
access_object.weavr_name = configuration['name']
access_object.weavr_url = configuration['blog']
if "post_keyword" in configuration:
access_object.prosthetic.blog_keyword = configuration['post_keyword']
# everything worked. Save access token
access_object.save()
request_token.delete() # don't need this any more
# if the ptk wants to do something at this point, it is able to.
ptk = cls(access_object)
post_oauth_callback = ptk.post_oauth_callback()
if post_oauth_callback:
return post_oauth_callback
# show or hide user login
hide_usernav = True
return render_to_response("success.html",
locals(),
context_instance=RequestContext(request))
def test_revoke(self):
user_id = '1'
access_token = AccessToken(self.access_token_store, user_id=user_id)
access_token.save()
assert access_token.revoke()
failed_user_id = self.access_token_store.get_session(
access_token.access_token, 'user_id')
assert failed_user_id is None
def test_find_by_access_token(self):
user_id = '1'
access_token = AccessToken(self.access_token_store, user_id=user_id)
access_token.save()
at = AccessToken(self.access_token_store).find_by_access_token(
access_token.access_token)
assert at.user_id == access_token.user_id
assert at.access_token == access_token.access_token
assert at.refresh_token == access_token.refresh_token
def fresh_access_token():
try:
access_token = AccessToken.objects.get(id=1)
except AccessToken.DoesNotExist:
access_token = AccessToken()
url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=%s&appid=%s&secret=%s" \
% (grant_type, appID, appSecret)
r = requests.get(url)
message = r.json()
access_token.token = message['access_token']
access_token.expires_in = int(message['expires_in'])
access_token.save()
def oauth_callback(request):
"""Accept the authorization from the server and store the data we use to communicate with the Weavr"""
token = request.REQUEST.get("oauth_token")
verifier = request.REQUEST.get("oauth_verifier")
confirmed = request.REQUEST.get("oauth_callback_confirmed")
# Make sure we have the required parameters
if (not verifier) or (not token):
return render_error("missing params")
if not confirmed:
return render_error("connection wasn't confirmed")
# Get the token and store the verifier
request_token = get_object_or_404(RequestToken, oauth_key=token)
if not request_token:
return render_error("invalid request token")
prosthetic = request_token.prosthetic
cls = prosthetic.get_class()
if not cls:
raise Exception("Can't get class for prosthtic")
# verify the token and create a local object
verified_token = oauth.OAuthToken(request_token.oauth_key, request_token.oauth_secret)
access_token = request_token.prosthetic.wrangler().get_access_token(verified_token, verifier)
access_object = AccessToken(
oauth_key=access_token.key, oauth_secret=access_token.secret, prosthetic=request_token.prosthetic, enabled=True
)
# make an API call with the token before we save it.
configuration = access_object.get_json("/1/weavr/configuration")
access_object.weavr_name = configuration["name"]
access_object.weavr_url = configuration["blog"]
if "post_keyword" in configuration:
access_object.prosthetic.blog_keyword = configuration["post_keyword"]
# everything worked. Save access token
access_object.save()
request_token.delete() # don't need this any more
# if the ptk wants to do something at this point, it is able to.
ptk = cls(access_object)
post_oauth_callback = ptk.post_oauth_callback()
if post_oauth_callback:
return post_oauth_callback
# show or hide user login
hide_usernav = True
return render_to_response("success.html", locals(), context_instance=RequestContext(request))
def test_save(self):
user_id = '1'
access_token = AccessToken(self.access_token_store, user_id=user_id)
access_token.save()
fetched_user_id = self.access_token_store.get_session(
access_token.access_token, 'user_id')
fetched_refresh_token = self.access_token_store.get_session(
access_token.access_token, 'refresh_token')
fetched_access_token = self.access_token_store.get_session(
access_token.prefixed_for_refresh(access_token.refresh_token),
'access_token')
print(fetched_user_id, fetched_access_token, fetched_refresh_token)
assert user_id == fetched_user_id
assert access_token.refresh_token == fetched_refresh_token
assert access_token.refresh_token == fetched_refresh_token
def token(request):
# 验证应用端合法性
client = oauth_server.authorize(request.META.get('HTTP_AUTHORIZATION'))
if not client:
response = HttpResponse('401 Unauthorized', status=401)
response[
'WWW-Authenticate'] = 'Basic realm="Please provide your client_id and client_secret."'
return response
# 验证是否为令牌表单
form = TokenForm(request.POST)
if not form.is_valid():
return error_response('invalid_request')
grant_type = form.cleaned_data['grant_type']
code = form.cleaned_data['code']
redirect_uri = form.cleaned_data['redirect_uri']
# 处理authorization_code请求
if grant_type == 'authorization_code':
try:
code = AuthorizationCode.objects.filter(
expire_time__gte=datetime.datetime.now()).get(
client=client,
code=UUID(bytes=urlsafe_base64_decode(code)),
redirect_uri=redirect_uri)
except AuthorizationCode.DoesNotExist:
return error_response('invalid_grant')
try:
token = AccessToken(client=client,
user=code.user,
code=code.code,
expire_time=datetime.datetime.now() +
datetime.timedelta(hours=1))
token.save()
except IntegrityError:
AccessToken.objects.get(code=code.code).delete()
code.delete()
return error_response('invalid_grant')
return success_response(urlsafe_base64_encode(token.token.bytes))
else:
return error_response('unsupported_grant_type')
def test_downloader_view_new_download(self):
self.assertTrue(self.login())
ci = 1
at = 5
newToken = AccessToken(id=at,accessToken="testToken",userID="0",serviceType="google",tokenTime=timezone.now(),userInfo="noInfo",cloudItem=CloudItem.objects.get(id=ci))
newToken.save()
#first get the normal page
r = self.client.get("/download/"+str(ci)+"/"+str(at)+"/",secure=True)
self.assertContains(r,"No download have been started")
#take last download
d = Download.objects.latest("downTime")
self.assertEquals(at,d.tokenID.id)
#button has not been click
self.assertEquals(constConfig.THREAD_NOTCLICKED,d.threadStatus)
def create_token(user, client): access_token = AccessToken(user=user, client=client) access_token.generate_token() access_token.save() return access_token
