def setUp(self): self.client = Client(identifier="abc", secret="xyz", authorized_grants=["authorization_code"], authorized_response_types=["code"], redirect_uris=["http://callback"]) self.client_store_mock = Mock(spec=ClientStore) self.source_mock = Mock() self.authenticator = ClientAuthenticator( client_store=self.client_store_mock, source=self.source_mock)
def setUp(self): self.client = Client(identifier="abc", secret="xyz", authorized_grants=["authorization_code"], authorized_response_types=["code"], redirect_uris=["http://callback"]) self.client_store_mock = Mock(spec=ClientStore) self.source_mock = Mock() self.authenticator = ClientAuthenticator( client_store=self.client_store_mock, source=self.source_mock)
def __init__(self, access_token_store, auth_code_store, client_store, token_generator, client_authentication_source=request_body, response_class=Response): self.grant_types = [] self._input_handler = None self.access_token_store = access_token_store self.auth_code_store = auth_code_store self.client_authenticator = ClientAuthenticator( client_store=client_store, source=client_authentication_source) self.response_class = response_class self.token_generator = token_generator
def __init__(self, request, site_adapter): self.request = Request(request) self.site_adapter = site_adapter self.token_generator = Uuid4() self.client_store = self._get_client_store() self.access_token_store = self._get_token_store() self.client_authenticator = ClientAuthenticator( client_store=self.client_store, source=request_body ) self.grant_types = [];
def __init__(self, access_token_store, auth_code_store, client_store, site_adapter, token_generator, client_authentication_source=request_body, response_class=Response): """ Endpoint of requests to the OAuth 2.0 provider. :param access_token_store: An object that implements methods defined by :class:`oauth2.store.AccessTokenStore`. :param auth_code_store: An object that implements methods defined by :class:`oauth2.store.AuthTokenStore`. :param client_store: An object that implements methods defined by :class:`oauth2.store.ClientStore`. :param site_adapter: An object that implements methods defined by :class:`oauth2.web.SiteAdapter`. :param token_generator: Object to generate unique tokens. :param client_authentication_source: A callable which when executed, authenticates a client. See :module:`oauth2.client_authenticator`. :param response_class: Class of the response object. Defaults to :class:`oauth2.web.Response`. """ self.grant_types = [] self._input_handler = None self.access_token_store = access_token_store self.auth_code_store = auth_code_store self.client_authenticator = ClientAuthenticator( client_store=client_store, source=client_authentication_source) self.response_class = response_class self.site_adapter = site_adapter self.token_generator = token_generator
class ClientAuthenticatorTestCase(unittest.TestCase): def setUp(self): self.client = Client(identifier="abc", secret="xyz", authorized_grants=["authorization_code"], authorized_response_types=["code"], redirect_uris=["http://callback"]) self.client_store_mock = Mock(spec=ClientStore) self.source_mock = Mock() self.authenticator = ClientAuthenticator( client_store=self.client_store_mock, source=self.source_mock) def test_by_identifier(self): redirect_uri = "http://callback" self.client_store_mock.fetch_by_client_id.return_value = self.client request_mock = Mock(spec=Request) request_mock.get_param.side_effect = [self.client.identifier, redirect_uri] client = self.authenticator.by_identifier(request=request_mock) self.client_store_mock.fetch_by_client_id.\ assert_called_with(self.client.identifier) self.assertEqual(client.redirect_uri, redirect_uri) def test_by_identifier_client_id_not_set(self): request_mock = Mock(spec=Request) request_mock.get_param.return_value = None with self.assertRaises(OAuthInvalidNoRedirectError) as expected: self.authenticator.by_identifier(request=request_mock) self.assertEqual(expected.exception.error, "missing_client_id") def test_by_identifier_unknown_client(self): request_mock = Mock(spec=Request) request_mock.get_param.return_value = "def" self.client_store_mock.fetch_by_client_id.\ side_effect = ClientNotFoundError with self.assertRaises(OAuthInvalidNoRedirectError) as expected: self.authenticator.by_identifier(request=request_mock) self.assertEqual(expected.exception.error, "unknown_client") def test_by_identifier_unknown_redirect_uri(self): response_type = "code" unknown_redirect_uri = "http://unknown.com" request_mock = Mock(spec=Request) request_mock.get_param.side_effect = [self.client.identifier, response_type, unknown_redirect_uri] self.client_store_mock.fetch_by_client_id.return_value = self.client with self.assertRaises(OAuthInvalidNoRedirectError) as expected: self.authenticator.by_identifier(request=request_mock) self.assertEqual(expected.exception.error, "invalid_redirect_uri") def test_by_identifier_secret(self): client_id = "abc" client_secret = "xyz" grant_type = "authorization_code" request_mock = Mock(spec=Request) request_mock.post_param.return_value = grant_type self.source_mock.return_value = (client_id, client_secret) self.client_store_mock.fetch_by_client_id.return_value = self.client self.authenticator.by_identifier_secret(request=request_mock) self.client_store_mock.fetch_by_client_id.\ assert_called_with(client_id) def test_by_identifier_secret_unknown_client(self): client_id = "def" client_secret = "uvw" self.source_mock.return_value = (client_id, client_secret) request_mock = Mock(spec=Request) self.client_store_mock.fetch_by_client_id.\ side_effect = ClientNotFoundError with self.assertRaises(OAuthInvalidError) as expected: self.authenticator.by_identifier_secret(request_mock) self.assertEqual(expected.exception.error, "invalid_client") def test_by_identifier_secret_client_not_authorized(self): client_id = "abc" client_secret = "xyz" grant_type = "client_credentials" self.source_mock.return_value = (client_id, client_secret) request_mock = Mock(spec=Request) request_mock.post_param.return_value = grant_type self.client_store_mock.fetch_by_client_id.return_value = self.client with self.assertRaises(OAuthInvalidError) as expected: self.authenticator.by_identifier_secret(request_mock) self.assertEqual(expected.exception.error, "unauthorized_client") def test_by_identifier_secret_wrong_secret(self): client_id = "abc" client_secret = "uvw" grant_type = "authorization_code" self.source_mock.return_value = (client_id, client_secret) request_mock = Mock(spec=Request) request_mock.post_param.return_value = grant_type self.client_store_mock.fetch_by_client_id.return_value = self.client with self.assertRaises(OAuthInvalidError) as expected: self.authenticator.by_identifier_secret(request_mock) self.assertEqual(expected.exception.error, "invalid_client")
class ClientAuthenticatorTestCase(unittest.TestCase): def setUp(self): self.client = Client(identifier="abc", secret="xyz", authorized_grants=["authorization_code"], authorized_response_types=["code"], redirect_uris=["http://callback"]) self.client_store_mock = Mock(spec=ClientStore) self.source_mock = Mock() self.authenticator = ClientAuthenticator( client_store=self.client_store_mock, source=self.source_mock) def test_by_identifier(self): redirect_uri = "http://callback" self.client_store_mock.fetch_by_client_id.return_value = self.client request_mock = Mock(spec=Request) request_mock.get_param.side_effect = [ self.client.identifier, redirect_uri ] client = self.authenticator.by_identifier(request=request_mock) self.client_store_mock.fetch_by_client_id.\ assert_called_with(self.client.identifier) self.assertEqual(client.redirect_uri, redirect_uri) def test_by_identifier_client_id_not_set(self): request_mock = Mock(spec=Request) request_mock.get_param.return_value = None with self.assertRaises(OAuthInvalidNoRedirectError) as expected: self.authenticator.by_identifier(request=request_mock) self.assertEqual(expected.exception.error, "missing_client_id") def test_by_identifier_unknown_client(self): request_mock = Mock(spec=Request) request_mock.get_param.return_value = "def" self.client_store_mock.fetch_by_client_id.\ side_effect = ClientNotFoundError with self.assertRaises(OAuthInvalidNoRedirectError) as expected: self.authenticator.by_identifier(request=request_mock) self.assertEqual(expected.exception.error, "unknown_client") def test_by_identifier_unknown_redirect_uri(self): response_type = "code" unknown_redirect_uri = "http://unknown.com" request_mock = Mock(spec=Request) request_mock.get_param.side_effect = [ self.client.identifier, response_type, unknown_redirect_uri ] self.client_store_mock.fetch_by_client_id.return_value = self.client with self.assertRaises(OAuthInvalidNoRedirectError) as expected: self.authenticator.by_identifier(request=request_mock) self.assertEqual(expected.exception.error, "invalid_redirect_uri") def test_by_identifier_secret(self): client_id = "abc" client_secret = "xyz" grant_type = "authorization_code" request_mock = Mock(spec=Request) request_mock.post_param.return_value = grant_type self.source_mock.return_value = (client_id, client_secret) self.client_store_mock.fetch_by_client_id.return_value = self.client self.authenticator.by_identifier_secret(request=request_mock) self.client_store_mock.fetch_by_client_id.\ assert_called_with(client_id) def test_by_identifier_secret_unknown_client(self): client_id = "def" client_secret = "uvw" self.source_mock.return_value = (client_id, client_secret) request_mock = Mock(spec=Request) self.client_store_mock.fetch_by_client_id.\ side_effect = ClientNotFoundError with self.assertRaises(OAuthInvalidError) as expected: self.authenticator.by_identifier_secret(request_mock) self.assertEqual(expected.exception.error, "invalid_client") def test_by_identifier_secret_client_not_authorized(self): client_id = "abc" client_secret = "xyz" grant_type = "client_credentials" self.source_mock.return_value = (client_id, client_secret) request_mock = Mock(spec=Request) request_mock.post_param.return_value = grant_type self.client_store_mock.fetch_by_client_id.return_value = self.client with self.assertRaises(OAuthInvalidError) as expected: self.authenticator.by_identifier_secret(request_mock) self.assertEqual(expected.exception.error, "unauthorized_client") def test_by_identifier_secret_wrong_secret(self): client_id = "abc" client_secret = "uvw" grant_type = "authorization_code" self.source_mock.return_value = (client_id, client_secret) request_mock = Mock(spec=Request) request_mock.post_param.return_value = grant_type self.client_store_mock.fetch_by_client_id.return_value = self.client with self.assertRaises(OAuthInvalidError) as expected: self.authenticator.by_identifier_secret(request_mock) self.assertEqual(expected.exception.error, "invalid_client")