def setUp(self):
self.app = flask.Flask(__name__)
self.app.testing = True
self.app.config['SECRET_KEY'] = 'notasecert'
self.oauth2 = FlaskOAuth2(self.app,
client_id='client_idz',
client_secret='client_secretz')
def test_explicit_storage(self):
storage_mock = mock.Mock()
oauth2 = FlaskOAuth2(flask.Flask(__name__),
storage=storage_mock,
client_id='id',
client_secret='secret')
self.assertEqual(oauth2.storage, storage_mock)
def test_create_flow(self):
with self.app.test_request_context():
flow = self.oauth2._make_flow()
state = json.loads(flow.params['state'])
self.assertTrue('google_oauth2_csrf_token' in flask.session)
self.assertEqual(flask.session['google_oauth2_csrf_token'],
state['csrf_token'])
self.assertEqual(flow.client_id, self.oauth2.client_id)
self.assertEqual(flow.client_secret, self.oauth2.client_secret)
self.assertTrue('http' in flow.redirect_uri)
self.assertTrue('oauth2callback' in flow.redirect_uri)
flow = self.oauth2._make_flow(return_url='/return_url')
state = json.loads(flow.params['state'])
self.assertEqual(state['return_url'], '/return_url')
flow = self.oauth2._make_flow(extra_arg='test')
self.assertEqual(flow.params['extra_arg'], 'test')
# Test extra args specified in the constructor.
app = flask.Flask(__name__)
app.config['SECRET_KEY'] = 'notasecert'
oauth2 = FlaskOAuth2(app,
client_id='client_id',
client_secret='secret',
extra_arg='test')
with app.test_request_context():
flow = oauth2._make_flow()
self.assertEqual(flow.params['extra_arg'], 'test')
def test_incremental_auth(self):
self.app = flask.Flask(__name__)
self.app.testing = True
self.app.config['SECRET_KEY'] = 'notasecert'
self.oauth2 = FlaskOAuth2(self.app,
client_id='client_idz',
client_secret='client_secretz',
include_granted_scopes=True)
@self.app.route('/one')
@self.oauth2.required(scopes=['one'])
def one():
return 'Hello'
@self.app.route('/two')
@self.oauth2.required(scopes=['two', 'three'])
def two():
return 'Hello'
# No credentials, should redirect
with self.app.test_client() as c:
rv = c.get('/one')
self.assertTrue('one' in rv.headers['Location'])
self.assertEqual(rv.status_code, httplib.FOUND)
# Credentials for one. /one should allow, /two should redirect.
credentials = self._generate_credentials(scopes=['one'])
with self.app.test_client() as c:
with c.session_transaction() as session:
session['google_oauth2_credentials'] = credentials.to_json()
rv = c.get('/one')
self.assertEqual(rv.status_code, httplib.OK)
rv = c.get('/two')
self.assertTrue('two' in rv.headers['Location'])
self.assertEqual(rv.status_code, httplib.FOUND)
# Starting the authorization flow should include the
# include_granted_scopes parameter as well as the scopes.
rv = c.get(rv.headers['Location'][17:])
q = urlparse.parse_qs(rv.headers['Location'].split('?', 1)[1])
self.assertTrue('include_granted_scopes' in q)
self.assertEqual(q['scope'][0], 'email one two three')
# Actually call two() without a redirect.
credentials2 = self._generate_credentials(scopes=['two', 'three'])
with self.app.test_client() as c:
with c.session_transaction() as session:
session['google_oauth2_credentials'] = credentials2.to_json()
rv = c.get('/two')
self.assertEqual(rv.status_code, httplib.OK)
def test_explicit_configuration(self):
oauth2 = FlaskOAuth2(flask.Flask(__name__),
client_id='id',
client_secret='secret')
self.assertEqual(oauth2.client_id, 'id')
self.assertEqual(oauth2.client_secret, 'secret')
return_val = (clientsecrets.TYPE_WEB, {
'client_id': 'id',
'client_secret': 'secret'
})
with mock.patch('oauth2client.clientsecrets.loadfile',
return_value=return_val):
oauth2 = FlaskOAuth2(flask.Flask(__name__),
client_secrets_file='file.json')
self.assertEqual(oauth2.client_id, 'id')
self.assertEqual(oauth2.client_secret, 'secret')
def test_app_configuration(self):
app = flask.Flask(__name__)
app.config['GOOGLE_OAUTH2_CLIENT_ID'] = 'id'
app.config['GOOGLE_OAUTH2_CLIENT_SECRET'] = 'secret'
oauth2 = FlaskOAuth2(app)
self.assertEqual(oauth2.client_id, 'id')
self.assertEqual(oauth2.client_secret, 'secret')
return_val = (clientsecrets.TYPE_WEB, {
'client_id': 'id2',
'client_secret': 'secret2'
})
with mock.patch('oauth2client.clientsecrets.loadfile',
return_value=return_val):
app = flask.Flask(__name__)
app.config['GOOGLE_OAUTH2_CLIENT_SECRETS_FILE'] = 'file.json'
oauth2 = FlaskOAuth2(app)
self.assertEqual(oauth2.client_id, 'id2')
self.assertEqual(oauth2.client_secret, 'secret2')
def _create_incremental_auth_app(self):
self.app = flask.Flask(__name__)
self.app.testing = True
self.app.config['SECRET_KEY'] = 'notasecert'
self.oauth2 = FlaskOAuth2(self.app,
client_id='client_idz',
client_secret='client_secretz',
include_granted_scopes=True)
@self.app.route('/one')
@self.oauth2.required(scopes=['one'])
def one():
return 'Hello'
@self.app.route('/two')
@self.oauth2.required(scopes=['two', 'three'])
def two():
return 'Hello'
def test_explicit_scopes(self):
oauth2 = FlaskOAuth2(flask.Flask(__name__),
scopes=['1', '2'],
client_id='id',
client_secret='secret')
self.assertEqual(oauth2.scopes, ['1', '2'])
def test_delayed_configuration(self):
app = flask.Flask(__name__)
oauth2 = FlaskOAuth2()
oauth2.init_app(app, client_id='id', client_secret='secret')
self.assertEqual(oauth2.app, app)