def test_openid_commands(config_file):
"""function that runs the commands in a interactive manner
:param config_file: config file location
"""
c = Client(config_file)
print "\n=> Setup Client"
setup_data = c.setup_client()
logging.info("Received: %s", setup_data)
print "\n=> Get Client Token"
tokens = c.get_client_token(auto_update=False)
logging.info("Received: %s", tokens)
print "\n=> Introspect Access Token"
introspection = c.introspect_access_token(
access_token=tokens['access_token'])
logging.info("Received: %s", introspection)
print "\n=> Update site registration"
updated = c.update_site()
c.config.set("client", "scope", "openid,profile")
logging.info("Received: %s", updated)
print "\n=> Getting auth URL"
auth_url = c.get_authorization_url()
print "Visit this URL in your browser: ", auth_url
logging.info("Received: %s", auth_url)
print "\n=> Getting tokens by code"
callback_url = raw_input("Enter redirected URL to parse tokens: ")
parsed = urlparse.urlparse(callback_url)
params = urlparse.parse_qs(parsed.query)
tokens = c.get_tokens_by_code(params['code'][0], params['state'][0])
logging.info("Received: %s", tokens)
print "\n=> Getting user info"
claims = c.get_user_info(tokens['access_token'])
logging.info("Received: %s", claims)
print "\n=> Getting new access token using refresh token"
new_token = c.get_access_token_by_refresh_token(tokens["refresh_token"])
logging.info("Received: %s", new_token)
print "\n=> Getting Logout URI"
logout_uri = c.get_logout_uri()
logging.info("Received: %s", logout_uri)
print "Visit this URL to logout: ", logout_uri
print "\n=> Register Site"
reg = c.register_site()
logging.info("Received: %s", reg)
print "\n=> Remove Site"
oxd_id = c.remove_site()
logging.info("Received: %s", oxd_id)
def test_setup_client(config_file):
c = Client(config_file)
print "\n=> Setup Client"
response = c.setup_client()
logging.info("Received: %s", response)
print "\n=> Get Client Token"
# Set auto_update to False to prevent launching of new thread. auto_update
# is helpful for long running apps, but unnecessary for this test script
token = c.get_client_token(auto_update=False)
logging.info("Received: %s", token)
print "\n=> Introspect Access Token"
introspection = c.introspect_access_token(token['access_token'])
logging.info("Received: %s", introspection)
print "\n=> Remove Site"
oxd_id = c.remove_site()
logging.info("Received: %s", oxd_id)
def run_commands(config):
"""function that runs the commands for UMA RS app context
:param config: config file location
:return: None
"""
c = Client(config)
print "\n=> Setup client"
oxd_id = c.setup_client()
logging.info("Received: %s", oxd_id)
print "\n=> Get Client Token"
tokens = c.get_client_token(auto_update=False)
logging.info("Received: %s", tokens)
print "\n=> Protecting Resource: "
rset = ResourceSet()
r = rset.add("/photoz")
r.set_scope("GET", "https://photoz.example.com/uma/scope/view")
print rset
protected = c.uma_rs_protect(rset.dump())
logging.info("Received: %s", protected)
print "\n=> Checking Access for URL /photoz, with method GET"
access_status = c.uma_rs_check_access(rpt=None,
path='/photoz',
http_method='GET')
print "\n=> Checking Access Response:", access_status
logging.info('Received: %s', access_status)
print "\n=> Get RPT (Need Info Error)"
need_info = c.uma_rp_get_rpt(ticket=access_status['ticket'])
logging.info('Received: %s', need_info)
print "\n=> Get Claims Gathering Url"
claims_url = c.uma_rp_get_claims_gathering_url(
ticket=need_info['details']['ticket'])
print "Visit this URL in your browser: ", claims_url
logging.info('Received: %s', claims_url)
print "\n=> Get RPT"
callback_url = raw_input(
"Enter redirected URL to parse ticket and state: ")
parsed = urlparse.urlparse(callback_url)
params = urlparse.parse_qs(parsed.query)
rpt_resp = c.uma_rp_get_rpt(ticket=params['ticket'][0],
state=params['state'][0])
logging.info("Received: %s", rpt_resp)
print "\n=> Introspect RPT"
introspection = c.introspect_rpt(rpt=rpt_resp['access_token'])
logging.info('Received: %s', introspection)
print "\n=> Checking Access for URL /photoz, with RPT and method GET"
access = c.uma_rs_check_access(rpt=rpt_resp['access_token'],
path='/photoz',
http_method='GET')
print "\n=> Checking Access Response:", access
logging.info('Received: %s', access)
print "\n=> Protecting Resource with Scope_expression"
rset = ResourceSet()
r = rset.add("/photo")
scope_expr = {
"rule": {
"and": [{
"or": [{
"var": 0
}, {
"var": 1
}]
}, {
"var": 2
}]
},
"data": [
"http://photoz.example.com/dev/actions/all",
"http://photoz.example.com/dev/actions/add",
"http://photoz.example.com/dev/actions/internalClient"
]
}
r.set_expression("GET", scope_expr)
print rset
protected = c.uma_rs_protect(rset.dump())
logging.info("Received: %s", protected)
print "\n=> Checking Access for URL /photo, with scope_expression"
access_status = c.uma_rs_check_access(rpt=None,
path='/photo',
http_method='GET')
print "\n=> Checking Access Response:", access_status
logging.info('Received: %s', access_status)
