def test_handshake(self):
"""Test the OAuth handshake procedure
"""
oaconsumer = oauth.OAuthConsumer(self.consumer.key, self.consumer.secret)
# Get a request key...
request = oauth.OAuthRequest.from_consumer_and_token(
oaconsumer, http_url="http://testserver/api/oauth/request_token"
)
request.sign_request(self.signature_method, oaconsumer, None)
response = self.client.get("/api/oauth/request_token", request.parameters)
oatoken = oauth.OAuthToken.from_string(response.content)
token = Token.objects.get(key=oatoken.key, token_type=Token.REQUEST)
self.assertEqual(token.secret, oatoken.secret)
# Simulate user authentication...
self.failUnless(self.client.login(username="******", password="******"))
request = oauth.OAuthRequest.from_token_and_callback(
token=oatoken,
callback="http://printer.example.com/request_token_ready",
http_url="http://testserver/api/oauth/authorize",
)
request.sign_request(self.signature_method, oaconsumer, oatoken)
# Request the login page
# TODO: Parse the response to make sure all the fields exist
# response = self.client.get('/api/oauth/authorize', {
# 'oauth_token': oatoken.key,
# 'oauth_callback': 'http://printer.example.com/request_token_ready',
# })
response = self.client.post(
"/api/oauth/authorize",
{
"oauth_token": oatoken.key,
"oauth_callback": "http://printer.example.com/request_token_ready",
"csrf_signature": OAuthAuthenticationForm.get_csrf_signature(settings.SECRET_KEY, oatoken.key),
"authorize_access": 1,
},
)
# Response should be a redirect...
self.assertEqual(302, response.status_code)
self.assertEqual(
"http://printer.example.com/request_token_ready?oauth_token=" + oatoken.key, response["Location"]
)
# Obtain access token...
request = oauth.OAuthRequest.from_consumer_and_token(
oaconsumer, token=oatoken, http_url="http://testserver/api/oauth/access_token"
)
request.sign_request(self.signature_method, oaconsumer, oatoken)
response = self.client.get("/api/oauth/access_token", request.parameters)
oa_atoken = oauth.OAuthToken.from_string(response.content)
atoken = Token.objects.get(key=oa_atoken.key, token_type=Token.ACCESS)
self.assertEqual(atoken.secret, oa_atoken.secret)
def test_handshake(self):
"""Test the OAuth handshake procedure
"""
oaconsumer = oauth.OAuthConsumer(self.consumer.key, self.consumer.secret)
# Get a request key...
request = oauth.OAuthRequest.from_consumer_and_token(
oaconsumer, http_url="http://testserver/api/oauth/request_token"
)
request.sign_request(self.signature_method, oaconsumer, None)
response = self.client.get("/api/oauth/request_token", request.parameters)
oatoken = oauth.OAuthToken.from_string(response.content)
token = Token.objects.get(key=oatoken.key, token_type=Token.REQUEST)
self.assertEqual(token.secret, oatoken.secret)
# Simulate user authentication...
self.failUnless(self.client.login(username="******", password="******"))
request = oauth.OAuthRequest.from_token_and_callback(
token=oatoken,
callback="http://printer.example.com/request_token_ready",
http_url="http://testserver/api/oauth/authorize",
)
request.sign_request(self.signature_method, oaconsumer, oatoken)
# Request the login page
# TODO: Parse the response to make sure all the fields exist
# response = self.client.get('/api/oauth/authorize', {
# 'oauth_token': oatoken.key,
# 'oauth_callback': 'http://printer.example.com/request_token_ready',
# })
# Send request with "Content-type: application/x-www-form-urlencoded"
# c.f. http://www.mail-archive.com/[email protected]/msg01556.html
response = self.client.post(
"/api/oauth/authorize",
urlencode(
{
"oauth_token": oatoken.key,
"oauth_callback": "http://printer.example.com/request_token_ready",
"csrf_signature": OAuthAuthenticationForm.get_csrf_signature(settings.SECRET_KEY, oatoken.key),
"authorize_access": 1,
},
doseq=True,
),
content_type="application/x-www-form-urlencoded; charset=utf-8",
)
# Response should be a redirect...
self.assertEqual(302, response.status_code)
self.failUnless(response["Location"].startswith("http://printer.example.com/request_token_ready?"))
self.failUnless(("oauth_token=" + oatoken.key in response["Location"]))
def test_handshake(self):
'''Test the OAuth handshake procedure
'''
oaconsumer = oauth.OAuthConsumer(self.consumer.key, self.consumer.secret)
# Get a request key...
request = oauth.OAuthRequest.from_consumer_and_token(oaconsumer,
http_url='http://testserver/oauth/request_token/'
)
request.sign_request(self.signature_method, oaconsumer, None)
response = self.client.get('/oauth/request_token/', request.parameters)
oatoken = oauth.OAuthToken.from_string(response.content)
token = Token.objects.get(key=oatoken.key, token_type=Token.REQUEST)
self.assertEqual(token.secret, oatoken.secret)
# Simulate user authentication...
self.failUnless(self.client.login(username='******', password='******'))
request = oauth.OAuthRequest.from_token_and_callback(token=oatoken,
callback='http://printer.example.com/request_token_ready',
http_url='http://testserver/oauth/authorize/')
request.sign_request(self.signature_method, oaconsumer, oatoken)
# Request the login page
# TODO: Parse the response to make sure all the fields exist
# response = self.client.get('/api/oauth/authorize', {
# 'oauth_token': oatoken.key,
# 'oauth_callback': 'http://printer.example.com/request_token_ready',
# })
response = self.client.post('/oauth/authorize/', {
'oauth_token': oatoken.key,
'oauth_callback': 'http://printer.example.com/request_token_ready',
'csrf_signature': OAuthAuthenticationForm.get_csrf_signature(settings.SECRET_KEY, oatoken.key),
'authorize_access': 1,
})
# Response should be a redirect...
self.assertEqual(302, response.status_code)
self.assertEqual('http://printer.example.com/request_token_ready?oauth_token='+oatoken.key, response['Location'])
# Obtain access token...
request = oauth.OAuthRequest.from_consumer_and_token(oaconsumer, token=oatoken,
http_url='http://testserver/oauth/access_token/')
request.sign_request(self.signature_method, oaconsumer, oatoken)
response = self.client.get('/oauth/access_token/', request.parameters)
oa_atoken = oauth.OAuthToken.from_string(response.content)
atoken = Token.objects.get(key=oa_atoken.key, token_type=Token.ACCESS)
self.assertEqual(atoken.secret, oa_atoken.secret)
# save the acces token so we can do oauth requests
self.oa_atoken = oa_atoken
def oauth_auth_view(request, token, callback, params):
form = OAuthAuthenticationForm(
initial={
'oauth_token': token.key,
'oauth_callback': callback,
# 'oauth_callback': token.get_callback_url() or callback, # XXX changed
})
return render('authorize_token.html', {
'form': form,
'apiconsumers': True,
},
context_instance=RequestContext(request))
def test_handshake(self):
'''Test the OAuth handshake procedure
'''
oaconsumer = oauth.OAuthConsumer(self.consumer.key,
self.consumer.secret)
# Get a request key...
request = oauth.OAuthRequest.from_consumer_and_token(
oaconsumer, http_url='http://testserver/api/oauth/request_token')
request.sign_request(self.signature_method, oaconsumer, None)
response = self.client.get('/api/oauth/request_token',
request.parameters)
oatoken = oauth.OAuthToken.from_string(response.content)
token = Token.objects.get(key=oatoken.key, token_type=Token.REQUEST)
self.assertEqual(token.secret, oatoken.secret)
# Simulate user authentication...
self.failUnless(self.client.login(username='******', password='******'))
request = oauth.OAuthRequest.from_token_and_callback(
token=oatoken,
callback='http://printer.example.com/request_token_ready',
http_url='http://testserver/api/oauth/authorize')
request.sign_request(self.signature_method, oaconsumer, oatoken)
# Request the login page
# TODO: Parse the response to make sure all the fields exist
# response = self.client.get('/api/oauth/authorize', {
# 'oauth_token': oatoken.key,
# 'oauth_callback': 'http://printer.example.com/request_token_ready',
# })
response = self.client.post(
'/api/oauth/authorize', {
'oauth_token':
oatoken.key,
'oauth_callback':
'http://printer.example.com/request_token_ready',
'csrf_signature':
OAuthAuthenticationForm.get_csrf_signature(
settings.SECRET_KEY, oatoken.key),
'authorize_access':
1,
})
# Response should be a redirect...
self.assertEqual(302, response.status_code)
self.failUnless(response['Location'].startswith(
"http://printer.example.com/request_token_ready?"))
self.failUnless(('oauth_token=' + oatoken.key in response['Location']))
def handshake(self, ssl=False):
'''Test the OAuth handshake procedure
'''
oaconsumer = oauth.OAuthConsumer(self.consumer.key,
self.consumer.secret)
# Get a request key...
request = oauth.OAuthRequest.from_consumer_and_token(
oaconsumer, http_url='http://testserver/api/oauth/request_token')
request.sign_request(self.signature_method, oaconsumer, None)
response = self.client.get('/api/oauth/request_token',
request.parameters)
oatoken = oauth.OAuthToken.from_string(response.content)
token = Token.objects.get(key=oatoken.key, token_type=Token.REQUEST)
self.assertEqual(token.secret, oatoken.secret)
# Simulate user authentication...
self.failUnless(self.client.login(username='******', password='******'))
request = oauth.OAuthRequest.from_token_and_callback(
token=oatoken,
callback='http://printer.example.com/request_token_ready',
http_url='http://testserver/api/oauth/authorize')
request.sign_request(self.signature_method, oaconsumer, oatoken)
# Request the login page
# TODO: Parse the response to make sure all the fields exist
response = self.client.get(
'/api/oauth/authorize', {
'oauth_token': oatoken.key,
'oauth_callback':
'http://printer.example.com/request_token_ready',
})
response = self.client.post(
'/api/oauth/authorize', {
'oauth_token':
oatoken.key,
'oauth_callback':
'http://printer.example.com/request_token_ready',
'csrf_signature':
OAuthAuthenticationForm.get_csrf_signature(
settings.SECRET_KEY, oatoken.key),
'authorize_access':
1,
})
redirect_to = response['Location']
query_string = urllib.splitquery(redirect_to)[1]
data = dict(cgi.parse_qsl(query_string))
verifier = data['oauth_verifier']
returned_token = data['oauth_token']
# Response should be a redirect...
self.assertEqual(302, response.status_code)
self.failUnless(
redirect_to.startswith(
"http://printer.example.com/request_token_ready?"))
self.assertEqual(oatoken.key, returned_token)
#response = self.client.get(redirect_to)
oatoken.set_verifier(verifier)
# Obtain access token...
protocol = 'http'
port = '80'
if ssl:
protocol = 'https'
port = '443'
request = oauth.OAuthRequest.from_consumer_and_token(
oaconsumer,
token=oatoken,
verifier=verifier,
http_url='%s://testserver:%s/api/oauth/access_token' %
(protocol, port))
request.sign_request(self.signature_method, oaconsumer, oatoken)
extra = {}
if ssl:
extra['wsgi.url_scheme'] = 'https'
extra['SERVER_PORT'] = '443'
response = self.client.get('/api/oauth/access_token',
request.parameters, **extra)
oa_atoken = oauth.OAuthToken.from_string(response.content)
atoken = Token.objects.get(key=oa_atoken.key, token_type=Token.ACCESS)
self.assertEqual(atoken.secret, oa_atoken.secret)
def handshake(self, ssl=False):
'''Test the OAuth handshake procedure
'''
oaconsumer = oauth.OAuthConsumer(self.consumer.key, self.consumer.secret)
# Get a request key...
request = oauth.OAuthRequest.from_consumer_and_token(oaconsumer,
http_url='http://testserver/api/oauth/request_token')
request.sign_request(self.signature_method, oaconsumer, None)
response = self.client.get('/api/oauth/request_token', request.parameters)
oatoken = oauth.OAuthToken.from_string(response.content)
token = Token.objects.get(key=oatoken.key, token_type=Token.REQUEST)
self.assertEqual(token.secret, oatoken.secret)
# Simulate user authentication...
self.failUnless(self.client.login(username='******', password='******'))
request = oauth.OAuthRequest.from_token_and_callback(token=oatoken,
callback='http://printer.example.com/request_token_ready',
http_url='http://testserver/api/oauth/authorize')
request.sign_request(self.signature_method, oaconsumer, oatoken)
# Request the login page
# TODO: Parse the response to make sure all the fields exist
response = self.client.get('/api/oauth/authorize', {
'oauth_token': oatoken.key,
'oauth_callback': 'http://printer.example.com/request_token_ready',
})
response = self.client.post('/api/oauth/authorize', {
'oauth_token': oatoken.key,
'oauth_callback': 'http://printer.example.com/request_token_ready',
'csrf_signature': OAuthAuthenticationForm.get_csrf_signature(settings.SECRET_KEY, oatoken.key),
'authorize_access': 1,
})
redirect_to = response['Location']
query_string = urllib.splitquery(redirect_to)[1]
data = dict(cgi.parse_qsl(query_string))
verifier = data['oauth_verifier']
returned_token = data['oauth_token']
# Response should be a redirect...
self.assertEqual(302, response.status_code)
self.failUnless(redirect_to.startswith("http://printer.example.com/request_token_ready?"))
self.assertEqual(oatoken.key, returned_token)
#response = self.client.get(redirect_to)
oatoken.set_verifier(verifier)
# Obtain access token...
protocol = 'http'
port = '80'
if ssl:
protocol = 'https'
port = '443'
request = oauth.OAuthRequest.from_consumer_and_token(oaconsumer, token=oatoken,
verifier=verifier,
http_url='%s://testserver:%s/api/oauth/access_token' % (protocol, port))
request.sign_request(self.signature_method, oaconsumer, oatoken)
extra = {}
if ssl:
extra['wsgi.url_scheme'] = 'https'
extra['SERVER_PORT'] = '443'
response = self.client.get('/api/oauth/access_token', request.parameters, **extra)
oa_atoken = oauth.OAuthToken.from_string(response.content)
atoken = Token.objects.get(key=oa_atoken.key, token_type=Token.ACCESS)
self.assertEqual(atoken.secret, oa_atoken.secret)
