def _validate_missing_param(self, request, param_name):
'''This method ensures a param is found into the given request. If it is not found a concrete exception is raised.'''
param = request.params.get(param_name)
if not param:
raise OAuth2MissingQueryParamError(param_name)
return param
def _validate_missing_param(self, request, param_name):
'''This method tries to obtain the param_name from the current request. If parameter is not found an
oauth2 exception is raised.'''
value = request.params.get(param_name)
if not value:
raise OAuth2MissingQueryParamError(param_name)
return value
def test_invalid_request_json(self):
'''This test case ensures the correct json response is built when a mandatory parameter is missing.'''
ex = OAuth2MissingQueryParamError("username")
body = self._test_exception_json(ex)
self._assert_error_response(error="invalid_request",
description="username query parameter is mandatory.",
uri=self._calculate_expected_uri(ex.error_code),
body=body)
def show_login(self, request):
'''This method returns the login page for Fantastico.'''
return_url = request.params.get(self.REDIRECT_PARAM)
if not return_url or len(return_url.strip()) == 0:
raise OAuth2MissingQueryParamError(self.REDIRECT_PARAM)
content = self.load_template(self._login_tpl,
{self.REDIRECT_PARAM: urllib.parse.quote(return_url)},
enable_global_folder=True)
return Response(content)
def _validate_return_url(self, clienturls_facade, return_url):
'''This test case checks the existence of return url in the list of supported return urls for idp.'''
qmark_pos = return_url.find("?")
if qmark_pos > -1:
return_url = return_url[:qmark_pos]
client_urls = clienturls_facade.get_records_paged(
start_record=0, end_record=1,
filter_expr=ModelFilterAnd(
ModelFilter(ClientReturnUrl.client_id, self._idp_client_id, ModelFilter.EQ),
ModelFilter(ClientReturnUrl.return_url, return_url, ModelFilter.EQ)))
if len(client_urls) != 1:
raise OAuth2MissingQueryParamError(self.REDIRECT_PARAM)
def test_invalid_request_form_nohash(self):
'''This test ensures that hash part of error redirect is correctly appended when return url does not have an existing
hash.'''
ex = OAuth2MissingQueryParamError("username")
return_url = "/example/cb"
error = "invalid_request"
description = urllib.parse.quote("username query parameter is mandatory.")
uri = urllib.parse.quote(self._calculate_expected_uri(ex.error_code))
expected_url = "%s#error=%s&error_description=%s&error_uri=%s" % \
(return_url, error, description, uri)
self._test_exception_form(ex,
error=error,
description=description,
uri=uri,
return_url=return_url,
expected_url=expected_url)