def test_authorized_signup_valid_user(app, example_globus): """Test authorized callback with sign-up.""" with app.test_client() as c: # User login with email 'info' ioc = app.extensions['oauthlib.client'] # Ensure remote apps have been loaded (due to before first request) resp = c.get(url_for('invenio_oauthclient.login', remote_app='globus')) assert resp.status_code == 302 example_info, example_token, example_account_id = example_globus mock_response(app.extensions['oauthlib.client'], 'globus', example_token) example_info.update(example_account_id) oauth_resp = OAuthResponse(resp=None, content=json.dumps(example_info), content_type='application/json') mock_remote_get(ioc, 'globus', oauth_resp) # User authorized the requests and is redirect back resp = c.get( url_for('invenio_oauthclient.authorized', remote_app='globus', code='test', state=_get_state())) assert resp.status_code == 302 assert resp.location == ('http://localhost/account/settings/' + 'linkedaccounts/') # Assert database state (Sign-up complete) user = User.query.filter_by(email='*****@*****.**').one() remote = RemoteAccount.query.filter_by(user_id=user.id).one() RemoteToken.query.filter_by(id_remote_account=remote.id).one() assert user.active # Disconnect link resp = c.get( url_for('invenio_oauthclient.disconnect', remote_app='globus')) assert resp.status_code == 302 # User exists user = User.query.filter_by(email='*****@*****.**').one() assert 0 == UserIdentity.query.filter_by(method='orcid', id_user=user.id, id='globususer').count() assert RemoteAccount.query.filter_by(user_id=user.id).count() == 0 assert RemoteToken.query.count() == 0 # User authorized the requests and is redirect back resp = c.get( url_for('invenio_oauthclient.authorized', remote_app='globus', code='test', state=_get_state())) assert resp.status_code == 302 assert resp.location == ('http://localhost/' + 'account/settings/linkedaccounts/') # check that exist only one account user = User.query.filter_by(email='*****@*****.**').one() assert User.query.count() == 1
def request( self, url, data=None, headers=None, format="urlencoded", method="GET", content_type=None, token=None, discord=False, ): """ Sends a request to the remote server with OAuth tokens attached. :param data: the data to be sent to the server. :param headers: an optional dictionary of headers. :param format: the format for the `data`. Can be `urlencoded` for URL encoded data or `json` for JSON. :param method: the HTTP request method to use. :param content_type: an optional content type. If a content type is provided, the data is passed as it, and the `format` is ignored. :param token: an optional token to pass, if it is None, token will be generated by tokengetter. """ headers = dict(headers or {}) if token is None: token = self.get_request_token() client = self.make_client(token) url = self.expand_url(url) if method == "GET": assert format == "urlencoded" if data: url = add_params_to_uri(url, data) data = None else: if content_type is None: data, content_type = OAuth.encode_request_data(data, format) if content_type is not None: headers["Content-Type"] = content_type if self.request_token_url: # oauth1 uri, headers, body = client.sign(url, http_method=method, body=data, headers=headers) else: # oauth2 uri, headers, body = client.add_token(url, http_method=method, body=data, headers=headers) if hasattr(self, "pre_request"): # This is designed for some rubbish services like weibo. # Since they don't follow the standards, we need to # change the uri, headers, or body. uri, headers, body = self.pre_request(uri, headers, body) if body: data = to_bytes(body, self.encoding) else: data = None if discord: response = requests.request(method, uri, headers=headers, data=to_bytes(body, self.encoding)) if response.status_code not in (200, 201): raise OAuthException("Invalid response from %s" % self.name, type="invalid_response", data=data) return jsonify(response.text.encode("utf8")) resp, content = self.http_request(uri, headers, data=to_bytes(body, self.encoding), method=method) return OAuthResponse(resp, content, self.content_type)
def test_authorized_already_authenticated(models_fixture, example_globus): """Test authorized callback with sign-up.""" app = models_fixture datastore = app.extensions['invenio-accounts'].datastore login_manager = app.login_manager existing_email = '*****@*****.**' user = datastore.find_user(email=existing_email) @login_manager.user_loader def load_user(user_id): return user @app.route('/foo_login') def login(): login_user(user) return 'Logged In' with app.test_client() as client: # make a fake login (using my login function) client.get('/foo_login', follow_redirects=True) # Ensure remote apps have been loaded (due to before first request) client.get(url_for('invenio_oauthclient.login', remote_app='globus')) ioc = app.extensions['oauthlib.client'] example_info, example_token, example_account_id = example_globus mock_response(app.extensions['oauthlib.client'], 'globus', example_token) example_info.update(example_account_id) oauth_resp = OAuthResponse(resp=None, content=json.dumps(example_info), content_type='application/json') mock_remote_get(ioc, 'globus', oauth_resp) # User then goes to 'Linked accounts' and clicks 'Connect' resp = client.get( url_for('invenio_oauthclient.login', remote_app='globus', next='/someurl/')) assert resp.status_code == 302 # User authorized the requests and is redirected back resp = client.get( url_for('invenio_oauthclient.authorized', remote_app='globus', code='test', state=_get_state())) # Assert database state (Sign-up complete) u = User.query.filter_by(email=existing_email).one() remote = RemoteAccount.query.filter_by(user_id=u.id).one() RemoteToken.query.filter_by(id_remote_account=remote.id).one() # Disconnect link resp = client.get( url_for('invenio_oauthclient.disconnect', remote_app='globus')) assert resp.status_code == 302 # User exists u = User.query.filter_by(email=existing_email).one() assert 0 == UserIdentity.query.filter_by(method='globus', id_user=u.id, id='globususer').count() assert RemoteAccount.query.filter_by(user_id=u.id).count() == 0 assert RemoteToken.query.count() == 0