def test_downloader_view_new_download(self): self.assertTrue(self.login()) ci = 1 at = 5 newToken = AccessToken(id=at, accessToken="testToken", userID="0", serviceType="google", tokenTime=timezone.now(), userInfo="noInfo", cloudItem=CloudItem.objects.get(id=ci)) newToken.save() #first get the normal page r = self.client.get("/download/" + str(ci) + "/" + str(at) + "/", secure=True) self.assertContains(r, "No download have been started") #take last download d = Download.objects.latest("downTime") self.assertEquals(at, d.tokenID.id) #button has not been click self.assertEquals(constConfig.THREAD_NOTCLICKED, d.threadStatus)
def callback(request): client_id = settings.CROPLET_API_CLIENT_ID client_secret = settings.CROPLET_SECRET_API_KEY error = request.GET.get('error') auth_code = request.GET.get('code') if (error != None): pass elif (auth_code != None): data = {'grant_type': 'authorization_code', 'code': auth_code, 'client_id': client_id, 'client_secret': client_secret} response = requests.post( 'http://localhost:8000/oauth2/access_token/', data) response = json.loads(response.text) if hasattr(request.user, "access_token"): AccessToken.objects.get(user=request.user).delete() token = AccessToken(user=request.user) access_token = response.get('access_token') if access_token: accessToken = AccessToken(user=request.user, access_token=access_token) accessToken.save() request.user.access_token = token request.user.save() return redirect(reverse('map'))
def token(request): # 验证应用端合法性 client = oauth_server.authorize(request.META.get('HTTP_AUTHORIZATION')) if not client: response = HttpResponse('401 Unauthorized', status=401) response['WWW-Authenticate'] = 'Basic realm="Please provide your client_id and client_secret."' return response # 验证是否为令牌表单 form = TokenForm(request.POST) if not form.is_valid(): return error_response('invalid_request') grant_type = form.cleaned_data['grant_type'] code = form.cleaned_data['code'] redirect_uri = form.cleaned_data['redirect_uri'] # 处理authorization_code请求 if grant_type == 'authorization_code': try: code = AuthorizationCode.objects.filter(expire_time__gte=datetime.datetime.now()).get(client=client, code=UUID(bytes=urlsafe_base64_decode(code)), redirect_uri=redirect_uri) except AuthorizationCode.DoesNotExist: return error_response('invalid_grant') try: token = AccessToken(client=client, user=code.user, code=code.code, expire_time=datetime.datetime.now() + datetime.timedelta(hours=1)) token.save() except IntegrityError: AccessToken.objects.get(code=code.code).delete() code.delete() return error_response('invalid_grant') return success_response(urlsafe_base64_encode(token.token.bytes)) else: return error_response('unsupported_grant_type')
def _get_access_token(user, auth_code): client_id = settings.CROPLET_API_CLIENT_ID client_secret = settings.CROPLET_SECRET_API_KEY post_data = { 'grant_type': 'authorization_code', 'code': auth_code, 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': 'http://localhost:8005/callback/' } response = requests.post('{cropr_url}/oauth2/token/'.format(cropr_url=settings.CROPR_URL), post_data) if response.status_code != 200: Grant.objects.filter(user=user).delete() response = json.loads(response.text) if (hasattr(user, "access_token")): AccessToken.objects.filter(user=user).delete() token = AccessToken(user=user) access_token = response.get('access_token') if access_token: accessToken = AccessToken(user=user, access_token=access_token) accessToken.save() user.access_token = token user.save()
def test_verify(self): user_id = '1' access_token = AccessToken(self.access_token_store, user_id=user_id) access_token.save() fetched_data = access_token.verify() assert fetched_data['client_id'] == user_id assert 0 <= fetched_data['expires_in'] <= 3600
def post(self): user = self.get_current_user() access_token = AccessToken(self.application.access_token_store, user_id=user.id) access_token.save() data = { "user": user, "access_token": access_token, } self.render("mypage.pug", **data)
def oauth_callback(request): """Accept the authorization from the server and store the data we use to communicate with the Weavr""" token = request.REQUEST.get('oauth_token') verifier = request.REQUEST.get('oauth_verifier') confirmed = request.REQUEST.get('oauth_callback_confirmed') # Make sure we have the required parameters if (not verifier) or (not token): return render_error("missing params") if not confirmed: return render_error("connection wasn't confirmed") # Get the token and store the verifier request_token = get_object_or_404(RequestToken, oauth_key=token) if not request_token: return render_error("invalid request token") prosthetic = request_token.prosthetic cls = prosthetic.get_class() if not cls: raise Exception("Can't get class for prosthtic") # verify the token and create a local object verified_token = oauth.OAuthToken(request_token.oauth_key, request_token.oauth_secret) access_token = request_token.prosthetic.wrangler().get_access_token( verified_token, verifier) access_object = AccessToken(oauth_key=access_token.key, oauth_secret=access_token.secret, prosthetic=request_token.prosthetic, enabled=True) # make an API call with the token before we save it. configuration = access_object.get_json("/1/weavr/configuration") access_object.weavr_name = configuration['name'] access_object.weavr_url = configuration['blog'] if "post_keyword" in configuration: access_object.prosthetic.blog_keyword = configuration['post_keyword'] # everything worked. Save access token access_object.save() request_token.delete() # don't need this any more # if the ptk wants to do something at this point, it is able to. ptk = cls(access_object) post_oauth_callback = ptk.post_oauth_callback() if post_oauth_callback: return post_oauth_callback # show or hide user login hide_usernav = True return render_to_response("success.html", locals(), context_instance=RequestContext(request))
def test_revoke(self): user_id = '1' access_token = AccessToken(self.access_token_store, user_id=user_id) access_token.save() assert access_token.revoke() failed_user_id = self.access_token_store.get_session( access_token.access_token, 'user_id') assert failed_user_id is None
def test_find_by_access_token(self): user_id = '1' access_token = AccessToken(self.access_token_store, user_id=user_id) access_token.save() at = AccessToken(self.access_token_store).find_by_access_token( access_token.access_token) assert at.user_id == access_token.user_id assert at.access_token == access_token.access_token assert at.refresh_token == access_token.refresh_token
def fresh_access_token(): try: access_token = AccessToken.objects.get(id=1) except AccessToken.DoesNotExist: access_token = AccessToken() url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=%s&appid=%s&secret=%s" \ % (grant_type, appID, appSecret) r = requests.get(url) message = r.json() access_token.token = message['access_token'] access_token.expires_in = int(message['expires_in']) access_token.save()
def oauth_callback(request): """Accept the authorization from the server and store the data we use to communicate with the Weavr""" token = request.REQUEST.get("oauth_token") verifier = request.REQUEST.get("oauth_verifier") confirmed = request.REQUEST.get("oauth_callback_confirmed") # Make sure we have the required parameters if (not verifier) or (not token): return render_error("missing params") if not confirmed: return render_error("connection wasn't confirmed") # Get the token and store the verifier request_token = get_object_or_404(RequestToken, oauth_key=token) if not request_token: return render_error("invalid request token") prosthetic = request_token.prosthetic cls = prosthetic.get_class() if not cls: raise Exception("Can't get class for prosthtic") # verify the token and create a local object verified_token = oauth.OAuthToken(request_token.oauth_key, request_token.oauth_secret) access_token = request_token.prosthetic.wrangler().get_access_token(verified_token, verifier) access_object = AccessToken( oauth_key=access_token.key, oauth_secret=access_token.secret, prosthetic=request_token.prosthetic, enabled=True ) # make an API call with the token before we save it. configuration = access_object.get_json("/1/weavr/configuration") access_object.weavr_name = configuration["name"] access_object.weavr_url = configuration["blog"] if "post_keyword" in configuration: access_object.prosthetic.blog_keyword = configuration["post_keyword"] # everything worked. Save access token access_object.save() request_token.delete() # don't need this any more # if the ptk wants to do something at this point, it is able to. ptk = cls(access_object) post_oauth_callback = ptk.post_oauth_callback() if post_oauth_callback: return post_oauth_callback # show or hide user login hide_usernav = True return render_to_response("success.html", locals(), context_instance=RequestContext(request))
def test_save(self): user_id = '1' access_token = AccessToken(self.access_token_store, user_id=user_id) access_token.save() fetched_user_id = self.access_token_store.get_session( access_token.access_token, 'user_id') fetched_refresh_token = self.access_token_store.get_session( access_token.access_token, 'refresh_token') fetched_access_token = self.access_token_store.get_session( access_token.prefixed_for_refresh(access_token.refresh_token), 'access_token') print(fetched_user_id, fetched_access_token, fetched_refresh_token) assert user_id == fetched_user_id assert access_token.refresh_token == fetched_refresh_token assert access_token.refresh_token == fetched_refresh_token
def token(request): # 验证应用端合法性 client = oauth_server.authorize(request.META.get('HTTP_AUTHORIZATION')) if not client: response = HttpResponse('401 Unauthorized', status=401) response[ 'WWW-Authenticate'] = 'Basic realm="Please provide your client_id and client_secret."' return response # 验证是否为令牌表单 form = TokenForm(request.POST) if not form.is_valid(): return error_response('invalid_request') grant_type = form.cleaned_data['grant_type'] code = form.cleaned_data['code'] redirect_uri = form.cleaned_data['redirect_uri'] # 处理authorization_code请求 if grant_type == 'authorization_code': try: code = AuthorizationCode.objects.filter( expire_time__gte=datetime.datetime.now()).get( client=client, code=UUID(bytes=urlsafe_base64_decode(code)), redirect_uri=redirect_uri) except AuthorizationCode.DoesNotExist: return error_response('invalid_grant') try: token = AccessToken(client=client, user=code.user, code=code.code, expire_time=datetime.datetime.now() + datetime.timedelta(hours=1)) token.save() except IntegrityError: AccessToken.objects.get(code=code.code).delete() code.delete() return error_response('invalid_grant') return success_response(urlsafe_base64_encode(token.token.bytes)) else: return error_response('unsupported_grant_type')
def test_downloader_view_new_download(self): self.assertTrue(self.login()) ci = 1 at = 5 newToken = AccessToken(id=at,accessToken="testToken",userID="0",serviceType="google",tokenTime=timezone.now(),userInfo="noInfo",cloudItem=CloudItem.objects.get(id=ci)) newToken.save() #first get the normal page r = self.client.get("/download/"+str(ci)+"/"+str(at)+"/",secure=True) self.assertContains(r,"No download have been started") #take last download d = Download.objects.latest("downTime") self.assertEquals(at,d.tokenID.id) #button has not been click self.assertEquals(constConfig.THREAD_NOTCLICKED,d.threadStatus)
def create_token(user, client): access_token = AccessToken(user=user, client=client) access_token.generate_token() access_token.save() return access_token