def test_create_offline_force(self): oauth2.add_client('hi','password') code = self.get_code('hi', access_type='offline', approval_prompt='force') # get auth token token_request = {'client_id':'hi', 'client_secret':'password', 'grant_type':'authorization_code', 'code':code} resp = oauth2.token(token_request) token_data = json.loads(resp) assert_in('access_token', token_data) assert_in('expires_in', token_data) assert_in('token_type', token_data) assert_in('refresh_token', token_data) # throws an exception if invalid works = oauth2.validate_access_token(token_data['access_token']) # should not get another refresh code = self.get_code('hi', access_type='offline', approval_prompt='force') token_request['code'] = code resp = oauth2.token(token_request) token_data = json.loads(resp) assert_in('access_token', token_data) assert_in('expires_in', token_data) assert_in('token_type', token_data) assert_in('refresh_token', token_data)
def test_delete(self): oauth2.add_client('hi','password') assert_in('hi', oauth2.clients) assert_equal(oauth2.clients['hi'], 'password') oauth2.del_client('hi','wrong') assert_in('hi', oauth2.clients) assert_equal(oauth2.clients['hi'], 'password') oauth2.del_client('hi','password') assert_not_in('hi', oauth2.clients)
def test_bad_grant(self): oauth2.add_client('hi','password') code = self.get_code('hi') token_request = {'client_id':'hi', 'client_secret':'password', 'grant_type':'custom_code', 'code':code} try: resp = oauth2.token(token_request) fail() except: pass
def test_create(self): oauth2.add_client('hi','password') auth_request = {'client_id':'hi', 'response_type':'code', 'scope':'test', 'redirect_uri':'http://me'} url = oauth2.auth(auth_request) parsed_url = urlparse(url) assert_equal('http', parsed_url.scheme) assert_equal('me', parsed_url.netloc) data = parse_qs(parsed_url.query) data = dict([(k,d[0]) for k,d in data.items()]) assert_in('code', data) assert_not_in('state', data) assert_in('hi', oauth2.client_auth) assert_not_in('hi', oauth2.client_refresh) assert_not_in('hi', oauth2.client_access)
def test_create_and_revoke(self): oauth2.add_client('hi','password') code = self.get_code('hi') token_request = {'client_id':'hi', 'client_secret':'password', 'grant_type':'authorization_code', 'code':code} resp = oauth2.token(token_request) token_data = json.loads(resp) assert_in('access_token', token_data) assert_in('expires_in', token_data) assert_in('token_type', token_data) assert_not_in('refresh_token', token_data) # throws an exception if invalid works = oauth2.validate_access_token(token_data['access_token']) # revoke oauth2.del_client('hi','password') try: works = oauth2.validate_access_token(token_data['access_token']) fail() except: pass
def test_create_offline(self): oauth2.add_client('hi','password') code = self.get_code('hi', access_type='offline') # get auth token token_request = {'client_id':'hi', 'client_secret':'password', 'grant_type':'authorization_code', 'code':code} resp = oauth2.token(token_request) token_data = json.loads(resp) assert_in('access_token', token_data) assert_in('expires_in', token_data) assert_in('token_type', token_data) assert_in('refresh_token', token_data) # throws an exception if invalid works = oauth2.validate_access_token(token_data['access_token']) # auth_token should not be valid a second time try: resp = oauth2.token(token_request) fail() except: pass
def test_create_offline_use(self): oauth2.add_client('hi','password') code = self.get_code('hi', access_type='offline') # get auth token token_request = {'client_id':'hi', 'client_secret':'password', 'grant_type':'authorization_code', 'code':code} resp = oauth2.token(token_request) token_data = json.loads(resp) assert_in('access_token', token_data) assert_in('expires_in', token_data) assert_in('token_type', token_data) assert_in('refresh_token', token_data) # throws an exception if invalid works = oauth2.validate_access_token(token_data['access_token']) refresh_token = token_data['refresh_token'] # expire the access token del oauth2.client_access['hi'] try: works = oauth2.validate_access_token(token_data['access_token']) fail() except: pass # get a new token with refresh token_request = {'client_id':'hi', 'client_secret':'password', 'grant_type':'refresh_token', 'refresh_token':refresh_token} resp = oauth2.token(token_request) token_data = json.loads(resp) assert_in('access_token', token_data) assert_in('expires_in', token_data) assert_in('token_type', token_data) assert_not_in('refresh_token', token_data) # throws an exception if invalid works = oauth2.validate_access_token(token_data['access_token'])
def test_add(self): oauth2.add_client('hi','password') assert_in('hi', oauth2.clients) assert_equal(oauth2.clients['hi'], 'password')