Exemple #1
0
    def validate_client_authorization(self):
        database = self.application.database
        client = database.find_client(self.client_id)

        if not client:
            self.raise_http_401({'error': 'invalid_client',
                                 'error_description': 'Invalid client_id or code on Authorization header'})

        if not database.client_has_authorization_code(self.client_id, self.code_from_header):
            self.raise_http_401({'error': 'invalid_client',
                                 'error_description': 'Invalid client_id or code on Authorization header'})

        if not database.client_has_authorization_code(self.client_id, self.code):
            self.raise_http_400({'error': 'invalid_grant',
                                 'error_description': 'Invalid code for this client'})

        if not database.client_has_redirect_uri_for_code(self.client_id, self.code, self.redirect_uri):
            self.raise_http_400({'error': 'invalid_grant',
                                 'error_description': 'redirect_uri does not match'})

        if database.is_client_authorization_code_used(self.client_id, self.code):
            self.raise_http_400({'error': 'invalid_grant',
                                 'error_description': 'Authorization grant already used'})

        plugins.call('access-token-validation', self)
Exemple #2
0
 def build_response(self):
     response = {
         'access_token': self.build_access_token(),
         'token_type': 'bearer',
         'expires_in': 3600,
         }
     plugins.call('access-token-response', self, response)
     self.write(response)
Exemple #3
0
 def build_response(self):
     response = {
         'access_token': self.build_access_token(),
         'token_type': 'bearer',
         'expires_in': 3600,
     }
     plugins.call('access-token-response', self, response)
     self.write(response)
Exemple #4
0
    def validate_client_authorization(self):
        database = self.application.database
        client = database.find_client(self.client_id)

        if not client:
            self.raise_http_401({
                'error':
                'invalid_client',
                'error_description':
                'Invalid client_id or code on Authorization header'
            })

        if not database.client_has_authorization_code(self.client_id,
                                                      self.code_from_header):
            self.raise_http_401({
                'error':
                'invalid_client',
                'error_description':
                'Invalid client_id or code on Authorization header'
            })

        if not database.client_has_authorization_code(self.client_id,
                                                      self.code):
            self.raise_http_400({
                'error':
                'invalid_grant',
                'error_description':
                'Invalid code for this client'
            })

        if not database.client_has_redirect_uri_for_code(
                self.client_id, self.code, self.redirect_uri):
            self.raise_http_400({
                'error':
                'invalid_grant',
                'error_description':
                'redirect_uri does not match'
            })

        if database.is_client_authorization_code_used(self.client_id,
                                                      self.code):
            self.raise_http_400({
                'error':
                'invalid_grant',
                'error_description':
                'Authorization grant already used'
            })

        plugins.call('access-token-validation', self)
Exemple #5
0
 def get(self):
     self.load_parameters()
     self.verify_response_type()
     self.create_authorization_token()
     self.save_client_tokens()
     if not plugins.call('authorization-GET', self):
         self.redirect_access_granted(self.client_id, self.code)
Exemple #6
0
 def get(self):
     self.load_parameters()
     self.verify_response_type()
     self.create_authorization_token()
     self.save_client_tokens()
     if not plugins.call('authorization-GET', self):
         self.redirect_access_granted(self.client_id, self.code)
Exemple #7
0
 def get(self):
     self.validate_arguments()
     self.load_arguments()
     self.create_authorization_token()
     self.save_client_tokens()
     if not plugins.call('authorization-GET', self):
         self.redirect_with_token()
Exemple #8
0
def test_call_should_return_True_if_plugin_called():
    called = []
    @plugins.register('authorization-GET')
    def on_authorization_GET(handler):
        called.append(handler)
    
    assert plugins.call('authorization-GET', "handler") is True
    assert ["handler"] == called
Exemple #9
0
def test_call_should_return_True_if_plugin_called():
    called = []
    @plugins.authorization_GET
    def on_authorization_GET(handler):
        called.append(handler)

    assert plugins.call('authorization-GET', "handler") is True
    assert ["handler"] == called
Exemple #10
0
def test_call_should_return_False_if_plugin_raises_IgnorePlugin():
    called = []
    @plugins.register('authorization-GET')
    def on_authorization_GET(handler):
        called.append(handler)
        raise plugins.IgnorePlugin()
    
    assert plugins.call('authorization-GET', "handler") is False
    assert ["handler"] == called
Exemple #11
0
def test_call_should_return_False_if_plugin_raises_IgnorePlugin():
    called = []
    @plugins.authorization_GET
    def on_authorization_GET(handler):
        called.append(handler)
        raise plugins.IgnorePlugin()

    assert plugins.call('authorization-GET', "handler") is False
    assert ["handler"] == called
Exemple #12
0
 def post(self):
     if not plugins.call('authorization-POST', self):
         self.raise_http_error(405)
Exemple #13
0
 def post(self):
     if not plugins.call('authorization-POST', self):
         self.raise_http_error(405)
Exemple #14
0
def test_call_should_let_InvalidPlugin_exception_to_be_raised():
    with pytest.raises(plugins.InvalidPlugin):
        plugins.call('INVALID-PLUGIN')
Exemple #15
0
def test_call_should_return_False_if_plugin_not_found():
    assert plugins.call('authorization-GET') is False
Exemple #16
0
def test_call_should_return_False_if_plugin_not_found():
    assert plugins.call('authorization-GET') is False
Exemple #17
0
def test_call_should_let_InvalidPlugin_exception_to_be_raised():
    with pytest.raises(plugins.InvalidPlugin):
        plugins.call('INVALID-PLUGIN')