def test_get_user_info_raises_error_on_oxd_error(mock_send): c = Client(config_location) mock_send.return_value.status = "error" mock_send.return_value.data.error = "MockError" mock_send.return_value.data.error_description = "No Claims for mock" with assert_raises(RuntimeError): c.get_user_info("some_token")
def test_get_user_info(mock_send): c = Client(config_location) mock_send.return_value.status = "ok" mock_send.return_value.data.claims = {"name": "mocky"} token = "tokken" command = {"command": "get_user_info", "params": {"oxd_id": c.oxd_id, "access_token": token}} claims = c.get_user_info(token) mock_send.assert_called_with(command) assert_equal(claims, {"name": "mocky"})
def oxd_login_callback(): """Callback for OXD authorization_callback. """ config = current_app.config["OXD_CLIENT_CONFIG_FILE"] oxc = Client(config) code = request.args.get('code') state = request.args.get('state') try: # these following API calls may raise RuntimeError caused by internal # error in oxd server. tokens = oxc.get_tokens_by_code(code, state) resp = oxc.get_user_info(tokens["access_token"]) # ``user_name`` item is in ``user_name`` scope, hence # accessing this attribute may raise KeyError username = resp["user_name"][0] # ``role`` item is in ``permission`` scope, hence # accessing this attribute may raise KeyError role = '' if 'role' in resp: role = resp["role"][0].strip("[]") # disallow role other than ``cluster_manager`` if username == 'admin' or role == "cluster_manager": user = User(username, "") login_user(user) return redirect(url_for("index.home")) else: flash("Invalid user's role.", "warning") except KeyError as exc: print exc # TODO: use logging if exc.message == "user_name": msg = "user_name scope is not enabled in OIDC client" elif exc.message == "role": msg = "permission scope is not enabled in OIDC client " \ "or missing role attribute in user's info" flash(msg, "warning") except OxdServerError as exc: print exc # TODO: use logging flash("Failed to process the request due to error in OXD server.", "warning") except socket.error as exc: print exc # TODO: use logging flash("Unable to connect to OXD server.", "warning") logout_user() logout_resp = make_response(render_template("invalid_login.html")) logout_resp.set_cookie('sub', 'null', expires=0) logout_resp.set_cookie('JSESSIONID', 'null', expires=0) logout_resp.set_cookie('session_state', 'null', expires=0) logout_resp.set_cookie('session_id', 'null', expires=0) return logout() return render_template('invalid_login.html')
def test_openid_commands(config_file): """function that runs the commands in a interactive manner :param config_file: config file location """ c = Client(config_file) print "\n=> Setup Client" setup_data = c.setup_client() logging.info("Received: %s", setup_data) print "\n=> Get Client Token" tokens = c.get_client_token(auto_update=False) logging.info("Received: %s", tokens) print "\n=> Introspect Access Token" introspection = c.introspect_access_token( access_token=tokens['access_token']) logging.info("Received: %s", introspection) print "\n=> Update site registration" updated = c.update_site() c.config.set("client", "scope", "openid,profile") logging.info("Received: %s", updated) print "\n=> Getting auth URL" auth_url = c.get_authorization_url() print "Visit this URL in your browser: ", auth_url logging.info("Received: %s", auth_url) print "\n=> Getting tokens by code" callback_url = raw_input("Enter redirected URL to parse tokens: ") parsed = urlparse.urlparse(callback_url) params = urlparse.parse_qs(parsed.query) tokens = c.get_tokens_by_code(params['code'][0], params['state'][0]) logging.info("Received: %s", tokens) print "\n=> Getting user info" claims = c.get_user_info(tokens['access_token']) logging.info("Received: %s", claims) print "\n=> Getting new access token using refresh token" new_token = c.get_access_token_by_refresh_token(tokens["refresh_token"]) logging.info("Received: %s", new_token) print "\n=> Getting Logout URI" logout_uri = c.get_logout_uri() logging.info("Received: %s", logout_uri) print "Visit this URL to logout: ", logout_uri print "\n=> Register Site" reg = c.register_site() logging.info("Received: %s", reg) print "\n=> Remove Site" oxd_id = c.remove_site() logging.info("Received: %s", oxd_id)
def test_get_user_info(mock_send): c = Client(config_location) mock_send.return_value.status = "ok" mock_send.return_value.data.claims = {"name": "mocky"} token = "tokken" command = {"command": "get_user_info", "params": { "oxd_id": c.oxd_id, "access_token": token }} claims = c.get_user_info(token) mock_send.assert_called_with(command) assert_equal(claims, {"name": "mocky"})
def test_get_user_info_raises_erro_on_invalid_args(): c = Client(config_location) # Empty code should raise error with assert_raises(RuntimeError): c.get_user_info("")