def test_uma_rs_protect(): c = Client(uma_config) resources = [ { "path": "/photo", "conditions": [{"httpMethods": ["GET"], "scopes": ["http://photoz.example.com/dev/actions/view"]}], } ] assert_true(c.uma_rs_protect(resources))
def test_uma_rs_protect(): c = Client(uma_config) resources = [{ "path": "/photo", "conditions": [{ "httpMethods": ["GET"], "scopes": ["http://photoz.example.com/dev/actions/view"] }] }] assert_true(c.uma_rs_protect(resources))
def run_commands(config): """function that runs the commands for UMA RS app context :param config: config file location :return: None """ c = Client(config) print "\n=> Setup client" oxd_id = c.setup_client() logging.info("Received: %s", oxd_id) print "\n=> Get Client Token" tokens = c.get_client_token(auto_update=False) logging.info("Received: %s", tokens) print "\n=> Protecting Resource: " rset = ResourceSet() r = rset.add("/photoz") r.set_scope("GET", "https://photoz.example.com/uma/scope/view") print rset protected = c.uma_rs_protect(rset.dump()) logging.info("Received: %s", protected) print "\n=> Checking Access for URL /photoz, with method GET" access_status = c.uma_rs_check_access(rpt=None, path='/photoz', http_method='GET') print "\n=> Checking Access Response:", access_status logging.info('Received: %s', access_status) print "\n=> Get RPT (Need Info Error)" need_info = c.uma_rp_get_rpt(ticket=access_status['ticket']) logging.info('Received: %s', need_info) print "\n=> Get Claims Gathering Url" claims_url = c.uma_rp_get_claims_gathering_url( ticket=need_info['details']['ticket']) print "Visit this URL in your browser: ", claims_url logging.info('Received: %s', claims_url) print "\n=> Get RPT" callback_url = raw_input( "Enter redirected URL to parse ticket and state: ") parsed = urlparse.urlparse(callback_url) params = urlparse.parse_qs(parsed.query) rpt_resp = c.uma_rp_get_rpt(ticket=params['ticket'][0], state=params['state'][0]) logging.info("Received: %s", rpt_resp) print "\n=> Introspect RPT" introspection = c.introspect_rpt(rpt=rpt_resp['access_token']) logging.info('Received: %s', introspection) print "\n=> Checking Access for URL /photoz, with RPT and method GET" access = c.uma_rs_check_access(rpt=rpt_resp['access_token'], path='/photoz', http_method='GET') print "\n=> Checking Access Response:", access logging.info('Received: %s', access) print "\n=> Protecting Resource with Scope_expression" rset = ResourceSet() r = rset.add("/photo") scope_expr = { "rule": { "and": [{ "or": [{ "var": 0 }, { "var": 1 }] }, { "var": 2 }] }, "data": [ "http://photoz.example.com/dev/actions/all", "http://photoz.example.com/dev/actions/add", "http://photoz.example.com/dev/actions/internalClient" ] } r.set_expression("GET", scope_expr) print rset protected = c.uma_rs_protect(rset.dump()) logging.info("Received: %s", protected) print "\n=> Checking Access for URL /photo, with scope_expression" access_status = c.uma_rs_check_access(rpt=None, path='/photo', http_method='GET') print "\n=> Checking Access Response:", access_status logging.info('Received: %s', access_status)