def assertURLEqual(self, url1, url2):
parts1 = urlparse.urlparse(url1)
parts2 = urlparse.urlparse(url2)
self.assertEqual(parts1.scheme, parts2.scheme)
self.assertEqual(parts1.hostname, parts2.hostname)
self.assertEqual(parts1.netloc, parts2.netloc)
self.assertEqual(parts1.params, parts2.params)
self.assertEqual(parts1.path, parts2.path)
self.assertEqual(parts1.port, parts2.port)
self.assertEqual(urlparse.parse_qs(parts1.query),
urlparse.parse_qs(parts2.query))
def test_oauth2_step1(self):
with patch('uuid.uuid4') as fake:
fake.return_value = 'random-string'
request = DummyRequest()
request.params = {'next_url': 'http://localhost/'}
request.session = {}
response = oauth2_step1(
request=request,
auth_uri='http://example.com/oauth2/auth',
client_id='1234',
redirect_url='http://localhost/oauth2/callback',
scope='scope1 scope2')
self.assertEqual(response.status, '302 Found')
url = urlparse.urlparse(response.location)
self.assertEqual(url.netloc, 'example.com')
self.assertEqual(url.path, '/oauth2/auth')
query = urlparse.parse_qs(url.query)
self.assertEqual(
query, {
'scope': ['scope1 scope2'],
'state': ['random-string'],
'redirect_uri': ['http://localhost/oauth2/callback'],
'response_type': ['code'],
'client_id': ['1234'],
})
self.assertEqual(request.session['next_url'], 'http://localhost/')
def test_oauth2_step1(self):
with patch('uuid.uuid4') as fake:
fake.return_value = 'random-string'
request = DummyRequest()
request.params = {'next_url': 'http://localhost/'}
request.session = {}
response = oauth2_step1(
request=request,
auth_uri='http://example.com/oauth2/auth',
client_id='1234',
redirect_url='http://localhost/oauth2/callback',
scope='scope1 scope2'
)
self.assertEqual(response.status, '302 Found')
url = urlparse.urlparse(response.location)
self.assertEqual(url.netloc, 'example.com')
self.assertEqual(url.path, '/oauth2/auth')
query = urlparse.parse_qs(url.query)
self.assertEqual(query, {
'scope': ['scope1 scope2'],
'state': ['random-string'],
'redirect_uri': ['http://localhost/oauth2/callback'],
'response_type': ['code'],
'client_id': ['1234'],
})
self.assertEqual(request.session['next_url'], 'http://localhost/')
def _assert_error(self, url, error, description=None):
query = urlparse.parse_qs(urlparse.urlparse(url).query)
expected = {'error': [error]}
if description:
expected['error_description'] = [description]
self.assertEqual(query, expected)
def test_facebook_callback(self):
# call the login to fill the session
res = self.testapp.get('/facebook/login', {
'next_url': 'https://localhost/foo/bar',
})
self.assertEqual(res.status, '302 Found')
url = urlparse.urlparse(res.location)
query = urlparse.parse_qs(url.query)
state = query['state'][0]
with patch('requests.post') as fake_post:
fake_post.return_value.status_code = 200
fake_post.return_value.json = {
'access_token': '1234',
}
with patch('requests.get') as fake_get:
fake_get.return_value.status_code = 200
fake_get.return_value.json = {
'id': '789',
'username': '******',
'first_name': 'John',
'last_name': 'Doe',
'name': 'John Doe',
'email': '*****@*****.**',
}
res = self.testapp.get('/facebook/callback', {
'code': '1234',
'state': state,
})
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/register')
def test_google_login(self):
res = self.testapp.get("/google/login", {"next_url": "https://localhost/foo/bar"})
self.assertEqual(res.status, "302 Found")
url = urlparse.urlparse(res.location)
self.assertEqual(url.netloc, "accounts.google.com")
self.assertEqual(url.path, "/o/oauth2/auth")
query = urlparse.parse_qs(url.query)
self.assertEqual(sorted(query.keys()), ["client_id", "redirect_uri", "response_type", "scope", "state"])
scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
self.assertEqual(query["scope"], [scope])
self.assertEqual(query["redirect_uri"], ["http://localhost/google/callback"])
self.assertEqual(query["client_id"], ["id"])
def get_express_checkout_token(self, amount):
return_url = self.request.route_url('contributions_paypal_success_callback')
cancel_url = self.request.route_url('contributions_paypal_cancel_callback')
payload = PayPalPayload(self.request, 'SetExpressCheckout')
payload.add_payment_info(amount)
payload.add_callbacks(return_url, cancel_url)
response = requests.post(self.nvp_url, data=payload)
if response.ok:
data = urlparse.parse_qs(response.text)
ack = data['ACK'][0]
if ack == 'Success':
return data['TOKEN'][0]
def do_express_checkout_payment(self, token, payerid, amount):
payload = PayPalPayload(self.request, 'DoExpressCheckoutPayment')
payload.add_payment_info(amount)
payload.add_token(token, payerid)
response = requests.post(self.nvp_url, data=payload)
if response.ok:
data = urlparse.parse_qs(response.text)
ack = data['ACK'][0]
if ack == 'Success':
return True
return False
def test_facebook_login(self):
res = self.testapp.get('/facebook/login', {
'next_url': 'https://localhost/foo/bar',
})
self.assertEqual(res.status, '302 Found')
url = urlparse.urlparse(res.location)
self.assertEqual(url.netloc, 'www.facebook.com')
self.assertEqual(url.path, '/dialog/oauth/')
query = urlparse.parse_qs(url.query)
self.assertEqual(sorted(query.keys()), [
'client_id', 'redirect_uri', 'response_type', 'scope', 'state',
])
self.assertEqual(query['scope'], ['email'])
self.assertEqual(query['redirect_uri'],
['http://localhost/facebook/callback'])
self.assertEqual(query['client_id'], ['id'])
def test_google_login(self):
res = self.testapp.get('/google/login', {
'next_url': 'https://localhost/foo/bar',
})
self.assertEqual(res.status, '302 Found')
url = urlparse.urlparse(res.location)
self.assertEqual(url.netloc, 'accounts.google.com')
self.assertEqual(url.path, '/o/oauth2/auth')
query = urlparse.parse_qs(url.query)
self.assertEqual(sorted(query.keys()), [
'client_id', 'redirect_uri', 'response_type', 'scope', 'state',
])
scope = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
self.assertEqual(query['scope'], [scope])
self.assertEqual(query['redirect_uri'],
['http://localhost/google/callback'])
self.assertEqual(query['client_id'], ['id'])
def get_express_checkout_details(self, token, payerid):
payload = PayPalPayload(self.request, 'GetExpressCheckoutDetails')
payload.add_token(token, payerid)
response = requests.post(self.nvp_url, data=payload)
if response.ok:
data = urlparse.parse_qs(response.text)
ack = data['ACK'][0]
if ack == 'Success':
amount = data['AMT'][0]
amount = int(amount.split('.')[0])
return {
'amount': amount,
'firstname': data['FIRSTNAME'][0],
'lastname': data['LASTNAME'][0],
'city': data['SHIPTOCITY'][0],
'country': data['SHIPTOCOUNTRYNAME'][0],
'state': data['SHIPTOSTATE'][0],
'street': data['SHIPTOSTREET'][0],
'zip': data['SHIPTOZIP'][0],
'email': data['EMAIL'][0],
}
def test_google_callback(self):
# call the login to fill the session
res = self.testapp.get("/google/login", {"next_url": "https://localhost/foo/bar"})
self.assertEqual(res.status, "302 Found")
url = urlparse.urlparse(res.location)
query = urlparse.parse_qs(url.query)
state = query["state"][0]
with patch("requests.post") as fake_post:
fake_post.return_value.status_code = 200
fake_post.return_value.json = {"access_token": "1234"}
with patch("requests.get") as fake_get:
fake_get.return_value.status_code = 200
fake_get.return_value.json = {
"id": "789",
"name": "John Doe",
"given_name": "John",
"family_name": "Doe",
"email": "*****@*****.**",
}
res = self.testapp.get("/google/callback", {"code": "1234", "state": state})
self.assertEqual(res.status, "302 Found")
self.assertEqual(res.location, "http://localhost/register")
