Esempi in Python per OAuth2Client, esempi in Python per authlib.integrations.httpx_client.OAuth2Client

Esempio n. 1

0

Mostra file

def test_fetch_token_post():
    url = 'https://example.com/token'

    def assert_func(request):
        content = request.form
        assert content.get('code') == 'v'
        assert content.get('client_id') == 'foo'
        assert content.get('grant_type') == 'authorization_code'

    mock_response = MockDispatch(default_token, assert_func=assert_func)
    with OAuth2Client('foo', app=mock_response) as client:
        token = client.fetch_token(url, authorization_response='https://i.b/?code=v')
        assert token == default_token

    with OAuth2Client(
            'foo',
            token_endpoint_auth_method='none',
            app=mock_response
    ) as client:
        token = client.fetch_token(url, code='v')
        assert token == default_token

    mock_response = MockDispatch({'error': 'invalid_request'})
    with OAuth2Client('foo', app=mock_response) as client:
        with pytest.raises(OAuthError):
            client.fetch_token(url)

Esempio n. 2

0

Mostra file

def test_auto_refresh_token2():

    def _update_token(token, refresh_token=None, access_token=None):
        assert access_token == 'a'
        assert token == default_token

    update_token = mock.Mock(side_effect=_update_token)

    old_token = dict(
        access_token='a',
        token_type='bearer',
        expires_at=100
    )

    app = MockDispatch(default_token)

    with OAuth2Client(
            'foo', token=old_token,
            token_endpoint='https://i.b/token',
            grant_type='client_credentials',
            app=app,
    ) as client:
        client.get('https://i.b/user')
        assert update_token.called is False

    with OAuth2Client(
            'foo', token=old_token, token_endpoint='https://i.b/token',
            update_token=update_token, grant_type='client_credentials',
            app=app,
    ) as client:
        client.get('https://i.b/user')
        assert update_token.called is True

Esempio n. 3

0

Mostra file

def test_auto_refresh_token():

    def _update_token(token, refresh_token=None, access_token=None):
        assert refresh_token == 'b'
        assert token == default_token

    update_token = mock.Mock(side_effect=_update_token)

    old_token = dict(
        access_token='a', refresh_token='b',
        token_type='bearer', expires_at=100
    )

    app = MockDispatch(default_token)
    with OAuth2Client(
            'foo', token=old_token, token_endpoint='https://i.b/token',
            update_token=update_token, app=app
    ) as sess:
        sess.get('https://i.b/user')
        assert update_token.called is True

    old_token = dict(
        access_token='a',
        token_type='bearer',
        expires_at=100
    )
    with OAuth2Client(
            'foo', token=old_token, token_endpoint='https://i.b/token',
            update_token=update_token, app=app
    ) as sess:
        with pytest.raises(OAuthError):
            sess.get('https://i.b/user')

Esempio n. 4

0

Mostra file

    def test_fetch_token_post(self):
        url = 'https://example.com/token'

        def assert_func(request):
            body = request.content.decode()
            self.assertIn('code=v', body)
            self.assertIn('client_id=', body)
            self.assertIn('grant_type=authorization_code', body)

        mock_response = MockDispatch(self.token, assert_func=assert_func)
        with OAuth2Client(self.client_id, dispatch=mock_response) as client:
            token = client.fetch_token(url, authorization_response='https://i.b/?code=v')
            self.assertEqual(token, self.token)

        with OAuth2Client(
                self.client_id,
                token_endpoint_auth_method='none',
                dispatch=mock_response
        ) as client:
            token = client.fetch_token(url, code='v')
            self.assertEqual(token, self.token)

        mock_response = MockDispatch({'error': 'invalid_request'})
        with OAuth2Client(self.client_id, dispatch=mock_response) as client:
            self.assertRaises(OAuthError, client.fetch_token, url)

Esempio n. 5

0

Mostra file

def test_fetch_token_get():
    url = 'https://example.com/token'

    def assert_func(request):
        url = str(request.url)
        assert 'code=v' in url
        assert 'client_id=' in url
        assert 'grant_type=authorization_code' in url

    mock_response = MockDispatch(default_token, assert_func=assert_func)
    with OAuth2Client('foo', app=mock_response) as client:
        authorization_response = 'https://i.b/?code=v'
        token = client.fetch_token(
            url, authorization_response=authorization_response, method='GET')
        assert token == default_token

    with OAuth2Client(
            'foo',
            token_endpoint_auth_method='none',
            app=mock_response
    ) as client:
        token = client.fetch_token(url, code='v', method='GET')
        assert token == default_token

        token = client.fetch_token(url + '?q=a', code='v', method='GET')
        assert token == default_token

Esempio n. 6

0

Mostra file

    def test_fetch_token_get(self):
        url = 'https://example.com/token'

        def assert_func(request):
            url = str(request.url)
            self.assertIn('code=v', url)
            self.assertIn('client_id=', url)
            self.assertIn('grant_type=authorization_code', url)

        mock_response = MockDispatch(self.token, assert_func=assert_func)
        with OAuth2Client(self.client_id, dispatch=mock_response) as client:
            authorization_response = 'https://i.b/?code=v'
            token = client.fetch_token(
                url, authorization_response=authorization_response, method='GET')
            self.assertEqual(token, self.token)

        with OAuth2Client(
                self.client_id,
                token_endpoint_auth_method='none',
                dispatch=mock_response
        ) as client:
            token = client.fetch_token(url, code='v', method='GET')
            self.assertEqual(token, self.token)

            token = client.fetch_token(url + '?q=a', code='v', method='GET')
            self.assertEqual(token, self.token)

Esempio n. 7

0

Mostra file

    def test_auto_refresh_token2(self):

        def _update_token(token, refresh_token=None, access_token=None):
            self.assertEqual(access_token, 'a')
            self.assertEqual(token, self.token)

        update_token = mock.Mock(side_effect=_update_token)

        old_token = dict(
            access_token='a',
            token_type='bearer',
            expires_at=100
        )

        dispatch = MockDispatch(self.token)

        with OAuth2Client(
                'foo', token=old_token,
                token_endpoint='https://i.b/token',
                grant_type='client_credentials',
                dispatch=dispatch
        ) as sess:
            sess.get('https://i.b/user')
            self.assertFalse(update_token.called)

        with OAuth2Client(
                'foo', token=old_token, token_endpoint='https://i.b/token',
                update_token=update_token, grant_type='client_credentials',
                dispatch=dispatch
        ) as sess:
            sess.get('https://i.b/user')
            self.assertTrue(update_token.called)

Esempio n. 8

0

Mostra file

    def test_revoke_token(self):
        answer = {'status': 'ok'}
        dispatch = MockDispatch(answer)

        def _revoke_token_request(url, headers, data):
            self.assertEqual(url, 'https://i.b/token')
            return url, headers, data

        revoke_token_request = mock.Mock(side_effect=_revoke_token_request)
        with OAuth2Client('a', dispatch=dispatch) as sess:
            resp = sess.revoke_token('https://i.b/token', 'hi')
            self.assertEqual(resp.json(), answer)

            resp = sess.revoke_token(
                'https://i.b/token', 'hi',
                token_type_hint='access_token'
            )
            self.assertEqual(resp.json(), answer)

            sess.register_compliance_hook(
                'revoke_token_request',
                revoke_token_request,
            )
            sess.revoke_token(
                'https://i.b/token', 'hi',
                body='',
                token_type_hint='access_token'
            )
            self.assertTrue(revoke_token_request.called)

Esempio n. 9

0

Mostra file

def test_create_authorization_url():
    url = 'https://example.com/authorize?foo=bar'

    sess = OAuth2Client(client_id='foo')
    auth_url, state = sess.create_authorization_url(url)
    assert state in auth_url
    assert 'client_id=foo' in auth_url
    assert 'response_type=code' in auth_url

    sess = OAuth2Client(client_id='foo', prompt='none')
    auth_url, state = sess.create_authorization_url(
        url, state='foo', redirect_uri='https://i.b', scope='profile')
    assert state == 'foo'
    assert 'i.b' in auth_url
    assert 'profile' in auth_url
    assert 'prompt=none' in auth_url

Esempio n. 10

0

Mostra file

    def test_create_authorization_url(self):
        url = 'https://example.com/authorize?foo=bar'

        sess = OAuth2Client(client_id=self.client_id)
        auth_url, state = sess.create_authorization_url(url)
        self.assertIn(state, auth_url)
        self.assertIn(self.client_id, auth_url)
        self.assertIn('response_type=code', auth_url)

        sess = OAuth2Client(client_id=self.client_id, prompt='none')
        auth_url, state = sess.create_authorization_url(
            url, state='foo', redirect_uri='https://i.b', scope='profile')
        self.assertEqual(state, 'foo')
        self.assertIn('i.b', auth_url)
        self.assertIn('profile', auth_url)
        self.assertIn('prompt=none', auth_url)

Esempio n. 11

0

Mostra file

def test_code_challenge():
    sess = OAuth2Client('foo', code_challenge_method='S256')

    url = 'https://example.com/authorize'
    auth_url, _ = sess.create_authorization_url(
        url, code_verifier=generate_token(48))
    assert 'code_challenge=' in auth_url
    assert 'code_challenge_method=S256' in auth_url

Esempio n. 12

0

Mostra file

    def test_code_challenge(self):
        sess = OAuth2Client(client_id=self.client_id, code_challenge_method='S256')

        url = 'https://example.com/authorize'
        auth_url, _ = sess.create_authorization_url(
            url, code_verifier=generate_token(48))
        self.assertIn('code_challenge', auth_url)
        self.assertIn('code_challenge_method=S256', auth_url)

Esempio n. 13

0

Mostra file

File: auth.py Progetto: xpertdev/tda-api

    def ensure_refresh_token_update(
            self, api_key, session, update_interval_seconds=None):
        '''
        If the refresh token is older than update_interval_seconds, update it by
        issuing a call to the token refresh endpoint and return a new session
        wrapped around the resulting token. Returns None if the refresh token
        was not updated.
        '''
        logger = get_logger()

        if update_interval_seconds is None:
            # 85 days is less than the documented 90 day expiration window of
            # the token, but hopefully long enough to not trigger TDA's
            # thresholds for excessive refresh token updates.
            update_interval_seconds = 60 * 60 * 24 * 85

        now = int(time.time())

        logger.info((
            'Updating refresh token:\n'+
            ' - Current timestamp is {}\n'+
            ' - Token creation timestamp is {}\n'+
            ' - Update interval is {} seconds').format(
                now, self.creation_timestamp, update_interval_seconds))

        if not (self.creation_timestamp is None
                or now - self.creation_timestamp >
                update_interval_seconds):
            logger.info('Skipping refresh token update')
            return None

        old_token = session.token
        oauth = OAuth2Client(api_key)

        new_token = oauth.fetch_token(
            TOKEN_ENDPOINT,
            grant_type='refresh_token',
            refresh_token=old_token['refresh_token'],
            access_type='offline')

        logger.info('Updated refresh token')

        self.creation_timestamp = now

        # Don't emit token details in debug logs
        _register_token_redactions(new_token)

        token_write_func = self.wrapped_token_write_func()
        token_write_func(new_token)

        session_class = session.__class__
        return session_class(
            api_key,
            token=new_token,
            token_endpoint=TOKEN_ENDPOINT,
            update_token=token_write_func)

Esempio n. 14

0

Mostra file

 def test_invalid_token_type(self):
     token = {
         'token_type': 'invalid',
         'access_token': 'a',
         'refresh_token': 'b',
         'expires_in': '3600',
         'expires_at': int(time.time()) + 3600,
     }
     with OAuth2Client(self.client_id, token=token) as client:
         self.assertRaises(OAuthError, client.get, 'https://i.b')

Esempio n. 15

0

Mostra file

def test_add_token_to_streaming_request(assert_func, token_placement):
    mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
    with OAuth2Client(
            'foo',
            token=default_token,
            token_placement=token_placement,
            app=mock_response
    ) as client:
        with client.stream("GET", 'https://i.b') as stream:
            stream.read()
            data = stream.json()
    assert data['a'] == 'a'

Esempio n. 16

0

Mostra file

def test_add_token_get_request(assert_func, token_placement):
    mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
    with OAuth2Client(
            'foo',
            token=default_token,
            token_placement=token_placement,
            app=mock_response
    ) as client:
        resp = client.get('https://i.b')

    data = resp.json()
    assert data['a'] == 'a'

Esempio n. 17

0

Mostra file

def test_cleans_previous_token_before_fetching_new_one():
    now = int(time.time())
    new_token = deepcopy(default_token)
    past = now - 7200
    default_token['expires_at'] = past
    new_token['expires_at'] = now + 3600
    url = 'https://example.com/token'

    app = MockDispatch(new_token)
    with mock.patch('time.time', lambda: now):
        with OAuth2Client('foo', token=default_token, app=app) as sess:
            assert sess.fetch_token(url) == new_token

Esempio n. 18

0

Mostra file

    def test_add_token_to_header(self):
        def assert_func(request):
            token = 'Bearer ' + self.token['access_token']
            auth_header = request.headers.get('authorization')
            self.assertEqual(auth_header, token)

        mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
        with OAuth2Client(self.client_id, token=self.token, dispatch=mock_response) as client:
            resp = client.get('https://i.b')

        data = resp.json()
        self.assertEqual(data['a'], 'a')

Esempio n. 19

0

Mostra file

File: test_oauth2_client.py Progetto: timgates42/authlib

    def test_add_token_to_uri(self):
        def assert_func(request):
            self.assertIn(self.token['access_token'], str(request.url))

        mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
        with OAuth2Client(self.client_id,
                          token=self.token,
                          token_placement='uri',
                          dispatch=mock_response) as client:
            resp = client.get('https://i.b')

        data = resp.json()
        self.assertEqual(data['a'], 'a')

Esempio n. 20

0

Mostra file

def test_revoke_token():
    answer = {'status': 'ok'}
    app = MockDispatch(answer)

    with OAuth2Client('a', app=app) as sess:
        resp = sess.revoke_token('https://i.b/token', 'hi')
        assert resp.json() == answer

        resp = sess.revoke_token(
            'https://i.b/token', 'hi',
            token_type_hint='access_token'
        )
        assert resp.json() == answer

Esempio n. 21

0

Mostra file

def test_client_credentials_type():
    url = 'https://example.com/token'

    def assert_func(request):
        content = request.form
        assert content.get('scope') == 'profile'
        assert content.get('grant_type') == 'client_credentials'

    app = MockDispatch(default_token, assert_func=assert_func)
    with OAuth2Client('foo', scope='profile', app=app) as sess:
        token = sess.fetch_token(url)
        assert token == default_token

        token = sess.fetch_token(url, grant_type='client_credentials')
        assert token == default_token

Esempio n. 22

0

Mostra file

    def test_client_credentials_type(self):
        url = 'https://example.com/token'

        def assert_func(request):
            body = request.content.decode()
            self.assertIn('scope=profile', body)
            self.assertIn('grant_type=client_credentials', body)

        dispatch = MockDispatch(self.token, assert_func=assert_func)
        with OAuth2Client(self.client_id, scope='profile', dispatch=dispatch) as sess:
            token = sess.fetch_token(url)
            self.assertEqual(token, self.token)

            token = sess.fetch_token(url, grant_type='client_credentials')
            self.assertEqual(token, self.token)

Esempio n. 23

0

Mostra file

def test_add_token_to_uri():
    def assert_func(request):
        assert default_token['access_token'] in str(request.url)

    mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
    with OAuth2Client(
            'foo',
            token=default_token,
            token_placement='uri',
            app=mock_response
    ) as client:
        resp = client.get('https://i.b')

    data = resp.json()
    assert data['a'] == 'a'

Esempio n. 24

0

Mostra file

    def test_access_token_response_hook(self):
        url = 'https://example.com/token'

        def _access_token_response_hook(resp):
            self.assertEqual(resp.json(), self.token)
            return resp

        access_token_response_hook = mock.Mock(side_effect=_access_token_response_hook)
        dispatch = MockDispatch(self.token)
        with OAuth2Client(self.client_id, token=self.token, dispatch=dispatch) as sess:
            sess.register_compliance_hook(
                'access_token_response',
                access_token_response_hook
            )
            self.assertEqual(sess.fetch_token(url), self.token)
            self.assertTrue(access_token_response_hook.called)

Esempio n. 25

0

Mostra file

def test_add_token_to_header():
    def assert_func(request):
        token = 'Bearer ' + default_token['access_token']
        auth_header = request.headers.get('authorization')
        assert auth_header == token

    mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
    with OAuth2Client(
            'foo',
            token=default_token,
            app=mock_response
    ) as client:
        resp = client.get('https://i.b')

    data = resp.json()
    assert data['a'] == 'a'

Esempio n. 26

0

Mostra file

def test_access_token_response_hook():
    url = 'https://example.com/token'

    def _access_token_response_hook(resp):
        assert resp.json() == default_token
        return resp

    access_token_response_hook = mock.Mock(side_effect=_access_token_response_hook)
    app = MockDispatch(default_token)
    with OAuth2Client('foo', token=default_token, app=app) as sess:
        sess.register_compliance_hook(
            'access_token_response',
            access_token_response_hook
        )
        assert sess.fetch_token(url) == default_token
        assert access_token_response_hook.called is True

Esempio n. 27

0

Mostra file

def test_add_token_to_body():
    def assert_func(request):
        content = request.data
        content = content.decode()
        assert content == 'access_token=%s' % default_token['access_token']

    mock_response = MockDispatch({'a': 'a'}, assert_func=assert_func)
    with OAuth2Client(
            'foo',
            token=default_token,
            token_placement='body',
            app=mock_response
    ) as client:
        resp = client.get('https://i.b')

    data = resp.json()
    assert data['a'] == 'a'

Esempio n. 28

0

Mostra file

    def test_password_grant_type(self):
        url = 'https://example.com/token'

        def assert_func(request):
            body = request.content.decode()
            self.assertIn('username=v', body)
            self.assertIn('scope=profile', body)
            self.assertIn('grant_type=password', body)

        dispatch = MockDispatch(self.token, assert_func=assert_func)
        with OAuth2Client(self.client_id, scope='profile', dispatch=dispatch) as sess:
            token = sess.fetch_token(url, username='******', password='******')
            self.assertEqual(token, self.token)

            token = sess.fetch_token(
                url, username='******', password='******', grant_type='password')
            self.assertEqual(token, self.token)

Esempio n. 29

0

Mostra file

    def test_cleans_previous_token_before_fetching_new_one(self):
        """Makes sure the previous token is cleaned before fetching a new one.
        The reason behind it is that, if the previous token is expired, this
        method shouldn't fail with a TokenExpiredError, since it's attempting
        to get a new one (which shouldn't be expired).
        """
        now = int(time.time())
        new_token = deepcopy(self.token)
        past = now - 7200
        self.token['expires_at'] = past
        new_token['expires_at'] = now + 3600
        url = 'https://example.com/token'

        dispatch = MockDispatch(new_token)
        with mock.patch('time.time', lambda: now):
            with OAuth2Client(self.client_id, token=self.token, dispatch=dispatch) as sess:
                self.assertEqual(sess.fetch_token(url), new_token)

Esempio n. 30

0

Mostra file

def test_password_grant_type():
    url = 'https://example.com/token'

    def assert_func(request):
        content = request.form
        assert content.get('username') == 'v'
        assert content.get('scope') == 'profile'
        assert content.get('grant_type') == 'password'

    app = MockDispatch(default_token, assert_func=assert_func)
    with OAuth2Client('foo', scope='profile', app=app) as sess:
        token = sess.fetch_token(url, username='******', password='******')
        assert token == default_token

        token = sess.fetch_token(
            url, username='******', password='******', grant_type='password')
        assert token == default_token