def handle_missing_token(request):
"""
Redirect user to canvas with a request for token.
"""
# Store where the user came from so they can be redirected back there
# at the end. https://canvas.instructure.com/doc/api/file.oauth.html
request.session["canvas_oauth_initial_uri"] = request.get_full_path()
# The request state is a recommended security check on the callback, so
# store in session for later
oauth_request_state = get_random_string()
request.session["canvas_oauth_request_state"] = oauth_request_state
# The return URI is required to be the same when POSTing to generate
# a token on callback, so also store it in session (although it could
# be regenerated again via the same method call).
oauth_redirect_uri = request.build_absolute_uri(
reverse('canvas-oauth-callback'))
request.session["canvas_oauth_redirect_uri"] = oauth_redirect_uri
authorize_url = canvas.get_oauth_login_url(
settings.CANVAS_OAUTH_CLIENT_ID,
redirect_uri=oauth_redirect_uri,
state=oauth_request_state)
return HttpResponseRedirect(authorize_url)
def test_redirect_to_login_url(self, mock_get_random_string):
request_state = 'ABC-123-RANDOM-STRING'
# mock the get_random_string() function used to generate the "state" for the oauth request
mock_get_random_string.return_value = request_state
# setup request
rf = RequestFactory()
query_params = {"q": "education", "page": "5"}
request = rf.get('/index', data=query_params)
request.user = MagicMock()
request.session = {}
redirect_uri = request.build_absolute_uri(
reverse('canvas-oauth-callback'))
login_url = get_oauth_login_url(
client_id=settings.CANVAS_OAUTH_CLIENT_ID,
redirect_uri=redirect_uri,
state=request_state,
scopes=settings.CANVAS_OAUTH_SCOPES)
# run tests
response = handle_missing_token(request)
# check the response
self.assertEqual(302, response.status_code)
self.assertEqual(login_url, response['Location'])
# check the session values
self.assertEqual(request.get_full_path(),
request.session['canvas_oauth_initial_uri'])
self.assertEqual(request_state,
request.session['canvas_oauth_request_state'])
self.assertEqual(redirect_uri,
request.session["canvas_oauth_redirect_uri"])
def handle_missing_token(request):
"""
Redirect user to canvas with a request for token.
"""
# Store where the user came from so they can be redirected back there
# at the end. https://canvas.instructure.com/doc/api/file.oauth.html
request.session["canvas_oauth_initial_uri"] = request.get_full_path()
# The request state is a recommended security check on the callback, so
# store in session for later
oauth_request_state = get_random_string()
request.session["canvas_oauth_request_state"] = oauth_request_state
# The return URI is required to be the same when POSTing to generate
# a token on callback, so also store it in session (although it could
# be regenerated again via the same method call).
oauth_redirect_uri = request.build_absolute_uri(
reverse('canvas-oauth-callback'))
request.session["canvas_oauth_redirect_uri"] = oauth_redirect_uri
authorize_url = canvas.get_oauth_login_url(
settings.CANVAS_OAUTH_CLIENT_ID,
redirect_uri=oauth_redirect_uri,
state=oauth_request_state,
scopes=settings.CANVAS_OAUTH_SCOPES)
logger.info("Redirecting user to %s" % authorize_url)
return HttpResponseRedirect(authorize_url)
def test_oauth_login_url_with_empty_scopes(self):
auth_params = {
'response_type': 'code',
'client_id': settings.CANVAS_OAUTH_CLIENT_ID,
'redirect_uri': '/oauth/oauth-callback',
'state': uuid4(), # random string
}
expected_url = self._get_expected_url(auth_params)
for scopes in ([], '', None):
actual_url = get_oauth_login_url(
client_id=auth_params['client_id'],
redirect_uri=auth_params['redirect_uri'],
state=auth_params['state'],
scopes=scopes,
)
self.assertEqual(expected_url, actual_url)
def test_oauth_login_url(self):
canvas_domain = settings.CANVAS_OAUTH_CANVAS_DOMAIN
auth_params = {
'response_type': 'code',
'client_id': settings.CANVAS_OAUTH_CLIENT_ID,
'redirect_uri': '/oauth/oauth-callback',
'state': uuid4(), # random string
}
auth_params_sorted = sorted(auth_params.items(),
key=lambda val: val[0])
expected_url = 'https://%s/login/oauth2/auth?%s' % (
canvas_domain, urlencode(auth_params_sorted))
actual_url = get_oauth_login_url(
client_id=auth_params['client_id'],
redirect_uri=auth_params['redirect_uri'],
state=auth_params['state'])
self.assertEqual(expected_url, actual_url)
def test_oauth_login_url_with_scopes(self):
scopes = [
'url:GET|/api/v1/courses',
'url:GET|/api/v1/courses/:id',
'url:GET|/api/v1/courses/:course_id/assignments'
]
auth_params = {
'response_type': 'code',
'client_id': settings.CANVAS_OAUTH_CLIENT_ID,
'redirect_uri': '/oauth/oauth-callback',
'state': uuid4(), # random string
'scope': " ".join(scopes),
}
expected_url = self._get_expected_url(auth_params)
actual_url = get_oauth_login_url(
client_id=auth_params['client_id'],
redirect_uri=auth_params['redirect_uri'],
state=auth_params['state'],
scopes=scopes,
)
self.assertEqual(expected_url, actual_url)