def test_unauthorization(self):
rf = RequestFactory()
path = "/test"
redirect_uri = "https://mp.weixin.qq.com/wiki"
# 默认response
state = "abc"
request = rf.get(path)
handler = self._make_handler(request,
redirect_uri=redirect_uri,
scope=WeChatSNSScope.USERINFO,
state=state)
request = handler.initialize_request(request)
resp = handler.unauthorization_response(request)
self.assertIsInstance(resp, response.HttpResponseRedirect)
client = WeChatOAuthClient(self.app)
self.assertEqual(
resp.url,
client.authorize_url(redirect_uri, WeChatSNSScope.USERINFO, state))
# 传入callable state
state = lambda request: request.path
request = rf.get(path)
handler = self._make_handler(request,
redirect_uri=redirect_uri,
scope=WeChatSNSScope.USERINFO,
state=state)
request = handler.initialize_request(request)
resp = handler.unauthorization_response(request)
self.assertIsInstance(resp, response.HttpResponseRedirect)
client = WeChatOAuthClient(self.app)
self.assertEqual(
resp.url,
client.authorize_url(redirect_uri, WeChatSNSScope.USERINFO, path))
# 传入callback response
resp = response.HttpResponseForbidden()
request = rf.get(path)
handler = self._make_handler(request, response=resp)
request = handler.initialize_request(request)
self.assertIs(resp, handler.unauthorization_response(request))
# 传入普通response
resp_func = lambda request: response.HttpResponseForbidden(request.path
)
request = rf.get(path)
handler = self._make_handler(request, response=resp_func)
request = handler.initialize_request(request)
resp = handler.unauthorization_response(request)
self.assertIsInstance(resp, response.HttpResponseForbidden)
self.assertEqual(resp.content, path.encode())
def test_request(self):
"测试请求"
redirect_uri = "https://mp.weixin.qq.com/wiki"
url = "/test"
request = self._create_request(url)
# 设置了response
resp = response.HttpResponseForbidden()
handler = self._make_handler(request,
redirect_uri=redirect_uri,
response=resp)
self.assertIs(handler.dispatch(request), resp)
# 未授权
handler = self._make_handler(request, redirect_uri=redirect_uri)
resp = handler.dispatch(request)
self.assertIsInstance(resp, response.HttpResponseRedirect)
self.assertEqual(resp.url, request.wechat.oauth_uri)
# 授权
request = self._create_request(url + "?code=123")
openid = "456"
view = lambda request, *args, **kwargs: request.wechat.openid
handler = self._make_handler(request, view=view)
with oauth_api(openid):
resp = handler.dispatch(request)
self.assertEqual(resp.content, openid.encode())
# 已授权
session_key = "sessionid"
resp = SessionMiddleware().process_response(request, resp)
request = self._create_request(url + "?code=123")
request.COOKIES[session_key] = resp.cookies[session_key].value
resp = handler.dispatch(request)
self.assertEqual(resp.content, openid.encode())
def test_request(self):
"测试请求"
redirect_uri = "https://mp.weixin.qq.com/wiki"
host = "example.com"
url = "/test"
rf = RequestFactory(HTTP_HOST=host)
request = rf.get(url)
# 设置了response
resp = response.HttpResponseForbidden()
handler = self._make_handler(
request, redirect_uri=redirect_uri, response=resp)
self.assertIs(handler.dispatch(request), resp)
# 未授权
handler = self._make_handler(request, redirect_uri=redirect_uri)
resp = handler.dispatch(request)
self.assertIsInstance(resp, response.HttpResponseRedirect)
self.assertEqual(resp.url, request.wechat.oauth_uri)
# 授权
request = rf.get(url + "?code=123")
openid = "456"
view = lambda request, *args, **kwargs: request.wechat.openid
handler = self._make_handler(request, redirect_uri=redirect_uri, view=view)
with oauth_api(openid):
resp = handler.dispatch(request)
self.assertEqual(resp.content, openid.encode())
# 已授权
session_key = "wechat_test_user"
request.COOKIES[session_key] = resp.cookies[session_key].value
resp = handler.dispatch(request)
self.assertEqual(resp.content, openid.encode())
def forbidden():
payload = _get_error_payload(
'Forbidden',
'Forbiden',
'403')
return django_resp.HttpResponseForbidden(
content=json.dumps(payload),
content_type=const.HTTP_RESPONSE_CONTENT_TYPE)
def object_tool_view(self, request, action_name, object_id=None, extra_context=None):
if action_name not in self.get_object_tools(request):
return response.HttpResponseForbidden()
action = self.get_object_tool(action_name)[0]
allow_get = getattr(action, "allow_get", False)
if not allow_get and request.method != "POST":
return response.HttpResponseNotAllowed()
obj = object_id and self.get_object(request, unquote(object_id))
return self.response_object_tool(request, action, obj, extra_context)
def index(request):
if not request.user.is_authenticated:
return response.HttpResponseRedirect(
"/admin/login/?next=/log_manager/")
if not request.user.can_access_log_manager and not request.user.is_superuser:
return response.HttpResponseForbidden(
"You are not allowed to access this page.")
requested_resource_bar()
return render(
request, "index.html", {
"http_method_pie": http_method_pie(),
"requested_resources_bar": requested_resource_bar(),
"requests_month_bar": requests_month_bar(),
"status_code_pie": status_code_pie()
})
def _response_schema(self,
request,
request_obj,
response_schema,
logic_method,
is_paging=False):
try:
if is_paging:
path = self._parse_path(request)
response_obj = logic_method(request_obj, path)
else:
response_obj = logic_method(request_obj)
except RequestParameterException as e:
return {}, response.HttpResponseBadRequest(content=e)
except ResourceNotFoundException as e:
return {}, response.HttpResponseNotFound(content=e)
except ForbiddenException as e:
return {}, response.HttpResponseForbidden(content=e)
except ConflictException as e:
return {}, response.HttpResponse(content=e,
status=status.HTTP_409_CONFLICT)
return response_schema.dump(response_obj)