def setUp(self): from invenio_accounts.models import User from invenio_oauth2server.registry import scopes from invenio_oauth2server.models import Token, Scope # Setup variables: self.called = dict() # Setup test scopes with self.app.app_context(): scopes.register(Scope("test:testscope", group="Test", help_text="Test scope")) # Setup API resources class Test1Resource(Resource): # NOTE: Method decorators are applied in reverse order method_decorators = [require_oauth_scopes("test:testscope"), require_api_auth()] def get(self): assert request.oauth.access_token return "success", 200 def post(self): assert request.oauth.access_token return "success", 200 @require_header("Content-Type", "application/json") def put(self): return "success", 200 class Test2Resource(Resource): @require_api_auth() @require_oauth_scopes("test:testscope") def get(self): assert request.oauth.access_token return "success", 200 @require_api_auth() @require_oauth_scopes("test:testscope") def post(self): assert request.oauth.access_token return "success", 200 @require_header("Content-Type", "text/html") def put(self): return "success", 200 # Register API resources api = self.app.extensions["restful"] api.add_resource(Test1Resource, "/api/test1/decoratorstestcase/") api.add_resource(Test2Resource, "/api/test2/decoratorstestcase/") # Create a user self.user = User(email="*****@*****.**", nickname="tester") self.user.password = "******" db.session.add(self.user) db.session.commit() # Create tokens self.token = Token.create_personal("test-", self.user.id, scopes=["test:testscope"], is_internal=True) self.token_noscope = Token.create_personal("test-", self.user.id, scopes=[], is_internal=True)
def setUp(self): super(ProviderTestCase, self).setUp() # Set environment variable DEBUG to true, to allow testing without # SSL in oauthlib. if self.app.config.get('CFG_SITE_SECURE_URL').startswith('http://'): self.os_debug = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT', '') os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = 'true' from invenio_accounts.models import User from invenio_oauth2server.models import Client, Scope from invenio_oauth2server.registry import scopes as scopes_registry # Register a test scope scopes_registry.register(Scope('test:scope')) self.base_url = self.app.config.get('CFG_SITE_SECURE_URL') # Create needed objects u = User(email='*****@*****.**', nickname='tester') u.password = "******" u2 = User(email='*****@*****.**', nickname='tester2') u2.password = "******" db.session.add(u) db.session.add(u2) c1 = Client(client_id='dev', client_secret='dev', name='dev', description='', is_confidential=False, user=u, _redirect_uris='%s/oauth2test/authorized' % self.base_url, _default_scopes="test:scope") c2 = Client(client_id='confidential', client_secret='confidential', name='confidential', description='', is_confidential=True, user=u, _redirect_uris='%s/oauth2test/authorized' % self.base_url, _default_scopes="test:scope") db.session.add(c1) db.session.add(c2) db.session.commit() self.objects = [u, u2, c1, c2] # Create a personal access token as well. from invenio_oauth2server.models import Token self.personal_token = Token.create_personal('test-personal', 1, scopes=[], is_internal=True)
def setup_app(app, api): api.add_resource( ReceiverEventListResource, '/api/hooks/receivers/<string:receiver_id>/events/', ) with app.app_context(): scopes.register(Scope( 'webhooks:event', group='Notifications', help_text='Allow notifications from external service.', internal=True, ))
def setup_app(app, api): api.add_resource( DepositionListResource, '/api/deposit/depositions/', ) api.add_resource( DepositionResource, '/api/deposit/depositions/<string:resource_id>', ) api.add_resource( DepositionFileListResource, '/api/deposit/depositions/<string:resource_id>/files/', ) api.add_resource( DepositionDraftListResource, '/api/deposit/depositions/<string:resource_id>/metadata/', ) api.add_resource( DepositionDraftResource, '/api/deposit/depositions/<string:resource_id>/metadata/' '<string:draft_id>', ) api.add_resource( DepositionActionResource, '/api/deposit/depositions/<string:resource_id>/actions/' '<string:action_id>', ) api.add_resource( DepositionFileResource, '/api/deposit/depositions/<string:resource_id>/files/<string:file_id>', ) # Register scopes with app.app_context(): from invenio_oauth2server.models import Scope from invenio_oauth2server.registry import scopes scopes.register( Scope( 'deposit:write', group='Deposit', help_text='Allow upload (but not publishing).', )) scopes.register( Scope( 'deposit:actions', group='Deposit', help_text='Allow publishing of uploads.', ))
def setup_app(app, api): api.add_resource( DepositionListResource, '/api/deposit/depositions/', ) api.add_resource( DepositionResource, '/api/deposit/depositions/<string:resource_id>', ) api.add_resource( DepositionFileListResource, '/api/deposit/depositions/<string:resource_id>/files/', ) api.add_resource( DepositionDraftListResource, '/api/deposit/depositions/<string:resource_id>/metadata/', ) api.add_resource( DepositionDraftResource, '/api/deposit/depositions/<string:resource_id>/metadata/' '<string:draft_id>', ) api.add_resource( DepositionActionResource, '/api/deposit/depositions/<string:resource_id>/actions/' '<string:action_id>', ) api.add_resource( DepositionFileResource, '/api/deposit/depositions/<string:resource_id>/files/<string:file_id>', ) # Register scopes with app.app_context(): from invenio_oauth2server.models import Scope from invenio_oauth2server.registry import scopes scopes.register(Scope( 'deposit:write', group='Deposit', help_text='Allow upload (but not publishing).', )) scopes.register(Scope( 'deposit:actions', group='Deposit', help_text='Allow publishing of uploads.', ))
def setUp(self): from invenio_oauth2server.models import Scope from invenio_accounts.models import User from invenio_oauth2server.models import Client, Token from invenio_oauth2server.registry import scopes as scopes_registry # Register a test scope scopes_registry.register(Scope('test:scope1')) scopes_registry.register(Scope('test:scope2', internal=True)) self.base_url = self.app.config.get('CFG_SITE_SECURE_URL') # Create needed objects u = User( email='*****@*****.**', nickname='tester' ) u.password = "******" self.create_objects([u]) # environment # # resource_owner -- client1 -- token_1 # | # -------- token_2 # | # consumer ---------------- # create resource_owner and consumer self.resource_owner = User( email='*****@*****.**', nickname='resource_owner', password='******') self.consumer = User( email='*****@*****.**', nickname='consumer', password='******') self.create_objects([self.resource_owner, self.consumer]) # create resource_owner -> client_1 self.u1c1 = Client( client_id='client_test_u1c1', client_secret='client_test_u1c1', name='client_test_u1c1', description='', is_confidential=False, user=self.resource_owner, _redirect_uris='', _default_scopes="" ) self.create_objects([self.u1c1]) # create resource_owner -> client_1 / resource_owner -> token_1 self.u1c1u1t1 = Token( client=self.u1c1, user=self.resource_owner, token_type='u', access_token='dev_access_1', refresh_token='dev_refresh_1', expires=None, is_personal=False, is_internal=False, _scopes='', ) # create consumer -> client_1 / resource_owner -> token_2 self.u1c1u2t2 = Token( client=self.u1c1, user=self.consumer, token_type='u', access_token='dev_access_2', refresh_token='dev_refresh_2', expires=None, is_personal=False, is_internal=False, _scopes='', ) # create objects self.create_objects([self.u1c1u1t1, self.u1c1u2t2]) self.objects = [u, self.resource_owner, self.consumer, self.u1c1u1t1, self.u1c1u2t2]
def setUp(self): from invenio_oauth2server.models import Scope from invenio_accounts.models import User from invenio_oauth2server.models import Client, Token from invenio_oauth2server.registry import scopes as scopes_registry # Register a test scope scopes_registry.register(Scope('test:scope1')) scopes_registry.register(Scope('test:scope2', internal=True)) self.base_url = self.app.config.get('CFG_SITE_SECURE_URL') # Create needed objects u = User(email='*****@*****.**', nickname='tester') u.password = "******" self.create_objects([u]) # environment # # resource_owner -- client1 -- token_1 # | # -------- token_2 # | # consumer ---------------- # create resource_owner and consumer self.resource_owner = User(email='*****@*****.**', nickname='resource_owner', password='******') self.consumer = User(email='*****@*****.**', nickname='consumer', password='******') self.create_objects([self.resource_owner, self.consumer]) # create resource_owner -> client_1 self.u1c1 = Client(client_id='client_test_u1c1', client_secret='client_test_u1c1', name='client_test_u1c1', description='', is_confidential=False, user=self.resource_owner, _redirect_uris='', _default_scopes="") self.create_objects([self.u1c1]) # create resource_owner -> client_1 / resource_owner -> token_1 self.u1c1u1t1 = Token( client=self.u1c1, user=self.resource_owner, token_type='u', access_token='dev_access_1', refresh_token='dev_refresh_1', expires=None, is_personal=False, is_internal=False, _scopes='', ) # create consumer -> client_1 / resource_owner -> token_2 self.u1c1u2t2 = Token( client=self.u1c1, user=self.consumer, token_type='u', access_token='dev_access_2', refresh_token='dev_refresh_2', expires=None, is_personal=False, is_internal=False, _scopes='', ) # create objects self.create_objects([self.u1c1u1t1, self.u1c1u2t2]) self.objects = [ u, self.resource_owner, self.consumer, self.u1c1u1t1, self.u1c1u2t2 ]
def setUp(self): from invenio_accounts.models import User from invenio_oauth2server.registry import scopes from invenio_oauth2server.models import Token, Scope # Setup variables: self.called = dict() # Setup test scopes with self.app.app_context(): scopes.register( Scope( 'test:testscope', group='Test', help_text='Test scope', )) # Setup API resources class Test1Resource(Resource): # NOTE: Method decorators are applied in reverse order method_decorators = [ require_oauth_scopes('test:testscope'), require_api_auth(), ] def get(self): assert request.oauth.access_token return "success", 200 def post(self): assert request.oauth.access_token return "success", 200 @require_header('Content-Type', 'application/json') def put(self): return "success", 200 class Test2Resource(Resource): @require_api_auth() @require_oauth_scopes('test:testscope') def get(self): assert request.oauth.access_token return "success", 200 @require_api_auth() @require_oauth_scopes('test:testscope') def post(self): assert request.oauth.access_token return "success", 200 @require_header('Content-Type', 'text/html') def put(self): return "success", 200 # Register API resources api = self.app.extensions['restful'] api.add_resource(Test1Resource, '/api/test1/decoratorstestcase/') api.add_resource(Test2Resource, '/api/test2/decoratorstestcase/') # Create a user self.user = User(email='*****@*****.**', nickname='tester') self.user.password = "******" db.session.add(self.user) db.session.commit() # Create tokens self.token = Token.create_personal('test-', self.user.id, scopes=['test:testscope'], is_internal=True) self.token_noscope = Token.create_personal('test-', self.user.id, scopes=[], is_internal=True)
def setUp(self): super(ProviderTestCase, self).setUp() # Set environment variable DEBUG to true, to allow testing without # SSL in oauthlib. if self.app.config.get('CFG_SITE_SECURE_URL').startswith('http://'): self.os_debug = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT', '') os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = 'true' from invenio_accounts.models import User from invenio_oauth2server.models import Client, Scope from invenio_oauth2server.registry import scopes as scopes_registry # Register a test scope scopes_registry.register(Scope('test:scope')) self.base_url = self.app.config.get('CFG_SITE_SECURE_URL') # Create needed objects u = User( email='*****@*****.**', nickname='tester' ) u.password = "******" u2 = User( email='*****@*****.**', nickname='tester2' ) u2.password = "******" db.session.add(u) db.session.add(u2) c1 = Client( client_id='dev', client_secret='dev', name='dev', description='', is_confidential=False, user=u, _redirect_uris='%s/oauth2test/authorized' % self.base_url, _default_scopes="test:scope" ) c2 = Client( client_id='confidential', client_secret='confidential', name='confidential', description='', is_confidential=True, user=u, _redirect_uris='%s/oauth2test/authorized' % self.base_url, _default_scopes="test:scope" ) db.session.add(c1) db.session.add(c2) db.session.commit() self.objects = [u, u2, c1, c2] # Create a personal access token as well. from invenio_oauth2server.models import Token self.personal_token = Token.create_personal( 'test-personal', 1, scopes=[], is_internal=True )