def test_revocation_request(self): client = Client(self.client_id) url = 'https://example.com/revoke' token = 'foobar' # Valid request u, h, b = client.prepare_token_revocation_request(url, token) self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(b, 'token=%s&token_type_hint=access_token' % token) # Non-HTTPS revocation endpoint self.assertRaises(InsecureTransportError, client.prepare_token_revocation_request, 'http://example.com/revoke', token) u, h, b = client.prepare_token_revocation_request( url, token, token_type_hint='refresh_token') self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(b, 'token=%s&token_type_hint=refresh_token' % token) # JSONP u, h, b = client.prepare_token_revocation_request( url, token, callback='hello.world') self.assertURLEqual(u, url + '?callback=hello.world&token=%s&token_type_hint=access_token' % token) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(b, '')
class OAuth2MACClient(object): def __init__(self, mac_key, access_token, mac_algorithm=DEFAULT_MAC_ALGORITHM): self.client = Client( None, token_type='MAC', access_token=access_token, refresh_token=None, mac_key=mac_key, mac_algorithm=mac_algorithm) def __call__(self, r): # unquote the URL to make sure that the signature is computed based # on unquoted values, not quoted values. The can cause headaches # if the unquoted values contain a '#' but we wouldn't allows # something like that... ugh. self.client.add_token( str(urllib.parse.unquote(r.url)), str(r.method), None, r.headers, draft=1) return r
def test_revocation_request(self): client = Client(self.client_id) url = 'https://example.com/revoke' token = 'foobar' # Valid request u, h, b = client.prepare_token_revocation_request(url, token) self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(b, 'token=%s&token_type_hint=access_token' % token) # Non-HTTPS revocation endpoint self.assertRaises(InsecureTransportError, client.prepare_token_revocation_request, 'http://example.com/revoke', token) u, h, b = client.prepare_token_revocation_request( url, token, token_type_hint='refresh_token') self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(b, 'token=%s&token_type_hint=refresh_token' % token) # JSONP u, h, b = client.prepare_token_revocation_request( url, token, callback='hello.world') self.assertURLEqual( u, url + '?callback=hello.world&token=%s&token_type_hint=access_token' % token) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(b, '')
def test_create_code_challenge_plain(self): client = Client(self.client_id) code_verifier = client.create_code_verifier(length=128) code_challenge_plain = client.create_code_challenge(code_verifier=code_verifier) # if no code_challenge_method specified, code_challenge = code_verifier self.assertEqual(code_challenge_plain, client.code_verifier) self.assertEqual(client.code_challenge_method, "plain")
def test_add_mac_token(self): # Missing access token client = Client(self.client_id, token_type="MAC") self.assertRaises(ValueError, client.add_token, self.uri) # Invalid hash algorithm client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-2") self.assertRaises(ValueError, client.add_token, self.uri) orig_generate_timestamp = common.generate_timestamp orig_generate_nonce = common.generate_nonce orig_generate_age = utils.generate_age self.addCleanup(setattr, common, 'generage_timestamp', orig_generate_timestamp) self.addCleanup(setattr, common, 'generage_nonce', orig_generate_nonce) self.addCleanup(setattr, utils, 'generate_age', orig_generate_age) common.generate_timestamp = lambda: '123456789' common.generate_nonce = lambda: 'abc123' utils.generate_age = lambda *args: 0 # Add the Authorization header (draft 00) client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") uri, headers, body = client.add_token( self.uri, body=self.body, headers=self.headers, issue_time=datetime.datetime.now()) self.assertEqual(uri, self.uri) self.assertEqual(body, self.body) self.assertEqual(headers, self.mac_00_header) # Add the Authorization header (draft 00) client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, draft=1) self.assertEqual(uri, self.uri) self.assertEqual(body, self.body) self.assertEqual(headers, self.mac_01_header)
def authenticate_client(self, request, *args, **kwargs): print colored.green( '[Trace][authenticate_client]'), request, args, kwargs # Whichever authentication method suits you, HTTP Basic might work from oauthlib.oauth2 import Client request.client = Client('my-client-id') return True
def __init__(self, client_id, client_secret, access_token, user_id=None): auth = OAuth2(client_id, Client(client_id), {'access_token': access_token}) user = user_id if user_id else 'me' s = Serializer(default="json", serializers=[MisfitSerializer()]) self.api = slumber.API('%smove/resource/v1/user/%s/' % (API_URL, user), auth=auth, serializer=s)
def __init__(self, token_url, client_id, offline_token, token=None): self.token_url = token_url self.client_id = client_id self.offline_token = offline_token self.token = token self.session = OAuth2Session(client=Client( client_id=self.client_id, refresh_token=self.offline_token))
def test_prepare_refresh_token_request(self): client = Client(self.client_id) url = 'https://example.com/revoke' token = 'foobar' scope = 'extra_scope' u, h, b = client.prepare_refresh_token_request(url, token) self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertFormBodyEqual(b, 'grant_type=refresh_token&refresh_token=%s' % token) # Non-HTTPS revocation endpoint self.assertRaises(InsecureTransportError, client.prepare_refresh_token_request, 'http://example.com/revoke', token) # provide extra scope u, h, b = client.prepare_refresh_token_request(url, token, scope=scope) self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertFormBodyEqual(b, 'grant_type=refresh_token&scope=%s&refresh_token=%s' % (scope, token)) # provide scope while init client = Client(self.client_id, scope=scope) u, h, b = client.prepare_refresh_token_request(url, token, scope=scope) self.assertEqual(u, url) self.assertEqual(h, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertFormBodyEqual(b, 'grant_type=refresh_token&scope=%s&refresh_token=%s' % (scope, token))
def __init__(self, mac_key, access_token, mac_algorithm=DEFAULT_MAC_ALGORITHM): self.client = Client( None, token_type='MAC', access_token=access_token, refresh_token=None, mac_key=mac_key, mac_algorithm=mac_algorithm)
def test_parse_token_response_invalid_expires_at(self): token_json = ('{ "access_token":"2YotnFZFEjr1zCsicMWpAA",' ' "token_type":"example",' ' "expires_at":"2006-01-02T15:04:05Z",' ' "scope":"/profile",' ' "example_parameter":"example_value"}') token = { "access_token": "2YotnFZFEjr1zCsicMWpAA", "token_type": "example", "expires_at": "2006-01-02T15:04:05Z", "scope": ["/profile"], "example_parameter": "example_value" } client = Client(self.client_id) # Parse code and state response = client.parse_request_body_response(token_json, scope=["/profile"]) self.assertEqual(response, token) self.assertEqual(None, client._expires_at) self.assertEqual(client.access_token, response.get("access_token")) self.assertEqual(client.refresh_token, response.get("refresh_token")) self.assertEqual(client.token_type, response.get("token_type"))
async def do_download( sheet_id: str, sheet_mime_type: str, oauth2_client: oauth2.Client, output_path: Path ) -> FetchResult: """ Download spreadsheet from Google. If `sheet_mime_type` is 'application/vnd.google-apps.spreadsheet', use GDrive API to _export_ a text/csv. Otherwise, use GDrive API to _download_ the file. """ if sheet_mime_type == "application/vnd.google-apps.spreadsheet": url = _generate_google_sheet_url(sheet_id) sheet_mime_type = "text/csv" else: url = _generate_gdrive_file_url(sheet_id) # and use the passed sheet_mime_type url, headers, _ = oauth2_client.add_token(url, headers={}) try: await httpfile.download(url, output_path, headers=headers, ssl=SSL_CONTEXT) except HttpError.NotSuccess as err: response = err.response if response.status_code == 401: return TODO_i18n_fetch_error( output_path, "Invalid credentials. Please reconnect to Google Drive." ) elif response.status_code == 403: return TODO_i18n_fetch_error( output_path, "You chose a file your logged-in user cannot access. Please reconnect to Google Drive or choose a different file.", ) elif response.status_code == 404: return TODO_i18n_fetch_error( output_path, "File not found. Please choose a different file." ) else: # HACK: *err.i18n_message because i18n_message is a tuple # compatible with I18nMessage() ctor return FetchResult( output_path, errors=[RenderError(I18nMessage(*err.i18n_message))] ) except HttpError as err: # HACK: *err.i18n_message because i18n_message is a tuple # compatible with I18nMessage() ctor return FetchResult( output_path, errors=[RenderError(I18nMessage(*err.i18n_message))] ) return FetchResult(output_path)
async def download_data_frame( sheet_id: str, sheet_mime_type: str, oauth2_client: oauth2.Client ) -> Union[pd.DataFrame, str, Tuple[pd.DataFrame, str]]: """Download spreadsheet from Google, or return a str error message. Arguments decide how the download and parse will occur: * If `secret` is not set, return an error. * If `sheet_mime_type` is 'application/vnd.google-apps.spreadsheet', use GDrive API to _export_ a text/csv, then parse it. Otherwise, use GDrive API to _download_ the file, and parse it according to its mime type. """ if sheet_mime_type == "application/vnd.google-apps.spreadsheet": url = _generate_google_sheet_url(sheet_id) sheet_mime_type = "text/csv" else: url = _generate_gdrive_file_url(sheet_id) # and use the passed sheet_mime_type url, headers, _ = oauth2_client.add_token(url, headers={}) try: async with spooled_data_from_url(url, headers) as (blobio, _, __): # TODO store raw bytes and then parse in render(), like in # [2019-10-31] loadurl module. # # For now, we hard-code questionable params: # # * encoding=None: because GDrive doesn't know the charset, and it # returns the wrong charset sometimes. # * has_header=True: legacy (and buggy). When we store raw bytes, # we'll use the user's preference. return parse_bytesio(blobio, encoding=None, content_type=sheet_mime_type, has_header=True) except aiohttp.ClientResponseError as err: if err.status == 401: return "Invalid credentials. Please reconnect to Google Drive." elif err.status == 403: return "You chose a file your logged-in user cannot access. Please reconnect to Google Drive or choose a different file." elif err.status == 404: return "File not found. Please choose a different file." else: return "GDrive responded with HTTP %d %s" % (err.status, err.message) except aiohttp.ClientError as err: return "Error during GDrive request: %s" % str(err) except asyncio.TimeoutError: return "Timeout during GDrive request"
def test_prepare_authorization_request(self): redirect_url = 'https://example.com/callback/' scopes = 'read' auth_url = 'https://example.com/authorize/' state = 'fake_state' client = Client(self.client_id, redirect_url=redirect_url, scope=scopes, state=state) # Non-HTTPS self.assertRaises(InsecureTransportError, client.prepare_authorization_request, 'http://example.com/authorize/') # NotImplementedError self.assertRaises(NotImplementedError, client.prepare_authorization_request, auth_url)
def test_add_mac_token(self): # Missing access token client = Client(self.client_id, token_type="MAC") self.assertRaises(ValueError, client.add_token, self.uri) # Invalid hash algorithm client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-2") self.assertRaises(ValueError, client.add_token, self.uri) orig_generate_timestamp = common.generate_timestamp orig_generate_nonce = common.generate_nonce orig_generate_age = utils.generate_age self.addCleanup(setattr, common, 'generage_timestamp', orig_generate_timestamp) self.addCleanup(setattr, common, 'generage_nonce', orig_generate_nonce) self.addCleanup(setattr, utils, 'generate_age', orig_generate_age) common.generate_timestamp = lambda: '123456789' common.generate_nonce = lambda: 'abc123' utils.generate_age = lambda *args: 0 # Add the Authorization header (draft 00) client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, issue_time=datetime.datetime.now()) self.assertEqual(uri, self.uri) self.assertEqual(body, self.body) self.assertEqual(headers, self.mac_00_header) # Add the Authorization header (draft 00) client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, draft=1) self.assertEqual(uri, self.uri) self.assertEqual(body, self.body) self.assertEqual(headers, self.mac_01_header)
def test_add_mac_token(self): # Missing access token client = Client(self.client_id, token_type="MAC") self.assertRaises(ValueError, client.add_token, self.uri) # Invalid hash algorithm client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-2") self.assertRaises(ValueError, client.add_token, self.uri) orig_generate_timestamp = common.generate_timestamp orig_generate_nonce = common.generate_nonce orig_generate_age = utils.generate_age self.addCleanup(setattr, common, 'generage_timestamp', orig_generate_timestamp) self.addCleanup(setattr, common, 'generage_nonce', orig_generate_nonce) self.addCleanup(setattr, utils, 'generate_age', orig_generate_age) common.generate_timestamp = lambda: '123456789' common.generate_nonce = lambda: 'abc123' utils.generate_age = lambda *args: 0 # Add the Authorization header (draft 00) client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, issue_time=datetime.datetime.now()) self.assertEqual(uri, self.uri) self.assertEqual(body, self.body) self.assertEqual(headers, self.mac_00_header) # Non-HTTPS insecure_uri = 'http://example.com/path?query=world' self.assertRaises(InsecureTransportError, client.add_token, insecure_uri, body=self.body, headers=self.headers, issue_time=datetime.datetime.now()) # Expired Token expired = 523549800 expired_token = { 'expires_at': expired, } client = Client(self.client_id, token=expired_token, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") self.assertRaises(TokenExpiredError, client.add_token, self.uri, body=self.body, headers=self.headers, issue_time=datetime.datetime.now()) # Add the Authorization header (draft 01) client = Client(self.client_id, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, draft=1) self.assertEqual(uri, self.uri) self.assertEqual(body, self.body) self.assertEqual(headers, self.mac_01_header) # Non-HTTPS insecure_uri = 'http://example.com/path?query=world' self.assertRaises(InsecureTransportError, client.add_token, insecure_uri, body=self.body, headers=self.headers, draft=1) # Expired Token expired = 523549800 expired_token = { 'expires_at': expired, } client = Client(self.client_id, token=expired_token, token_type="MAC", access_token=self.access_token, mac_key=self.mac_key, mac_algorithm="hmac-sha-1") self.assertRaises(TokenExpiredError, client.add_token, self.uri, body=self.body, headers=self.headers, draft=1)
def test_add_bearer_token(self): """Test a number of bearer token placements""" # Invalid token type client = Client(self.client_id, token_type="invalid") self.assertRaises(ValueError, client.add_token, self.uri) # Case-insensitive token type client = Client(self.client_id, access_token=self.access_token, token_type="bEAreR") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) # Missing access token client = Client(self.client_id) self.assertRaises(ValueError, client.add_token, self.uri) # The default token placement, bearer in auth header client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) # Setting default placements of tokens client = Client(self.client_id, access_token=self.access_token, default_token_placement=AUTH_HEADER) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) client = Client(self.client_id, access_token=self.access_token, default_token_placement=URI_QUERY) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.bearer_query) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.headers) client = Client(self.client_id, access_token=self.access_token, default_token_placement=BODY) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.bearer_body) self.assertEqual(headers, self.headers) # Asking for specific placement in the add_token method client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, token_placement=AUTH_HEADER) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, token_placement=URI_QUERY) self.assertURLEqual(uri, self.bearer_query) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.headers) client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, token_placement=BODY) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.bearer_body) self.assertEqual(headers, self.headers) # Invalid token placement client = Client(self.client_id, access_token=self.access_token) self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, headers=self.headers, token_placement="invalid") client = Client(self.client_id, access_token=self.access_token, default_token_placement="invalid") self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, headers=self.headers)
def test_create_code_verifier_max_length(self): client = Client(self.client_id) length = 128 code_verifier = client.create_code_verifier(length=length) self.assertEqual(client.code_verifier, code_verifier)
def test_create_code_challenge_s256(self): client = Client(self.client_id) code_verifier = client.create_code_verifier(length=128) code_challenge_s256 = client.create_code_challenge(code_verifier=code_verifier, code_challenge_method='S256') self.assertEqual(code_challenge_s256, client.code_challenge)
group.add_argument("-d", "--delete", action='store_true', help="delete all accounts in CSV from Red Hat Cloud Access") group.add_argument("-a", "--add", action='store_true', help="add all accounts in CSV to Red Hat Cloud Access") args = parser.parse_args() # Step 1: we obtain a session token from the openid SSO API, using the offlineToken created # in the customer portal https://access.redhat.com/management/api offlineToken = "eyJ.....r0" client_id = 'rhsm-api' oauthSession = OAuth2Session( client=Client(client_id=client_id, refresh_token=offlineToken)) openidUrl = 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token' sessionToken = oauthSession.refresh_token(token_url=openidUrl, client_id=client_id) # Step 2: We use the sessionToken to authenticate our request to add or delete CCSP accounts # to the registered providers in our Red Hat account using a CSV list like this: # ccsp;accountNr;nickName # AWS;123456789012;Project-X session = requests.Session() headers = { "Authorization": "Bearer %s" % (sessionToken['access_token']), "Content-Type": "application/json" } with open(args.csv, newline='') as ccspAccounts: reader = csv.DictReader(ccspAccounts, delimiter=';')
def test_add_bearer_token(self): """Test a number of bearer token placements""" # Invalid token type client = Client(self.client_id, token_type="invalid") self.assertRaises(ValueError, client.add_token, self.uri) # Case-insensitive token type client = Client(self.client_id, access_token=self.access_token, token_type="bEAreR") uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) # Non-HTTPS insecure_uri = 'http://example.com/path?query=world' client = Client(self.client_id, access_token=self.access_token, token_type="Bearer") self.assertRaises(InsecureTransportError, client.add_token, insecure_uri, body=self.body, headers=self.headers) # Missing access token client = Client(self.client_id) self.assertRaises(ValueError, client.add_token, self.uri) # Expired token expired = 523549800 expired_token = { 'expires_at': expired, } client = Client(self.client_id, token=expired_token, access_token=self.access_token, token_type="Bearer") self.assertRaises(TokenExpiredError, client.add_token, self.uri, body=self.body, headers=self.headers) # The default token placement, bearer in auth header client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) # Setting default placements of tokens client = Client(self.client_id, access_token=self.access_token, default_token_placement=AUTH_HEADER) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) client = Client(self.client_id, access_token=self.access_token, default_token_placement=URI_QUERY) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.bearer_query) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.headers) client = Client(self.client_id, access_token=self.access_token, default_token_placement=BODY) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.bearer_body) self.assertEqual(headers, self.headers) # Asking for specific placement in the add_token method client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, token_placement=AUTH_HEADER) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.bearer_header) client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, token_placement=URI_QUERY) self.assertURLEqual(uri, self.bearer_query) self.assertFormBodyEqual(body, self.body) self.assertEqual(headers, self.headers) client = Client(self.client_id, access_token=self.access_token) uri, headers, body = client.add_token(self.uri, body=self.body, headers=self.headers, token_placement=BODY) self.assertURLEqual(uri, self.uri) self.assertFormBodyEqual(body, self.bearer_body) self.assertEqual(headers, self.headers) # Invalid token placement client = Client(self.client_id, access_token=self.access_token) self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, headers=self.headers, token_placement="invalid") client = Client(self.client_id, access_token=self.access_token, default_token_placement="invalid") self.assertRaises(ValueError, client.add_token, self.uri, body=self.body, headers=self.headers)
def __init__(self, client_id, client_secret, access_token, user_id=None): auth = OAuth2(client_id, Client(client_id), {'access_token': access_token}) user = user_id if user_id else 'me' self.api = slumber.API('%smove/resource/v1/user/%s/' % (API_URL, user), auth=auth)