def testClient(self):
tc1 = Client(
client_id='123_abc', client_secret='shh', user_id=TEST_USER_ID,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
tc2 = Client(
client_id='234_bcd', client_secret='shh-two', user_id=TEST_USER_ID,
_redirect_uris='http://test_two.org',
callback_url='http://callback.two')
with SessionScope(db):
db.session.add(tc1)
db.session.add(tc2)
db.session.commit()
client_ex = [ex for ex in staging_exclusions if ex.cls == Client]
for model in client_ex:
ex = ExclusionPersistence(
model_class=model.cls, lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ex.export()
# Modify the client in the db - then restore to confirm change
tc1, tc2 = map(db.session.merge, (tc1, tc2))
tc1.callback_url = 'http://prod1/callback'
tc2._redirect_uris = 'https://prod.server'
with SessionScope(db):
db.session.commit()
for model in client_ex:
ex = ExclusionPersistence(
model_class=model.cls, lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ex.import_(keep_unmentioned=True)
tc1 = Client.query.filter(Client.client_id == '123_abc').one()
tc2 = Client.query.filter(Client.client_id == '234_bcd').one()
assert tc1.callback_url == 'http://callback.one'
assert tc2._redirect_uris == 'http://test_two.org'
def test_token_status(self):
with SessionScope(db):
client = Client(
client_id='test-id', client_secret='test-secret',
user_id=TEST_USER_ID)
token = Token(
access_token='test-token', client=client, user_id=TEST_USER_ID,
token_type='bearer',
expires=(datetime.datetime.utcnow() +
datetime.timedelta(seconds=30)))
db.session.add(client)
db.session.add(token)
db.session.commit()
token = db.session.merge(token)
response = self.client.get(
"/oauth/token-status",
headers={'Authorization': 'Bearer {}'.format(token.access_token)})
assert 200 == response.status_code
data = response.json
assert pytest.approx(30, 5) == data['expires_in']
def testClient(self):
tc1 = Client(client_id='123_abc',
client_secret='shh',
user_id=TEST_USER_ID,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
tc2 = Client(client_id='234_bcd',
client_secret='shh-two',
user_id=TEST_USER_ID,
_redirect_uris='http://test_two.org',
callback_url='http://callback.two')
with SessionScope(db):
db.session.add(tc1)
db.session.add(tc2)
db.session.commit()
client_ex = [ex for ex in staging_exclusions if ex.cls == Client]
for model in client_ex:
ex = ExclusionPersistence(
model_class=model.cls,
lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ex.export()
# Modify the client in the db - then restore to confirm change
tc1, tc2 = map(db.session.merge, (tc1, tc2))
tc1.callback_url = 'http://prod1/callback'
tc2._redirect_uris = 'https://prod.server'
with SessionScope(db):
db.session.commit()
for model in client_ex:
ex = ExclusionPersistence(
model_class=model.cls,
lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ex.import_(keep_unmentioned=True)
tc1 = Client.query.filter(Client.client_id == '123_abc').one()
tc2 = Client.query.filter(Client.client_id == '234_bcd').one()
assert tc1.callback_url == 'http://callback.one'
assert tc2._redirect_uris == 'http://test_two.org'
def test_preflight_valid(self):
# setup pre-flight conditions expected to pass
ds_p3p = INTERVENTION.decision_support_p3p
ds_client = Client(client_id='12345',
client_secret='54321',
user_id=TEST_USER_ID,
intervention=ds_p3p,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
service = self.add_service_user(sponsor=self.test_user)
with SessionScope(db):
db.session.add(ds_client)
db.session.commit()
ds_client = db.session.merge(ds_client)
service = db.session.merge(service)
create_service_token(client=ds_client, user=service)
# Export
sp = SitePersistence(target_dir=self.tmpdir)
sp.export(staging_exclusion=True)
assert Token.query.count() == 1
# Delete service account, expect it to return
with SessionScope(db):
db.session.delete(service)
db.session.commit()
assert User.query.count() == 1
assert Token.query.count() == 0
# Import
sp.import_(keep_unmentioned=True, staging_exclusion=True)
assert Token.query.count() == 1
assert User.query.count() == 2
def test_connected_user(self):
"""User and service tokens connected with intervention should survive"""
owner = self.add_user('*****@*****.**')
self.promote_user(user=owner, role_name='application_developer')
owner = db.session.merge(owner)
owner_id = owner.id
service = self.add_service_user(sponsor=owner)
# give the owner a fake auth_provider row
ap = AuthProvider(user_id=owner_id, provider_id=1)
with SessionScope(db):
db.session.add(ap)
db.session.commit()
sm_client = Client(client_id='abc_123',
client_secret='shh',
user_id=owner_id,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
with SessionScope(db):
db.session.add(sm_client)
# give the owner a fake auth_provider row
ap = AuthProvider(user=owner, provider_id=1)
service, sm_client = map(db.session.merge, (service, sm_client))
create_service_token(client=sm_client, user=service)
sm = INTERVENTION.SELF_MANAGEMENT
sm.client = sm_client
# Setup complete - SM has an owner, a service user and a service token
# generate the full export
for model in staging_exclusions:
ep = ExclusionPersistence(
model_class=model.cls,
lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ep.export()
# Confirm filter worked
expected = client_users_filter().count()
with open(path_join(self.tmpdir, 'User.json')) as f:
serial_form = json.loads(f.read())
assert expected == len(serial_form['entry'])
# Modify/delete some internal db values and confirm reapplication of
# persistence restores desired values
owner = db.session.merge(owner)
owner.email = str(owner_id)
# just expecting the one service token. purge it and the
# owner (the service user) and the owner's auth_provider
assert Token.query.count() == 1
service_user_id = Token.query.one().user_id
b4 = User.query.count()
assert UserRelationship.query.count() == 1
assert AuthProvider.query.count() == 1
with SessionScope(db):
AuthProvider.query.delete()
Token.query.delete()
UserRelationship.query.delete()
User.query.filter_by(id=service_user_id).delete()
db.session.commit()
assert AuthProvider.query.count() == 0
assert Token.query.count() == 0
assert UserRelationship.query.count() == 0
assert User.query.count() == b4 - 1
for model in staging_exclusions:
ep = ExclusionPersistence(
model_class=model.cls,
lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
if model.cls.__name__ == 'User':
pass
ep.import_(keep_unmentioned=True)
result = User.query.get(owner_id)
assert result.email == '*****@*****.**'
assert AuthProvider.query.count() == 1
assert Token.query.count() == 1
assert UserRelationship.query.count() == 1