def test_redirect_fallback():
responses.add(
responses.POST,
"https://example.com/oauth/access_token",
body="oauth_token=xxx&oauth_token_secret=yyy",
)
blueprint = OAuth1ConsumerBlueprint(
"test-service",
__name__,
client_key="client_key",
client_secret="client_secret",
base_url="https://example.com",
request_token_url="https://example.com/oauth/request_token",
access_token_url="https://example.com/oauth/access_token",
authorization_url="https://example.com/oauth/authorize",
)
app = flask.Flask(__name__)
app.secret_key = "secret"
app.register_blueprint(blueprint, url_prefix="/login")
with app.test_client() as client:
resp = client.get(
"/login/test-service/authorized?oauth_token=foobar&oauth_verifier=xyz",
base_url="https://a.b.c",
)
# check that we redirected the client
assert resp.status_code == 302
assert resp.headers["Location"] == "https://a.b.c/"
def test_custom_session_class():
bp = OAuth1ConsumerBlueprint("test", __name__,
client_key="client_key",
client_secret="client_secret",
base_url="https://example.com",
request_token_url="https://example.com/oauth/request_token",
access_token_url="https://example.com/oauth/access_token",
authorization_url="https://example.com/oauth/authorize",
redirect_to="index",
session_class=CustomOAuth1Session,
)
assert isinstance(bp.session, CustomOAuth1Session)
assert bp.session.my_attr == "foobar"
def test_signal_sender_oauth_authorized(request):
app, bp = make_app()
bp2 = OAuth1ConsumerBlueprint(
"test2",
__name__,
client_key="client_key",
client_secret="client_secret",
base_url="https://example.com",
request_token_url="https://example.com/oauth/request_token",
access_token_url="https://example.com/oauth/access_token",
authorization_url="https://example.com/oauth/authorize",
redirect_to="index",
)
app.register_blueprint(bp2, url_prefix="/login")
calls = []
def callback(*args, **kwargs):
calls.append((args, kwargs))
oauth_authorized.connect(callback, sender=bp)
request.addfinalizer(lambda: oauth_authorized.disconnect(callback, sender=bp))
with app.test_client() as client:
bp.session.fetch_access_token = mock.Mock(return_value="test-token")
bp2.session.fetch_access_token = mock.Mock(return_value="test2-token")
resp = client.get(
"/login/test2/authorized?oauth_token=foobar&oauth_verifier=xyz"
)
assert len(calls) == 0
with app.test_client() as client:
bp.session.fetch_access_token = mock.Mock(return_value="test-token")
bp2.session.fetch_access_token = mock.Mock(return_value="test2-token")
resp = client.get(
"/login/test-service/authorized?oauth_token=foobar&oauth_verifier=xyz"
)
assert len(calls) == 1
assert calls[0][0] == (bp,)
assert calls[0][1] == {"token": "test-token"}
with app.test_client() as client:
bp.session.fetch_access_token = mock.Mock(return_value="test-token")
bp2.session.fetch_access_token = mock.Mock(return_value="test2-token")
resp = client.get(
"/login/test2/authorized?oauth_token=foobar&oauth_verifier=xyz"
)
assert len(calls) == 1 # unchanged
def make_app(login_url=None):
blueprint = OAuth1ConsumerBlueprint("test-service", __name__,
client_key="client_key",
client_secret="client_secret",
base_url="https://example.com",
request_token_url="https://example.com/oauth/request_token",
access_token_url="https://example.com/oauth/access_token",
authorization_url="https://example.com/oauth/authorize",
redirect_to="index",
login_url=login_url,
)
app = flask.Flask(__name__)
app.secret_key = "secret"
app.register_blueprint(blueprint, url_prefix="/login")
@app.route("/")
def index():
return "index"
return app, blueprint
def test_rule_kwargs():
blueprint = OAuth1ConsumerBlueprint(
"test-service",
__name__,
client_key="client_key",
client_secret="client_secret",
base_url="https://example.com",
request_token_url="https://example.com/oauth/request_token",
access_token_url="https://example.com/oauth/access_token",
authorization_url="https://example.com/oauth/authorize",
redirect_to="my_view",
rule_kwargs={"host": "example2.com"},
)
app = flask.Flask(__name__)
app.secret_key = "secret"
app.register_blueprint(blueprint, url_prefix="/login")
rules = [
rule for rule in app.url_map.iter_rules()
if rule.endpoint.startswith("test-service.")
]
assert all(rule.host == "example2.com" for rule in rules)
assert len(rules) == 2
def make_jira_blueprint(
base_url, consumer_key=None, rsa_key=None,
redirect_url=None, redirect_to=None, login_url=None, authorized_url=None,
session_class=None, backend=None):
"""
Make a blueprint for authenticating with JIRA using OAuth 1. This requires
a consumer key and RSA key for the JIRA application link. You should either
pass them to this constructor, or make sure that your Flask application
config defines them, using the variables JIRA_OAUTH_CONSUMER_KEY and
JIRA_OAUTH_RSA_KEY.
Args:
base_url (str): The base URL of your JIRA installation. For example,
for Atlassian's hosted Cloud JIRA, the base_url would be
``https://jira.atlassian.com``
consumer_key (str): The consumer key for your Application Link on JIRA
rsa_key (str or path): The RSA private key for your Application Link
on JIRA. This can be the contents of the key as a string, or a path
to the key file on disk.
redirect_url (str): the URL to redirect to after the authentication
dance is complete
redirect_to (str): if ``redirect_url`` is not defined, the name of the
view to redirect to after the authentication dance is complete.
The actual URL will be determined by :func:`flask.url_for`
login_url (str, optional): the URL path for the ``login`` view.
Defaults to ``/jira``
authorized_url (str, optional): the URL path for the ``authorized`` view.
Defaults to ``/jira/authorized``.
session_class (class, optional): The class to use for creating a
Requests session. Defaults to
:class:`~flask_dance.contrib.jira.JsonOAuth1Session`.
backend: A storage backend class, or an instance of a storage
backend class, to use for this blueprint. Defaults to
:class:`~flask_dance.consumer.backend.session.SessionBackend`.
:rtype: :class:`~flask_dance.consumer.OAuth1ConsumerBlueprint`
:returns: A :ref:`blueprint <flask:blueprints>` to attach to your Flask app.
"""
if rsa_key and os.path.isfile(rsa_key):
with open(rsa_key) as f:
rsa_key = f.read()
base_url = URLObject(base_url)
jira_bp = OAuth1ConsumerBlueprint("jira", __name__,
client_key=consumer_key,
rsa_key=rsa_key,
signature_method=SIGNATURE_RSA,
base_url=base_url,
request_token_url=base_url.relative("plugins/servlet/oauth/request-token"),
access_token_url=base_url.relative("plugins/servlet/oauth/access-token"),
authorization_url=base_url.relative("plugins/servlet/oauth/authorize"),
redirect_url=redirect_url,
redirect_to=redirect_to,
login_url=login_url,
authorized_url=authorized_url,
session_class=session_class or JsonOAuth1Session,
backend=backend,
)
jira_bp.from_config["client_key"] = "JIRA_OAUTH_CONSUMER_KEY"
jira_bp.from_config["rsa_key"] = "JIRA_OAUTH_RSA_KEY"
@jira_bp.before_app_request
def set_applocal_session():
ctx = stack.top
ctx.jira_oauth = jira_bp.session
return jira_bp
def make_twitter_blueprint(
api_key=None,
api_secret=None,
redirect_url=None,
redirect_to=None,
login_url=None,
authorized_url=None,
session_class=None,
storage=None,
):
"""
Make a blueprint for authenticating with Twitter using OAuth 1. This requires
an API key and API secret from Twitter. You should either pass them to
this constructor, or make sure that your Flask application config defines
them, using the variables :envvar:`TWITTER_OAUTH_CLIENT_KEY` and
:envvar:`TWITTER_OAUTH_CLIENT_SECRET`.
Args:
api_key (str): The API key for your Twitter application
api_secret (str): The API secret for your Twitter application
redirect_url (str): the URL to redirect to after the authentication
dance is complete
redirect_to (str): if ``redirect_url`` is not defined, the name of the
view to redirect to after the authentication dance is complete.
The actual URL will be determined by :func:`flask.url_for`
login_url (str, optional): the URL path for the ``login`` view.
Defaults to ``/twitter``
authorized_url (str, optional): the URL path for the ``authorized`` view.
Defaults to ``/twitter/authorized``.
session_class (class, optional): The class to use for creating a
Requests session. Defaults to
:class:`~flask_dance.consumer.requests.OAuth1Session`.
storage: A token storage class, or an instance of a token storage
class, to use for this blueprint. Defaults to
:class:`~flask_dance.consumer.storage.session.SessionStorage`.
:rtype: :class:`~flask_dance.consumer.OAuth1ConsumerBlueprint`
:returns: A :ref:`blueprint <flask:blueprints>` to attach to your Flask app.
"""
twitter_bp = OAuth1ConsumerBlueprint(
"twitter",
__name__,
client_key=api_key,
client_secret=api_secret,
base_url="https://api.twitter.com/1.1/",
request_token_url="https://api.twitter.com/oauth/request_token",
access_token_url="https://api.twitter.com/oauth/access_token",
authorization_url="https://api.twitter.com/oauth/authorize",
redirect_url=redirect_url,
redirect_to=redirect_to,
login_url=login_url,
authorized_url=authorized_url,
session_class=session_class,
storage=storage,
)
twitter_bp.from_config["client_key"] = "TWITTER_OAUTH_CLIENT_KEY"
twitter_bp.from_config["client_secret"] = "TWITTER_OAUTH_CLIENT_SECRET"
@twitter_bp.before_app_request
def set_applocal_session():
ctx = stack.top
ctx.twitter_oauth = twitter_bp.session
return twitter_bp
