def get_client(request, client_id, client_secret=None): """Get a :class:`h.oauth.IClient` instance using the configured :term:`client factory` and provided ''client_id''. Returns the client object created by the factory. Returns ``None`` if the factory returns ``None`` or the provided ``client_secret`` parameter does not match the ``client_secret`` attribute of the client. """ registry = request.registry factory = registry.queryUtility(IClientFactory) client = factory(request, client_id) if client is None: return None # Allow a default client, hard-coded in the settings. if 'h.client_id' in request.registry.settings: if client_id == request.registry.settings['h.client_id']: if client.client_secret is None: client_secret = request.registry.settings['h.client_secret'] client.client_secret = client_secret if client_secret is not None: if not constant_time_compare(client_secret, client.client_secret): return None return client
def test_constant_time_compare_returns_true_if_same(self): assert constant_time_compare( force_bytes('abc'), force_bytes('abc') )
def test_constant_time_compare_returns_false_if_totally_different(self): assert not constant_time_compare( force_bytes('abcd'), force_bytes('efgh') )
def test_constant_time_compare_returns_false_if_diff_lengths(self): assert not constant_time_compare( force_bytes('abc'), force_bytes('abcd') )
def test_constant_time_compare_returns_false_if_totally_different(self): self.assertFalse( constant_time_compare(ensure_bytes('abcd'), ensure_bytes('efgh')))
def test_constant_time_compare_returns_false_if_diff_lengths(self): self.assertFalse( constant_time_compare(ensure_bytes('abc'), ensure_bytes('abcd')))
def test_constant_time_compare_returns_true_if_same(self): self.assertTrue( constant_time_compare(ensure_bytes('abc'), ensure_bytes('abc')))
def test_constant_time_compare_returns_false_if_diff_lengths(self): assert not constant_time_compare(force_bytes('abc'), force_bytes('abcd'))
def test_constant_time_compare_returns_true_if_same(self): assert constant_time_compare(force_bytes('abc'), force_bytes('abc'))
def test_constant_time_compare_returns_false_if_totally_different(self): assert not constant_time_compare(force_bytes('abcd'), force_bytes('efgh'))
def test_constant_time_compare_returns_false_if_totally_different(self): self.assertFalse(constant_time_compare( ensure_bytes('abcd'), ensure_bytes('efgh') ))
def test_constant_time_compare_returns_false_if_diff_lengths(self): self.assertFalse(constant_time_compare( ensure_bytes('abc'), ensure_bytes('abcd') ))
def test_constant_time_compare_returns_true_if_same(self): self.assertTrue(constant_time_compare( ensure_bytes('abc'), ensure_bytes('abc') ))