def test_create_offline_omit(self):
oauth2.add_client('hi','password')
code = self.get_code('hi', access_type='offline')
# get auth token
token_request = {'client_id':'hi', 'client_secret':'password',
'grant_type':'authorization_code', 'code':code}
resp = oauth2.token(token_request)
token_data = json.loads(resp)
assert_in('access_token', token_data)
assert_in('expires_in', token_data)
assert_in('token_type', token_data)
assert_in('refresh_token', token_data)
# throws an exception if invalid
works = oauth2.validate_access_token(token_data['access_token'])
# should not get another refresh
code = self.get_code('hi', access_type='offline')
token_request['code'] = code
resp = oauth2.token(token_request)
token_data = json.loads(resp)
assert_in('access_token', token_data)
assert_in('expires_in', token_data)
assert_in('token_type', token_data)
assert_not_in('refresh_token', token_data)
# throws an exception if invalid
works = oauth2.validate_access_token(token_data['access_token'])
def test_create_random(self):
result = oauth2.create_client()
data = json.loads(result)
client_id = data['client_id']
client_secret = data['client_secret']
code = self.get_code(client_id)
token_request = {'client_id':client_id, 'client_secret':client_secret,
'grant_type':'authorization_code', 'code':code}
resp = oauth2.token(token_request)
token_data = json.loads(resp)
assert_in('access_token', token_data)
assert_in('expires_in', token_data)
assert_in('token_type', token_data)
assert_not_in('refresh_token', token_data)
# throws an exception if invalid
works = oauth2.validate_access_token(token_data['access_token'])
# auth_token should not be valid a second time
try:
resp = oauth2.token(token_request)
fail()
except:
pass
def test_create_and_revoke(self):
oauth2.add_client('hi','password')
code = self.get_code('hi')
token_request = {'client_id':'hi', 'client_secret':'password',
'grant_type':'authorization_code', 'code':code}
resp = oauth2.token(token_request)
token_data = json.loads(resp)
assert_in('access_token', token_data)
assert_in('expires_in', token_data)
assert_in('token_type', token_data)
assert_not_in('refresh_token', token_data)
# throws an exception if invalid
works = oauth2.validate_access_token(token_data['access_token'])
# revoke
oauth2.del_client('hi','password')
try:
works = oauth2.validate_access_token(token_data['access_token'])
fail()
except:
pass
def test_create_offline_use(self):
oauth2.add_client('hi','password')
code = self.get_code('hi', access_type='offline')
# get auth token
token_request = {'client_id':'hi', 'client_secret':'password',
'grant_type':'authorization_code', 'code':code}
resp = oauth2.token(token_request)
token_data = json.loads(resp)
assert_in('access_token', token_data)
assert_in('expires_in', token_data)
assert_in('token_type', token_data)
assert_in('refresh_token', token_data)
# throws an exception if invalid
works = oauth2.validate_access_token(token_data['access_token'])
refresh_token = token_data['refresh_token']
# expire the access token
del oauth2.client_access['hi']
try:
works = oauth2.validate_access_token(token_data['access_token'])
fail()
except:
pass
# get a new token with refresh
token_request = {'client_id':'hi', 'client_secret':'password',
'grant_type':'refresh_token', 'refresh_token':refresh_token}
resp = oauth2.token(token_request)
token_data = json.loads(resp)
assert_in('access_token', token_data)
assert_in('expires_in', token_data)
assert_in('token_type', token_data)
assert_not_in('refresh_token', token_data)
# throws an exception if invalid
works = oauth2.validate_access_token(token_data['access_token'])