コード例 #1
0
def create_consumer(name, description, owner_userid, admin_contact,
                    permissions):
    """
    Create a new Consumer with all of the info we need recorded. Arguments: (name, description, owner_userid, admin_contact, permissions)

    Could be rolled into a form+view in /sysadmin/, but how many could there possibly be?
    """
    assert set(permissions) <= set(PERMISSION_OPTIONS.keys(
    )), 'Permissions must be chosen from PERMISSION_CHOICES.'

    User = get_user_model()
    c = Consumer(name=name,
                 description=description,
                 status=ACCEPTED,
                 user=User.objects.get(username=owner_userid),
                 xauth_allowed=False)
    c.generate_random_codes()
    c.save()

    i = ConsumerInfo(consumer=c)
    i.admin_contact = admin_contact
    i.permissions = list(permissions)
    i.save()

    print("Consumer key:", c.key)
    print("Consumer secret:", c.secret)
コード例 #2
0
    def setUp(self):
        self.faketime = 525942870
        self.client = Client()

        # create a Consumer (and associated stuff)
        try:
            u = User.objects.get(username='******')
        except User.DoesNotExist:
            u = User(username='******')
            u.save()

        try:
            c = Consumer.objects.get(name='Test Consumer')
        except Consumer.DoesNotExist:
            c = Consumer(name='Test Consumer')

        c.description = 'Consumer to do some tests with'
        c.status = ACCEPTED
        c.user = u
        c.xauth_allowed = False
        c.generate_random_codes()
        c.save()
        self.consumer = c

        i = ConsumerInfo(consumer=c)
        i.admin_contact = '*****@*****.**'
        i.permissions = ['courses']
        i.timestamp = self.faketime - 10  # make sure the ConsumerInfo was there "before" the Token was created
        i.save()
        self.consumerinfo = i

        # create an access token so we can jump in to requests
        try:
            t = Token.objects.get(token_type=Token.ACCESS, consumer=c, user=u)
        except Token.DoesNotExist:
            t = Token(token_type=Token.ACCESS,
                      consumer=c,
                      user=u,
                      timestamp=self.faketime)

        t.is_approved = True
        t.generate_random_codes()
        t.verifier = VERIFIER
        t.save()
        self.token = t
コード例 #3
0
ファイル: tests.py プロジェクト: tedkirkpatrick/coursys
    def setUp(self):
        self.faketime = 525942870
        self.client = Client()

        # create a Consumer (and associated stuff)
        try:
            u = User.objects.get(username='******')
        except User.DoesNotExist:
            u = User(username='******')
            u.save()

        try:
            c = Consumer.objects.get(name='Test Consumer')
        except Consumer.DoesNotExist:
            c = Consumer(name='Test Consumer')

        c.description = 'Consumer to do some tests with'
        c.status = ACCEPTED
        c.user = u
        c.xauth_allowed = False
        c.generate_random_codes()
        c.save()
        self.consumer = c

        i = ConsumerInfo(consumer=c)
        i.admin_contact = '*****@*****.**'
        i.permissions = ['courses']
        i.timestamp = self.faketime - 10 # make sure the ConsumerInfo was there "before" the Token was created
        i.save()
        self.consumerinfo = i

        # create an access token so we can jump in to requests
        try:
            t = Token.objects.get(token_type=Token.ACCESS, consumer=c, user=u)
        except Token.DoesNotExist:
            t = Token(token_type=Token.ACCESS, consumer=c, user=u, timestamp=self.faketime)
       
        t.is_approved = True
        t.generate_random_codes()
        t.verifier = VERIFIER
        t.save()
        self.token = t
コード例 #4
0
ファイル: models.py プロジェクト: sfu-fas/coursys
def create_consumer(name, description, owner_userid, admin_contact, permissions):
    """
    Create a new Consumer with all of the info we need recorded. Arguments: (name, description, owner_userid, admin_contact, permissions)

    Could be rolled into a form+view in /sysadmin/, but how many could there possibly be?
    """
    assert set(permissions) <= set(PERMISSION_OPTIONS.keys()), 'Permissions must be chosen from PERMISSION_CHOICES.'

    User = get_user_model()
    c = Consumer(name=name, description=description, status=ACCEPTED,
            user=User.objects.get(username=owner_userid), xauth_allowed=False)
    c.generate_random_codes()
    c.save()

    i = ConsumerInfo(consumer=c)
    i.admin_contact = admin_contact
    i.permissions = list(permissions)
    i.save()

    print("Consumer key:", c.key)
    print("Consumer secret:", c.secret)
コード例 #5
0
ファイル: tests.py プロジェクト: tjkind/coursys
    def test_oauth_workflow(self):
        request_token_url = 'http://testserver' + reverse(
            'api:oauth_request_token')
        authorize_token_url = 'http://testserver' + reverse(
            'api:oauth_user_authorization')

        # create consumer for tests
        c = Client()
        c.login_user('ggbaker')
        c.logout()
        consumer = Consumer(name='Test Consumer',
                            description='Consumer to do some tests with',
                            status=ACCEPTED,
                            user=User.objects.get(username='******'),
                            xauth_allowed=False)
        consumer.generate_random_codes()
        consumer.save()
        ci = ConsumerInfo(consumer=consumer)
        ci.admin_contact = '*****@*****.**'
        ci.permissions = ['courses', 'grades']
        ci.save()

        # generate request token
        oauth_request = oauth.Request.from_consumer_and_token(
            consumer,
            http_url=request_token_url,
            parameters={'oauth_callback': 'oob'})
        oauth_request.sign_request(oauth.SignatureMethod_HMAC_SHA1(), consumer,
                                   None)

        resp = c.get(request_token_url, **oauth_request.to_header())
        self.assertEqual(resp.status_code, 200)
        request_token = dict(
            urllib.parse.parse_qsl(resp.content.decode('utf8')))

        # get auth verifier
        c.login_user('ggbaker')
        resp = c.get(authorize_token_url,
                     {'oauth_token': request_token['oauth_token']})
        self.assertEqual(resp.status_code, 200)
        resp = c.post(authorize_token_url, {
            'oauth_token': request_token['oauth_token'],
            'authorize_access': 'on'
        })
        self.assertEqual(resp.status_code, 200)
        parser = etree.HTMLParser()
        root = etree.fromstring(resp.content, parser=parser)
        verifier_elt = root.xpath('//*[@id="verifier"]')[0]
        oauth_verifier = verifier_elt.text.strip()
        c.logout()

        # get access token
        token = oauth.Token(request_token['oauth_token'],
                            request_token['oauth_token_secret'])
        token.set_verifier(oauth_verifier)
        oauth_request = oauth.Request.from_consumer_and_token(
            consumer, token, http_url=authorize_token_url)
        oauth_request.sign_request(oauth.SignatureMethod_HMAC_SHA1(), consumer,
                                   token)

        resp = c.get(authorize_token_url, **oauth_request.to_header())