class TestOAuthClient(): def setup_class(self): self.client = Client("1") self.client.redirect_uris = ["http://example.com/redirect"] def test_areq_1(self): ar = self.client.construct_AuthorizationRequest( request_args={"response_type": ["code"]}) assert ar["redirect_uri"] == "http://example.com/redirect" assert ar["response_type"] == ["code"] assert ar["client_id"] == "1" assert "state" not in ar assert "scope" not in ar def test_areq_2(self): self.client.state = "abc" req_args = {"response_type": ["code"], "scope": ["foo", "bar"]} ar = self.client.construct_AuthorizationRequest(request_args=req_args) assert ar["redirect_uri"] == "http://example.com/redirect" assert ar["response_type"] == ["code"] assert ar["client_id"] == "1" assert ar["state"] == "abc" assert ar["scope"] == ["foo", "bar"] def test_areq_replace_default_state(self): self.client.state = "efg" req_args = {"response_type": ["code"], "scope": ["foo", "bar"]} ar = self.client.construct_AuthorizationRequest(request_args=req_args) assert ar["redirect_uri"] == "http://example.com/redirect" assert ar["response_type"] == ["code"] assert ar["client_id"] == "1" assert ar["state"] == "efg" assert ar["scope"] == ["foo", "bar"] def test_parse_authz_resp_url(self): url = "https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=ghi" aresp = self.client.parse_response(AuthorizationResponse, info=url, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxSbIA" assert aresp["state"] == "ghi" assert self.client.grant["ghi"] assert self.client.grant["ghi"].code == aresp["code"] assert self.client.grant["ghi"].grant_expiration_time def test_parse_authz_resp_query(self): query = "code=SplxlOBeZQQYbYS6WxSbIA&state=hij" aresp = self.client.parse_response(AuthorizationResponse, info=query, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxSbIA" assert aresp["state"] == "hij" print self.client.grant.keys() assert self.client.grant["hij"] assert self.client.grant["hij"].code == aresp["code"] assert self.client.grant["hij"].grant_expiration_time def test_parse_authz_resp_query_multi_scope(self): query = "code=SplxlOBeZQQYbYS6WxAAAA&state=klm" aresp = self.client.parse_response(AuthorizationResponse, info=query, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxAAAA" assert aresp["state"] == "klm" assert self.client.grant["klm"] assert self.client.grant["klm"].code == aresp["code"] assert self.client.grant["klm"].grant_expiration_time assert _eq(self.client.grant.keys(), ['ghi', 'hij', 'klm']) def test_parse_authz_resp_query_unknown_parameter(self): query = "code=SplxlOBeZQQYbYS6WxSbIA&state=xyz&foo=bar" aresp = self.client.parse_response(AuthorizationResponse, info=query, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxSbIA" assert aresp["state"] == "xyz" print aresp.__dict__.keys() assert "foo" not in aresp.__dict__ assert self.client.grant["xyz"] assert self.client.grant["xyz"].code == aresp["code"] assert self.client.grant["xyz"].grant_expiration_time def test_get_access_token_request_1(self): self.client.reset() self.client.redirect_uris = ["http://client.example.com/authz"] grant = Grant() grant.code = "AbCdEf" grant.grant_expiration_time = time_util.utc_time_sans_frac() + 30 self.client.grant = {"stat": grant} # scope is default="" atr = self.client.construct_AccessTokenRequest(state="stat") assert atr["grant_type"] == "authorization_code" assert atr["code"] == "AbCdEf" assert atr["redirect_uri"] == "http://client.example.com/authz" def test_construct_access_token_request_fail(self): raises(Exception, 'self.client.construct_AccessTokenRequest(state="unknown")') def test_get_access_token_request_override(self): self.client.reset() self.client.redirect_uris = ["http://client.example.com/authz"] grant = Grant() grant.code = "AbCdEf" grant.grant_expiration_time = time_util.utc_time_sans_frac() + 30 self.client.grant = {"xyz": grant} atr = self.client.construct_AccessTokenRequest(state="xyz") assert atr["grant_type"] == "authorization_code" assert atr["code"] == "AbCdEf" assert atr["redirect_uri"] == "http://client.example.com/authz" def test_construct_request_no_input(self): self.client.response_type = ["code"] atr = self.client.construct_AuthorizationRequest() print atr assert atr["redirect_uri"] == "http://client.example.com/authz" assert atr["response_type"] == ["code"] assert atr["client_id"] == "1" def test_parse_access_token_response(self): jso = """{ "access_token":"2YotnFZFEjr1zCsicMWpAA", "token_type":"example", "expires_in":3600, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", "example_parameter":"example_value" }""" self.client.parse_response(AccessTokenResponse, info="".join([ x.strip() for x in jso.split("\n")])) assert self.client.grant _grant = self.client.grant[""] assert len(_grant.tokens) == 1 token = _grant.tokens[0] assert token.access_token == "2YotnFZFEjr1zCsicMWpAA" assert token.token_type == "example" assert token.expires_in == 3600 assert token.refresh_token == "tGzv3JOkF0XG5Qx2TlKWIA" # I'm dropping parameters I don't recognize assert "example_parameter" not in self.client.__dict__ #assert self.client.access_token_is_valid() def test_get_access_token_refresh_1(self): print self.client.grant self.client.grant[""].grant_expiration_time = time.time() + 60 self.client.grant[""].code = "access_code" token = self.client.grant[""].tokens[0] print token # Uses refresh_token from previous response atr = self.client.construct_RefreshAccessTokenRequest(token=token) print atr.to_dict() assert atr.type() == "RefreshAccessTokenRequest" assert atr["grant_type"] == "refresh_token" assert atr["refresh_token"] == "tGzv3JOkF0XG5Qx2TlKWIA" def test_get_access_token_refresh_2(self): self.client.grant["foo"] = Grant() _get = time_util.utc_time_sans_frac() + 60 self.client.grant["foo"].grant_expiration_time = _get self.client.grant["foo"].code = "access_code" print self.client.grant["foo"] resp = AccessTokenResponse(refresh_token="refresh_with_me", access_token="access") self.client.grant["foo"].tokens.append(Token(resp)) # Uses refresh_token from previous response atr = self.client.construct_RefreshAccessTokenRequest(state="foo") assert atr.type() == "RefreshAccessTokenRequest" assert atr["grant_type"] == "refresh_token" assert atr["refresh_token"] == "refresh_with_me" def test_parse_authz_err_response(self): ruri = "https://client.example.com/cb?error=access_denied&state=xyz" resp = self.client.parse_response(AuthorizationResponse, info=ruri, sformat="urlencoded") print type(resp), resp assert resp.type() == "AuthorizationErrorResponse" assert resp["error"] == "access_denied" assert resp["state"] == "xyz" def test_return_non_existant_grant(self): assert self.client.grant_from_state("123456abcdef") is None def test_construct_request_with_extra_args(self): print self.client.__dict__.items() req = self.client.construct_AccessTokenRequest( state="foo", extra_args={"foo": "bar"}) assert req print req.keys() assert _eq(req.keys(), ['code', 'grant_type', 'client_id', 'redirect_uri', 'foo']) assert req["foo"] == "bar" def test_construct_TokenRevocationRequest(self): req = self.client.construct_TokenRevocationRequest(state="foo") assert req print req.keys() assert _eq(req.keys(), ['token']) assert req["token"] == "access" def test_request_info_simple(self): self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info(AuthorizationRequest) # default == "POST" assert uri == 'https://example.com/authz' assert body == "redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1" assert h_args == {'headers': {'content-type': 'application/x-www-form-urlencoded'}} assert cis.type() == "AuthorizationRequest" def test_request_info_simple_get(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info(AuthorizationRequest, method="GET") assert uri == 'https://example.com/authz?redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest" def test_request_info_simple_get_with_req_args(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info( AuthorizationRequest, method="GET", request_args={"state": "init"}) print uri assert uri == 'https://example.com/authz?state=init&redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest" def test_request_info_simple_get_with_extra_args(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info( AuthorizationRequest, method="GET", extra_args={"rock": "little"}) print uri assert uri == 'https://example.com/authz?redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1&rock=little' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest" def test_request_info_with_req_and_extra_args(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info( AuthorizationRequest, method="GET", request_args={"state": "init"}, extra_args={"rock": "little"}) print uri assert uri == 'https://example.com/authz?state=init&redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1&rock=little' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest"
class TestOAuthClient(): def setup_class(self): self.client = Client("1") self.client.redirect_uris = ["http://example.com/redirect"] def test_areq_1(self): ar = self.client.construct_AuthorizationRequest( request_args={"response_type": ["code"]}) assert ar["redirect_uri"] == "http://example.com/redirect" assert ar["response_type"] == ["code"] assert ar["client_id"] == "1" assert "state" not in ar assert "scope" not in ar def test_areq_2(self): self.client.state = "abc" req_args = {"response_type": ["code"], "scope": ["foo", "bar"]} ar = self.client.construct_AuthorizationRequest(request_args=req_args) assert ar["redirect_uri"] == "http://example.com/redirect" assert ar["response_type"] == ["code"] assert ar["client_id"] == "1" assert ar["state"] == "abc" assert ar["scope"] == ["foo", "bar"] def test_areq_replace_default_state(self): self.client.state = "efg" req_args = {"response_type": ["code"], "scope": ["foo", "bar"]} ar = self.client.construct_AuthorizationRequest(request_args=req_args) assert ar["redirect_uri"] == "http://example.com/redirect" assert ar["response_type"] == ["code"] assert ar["client_id"] == "1" assert ar["state"] == "efg" assert ar["scope"] == ["foo", "bar"] def test_parse_authz_resp_url(self): url = "https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=ghi" aresp = self.client.parse_response(AuthorizationResponse, info=url, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxSbIA" assert aresp["state"] == "ghi" assert self.client.grant["ghi"] assert self.client.grant["ghi"].code == aresp["code"] assert self.client.grant["ghi"].grant_expiration_time def test_parse_authz_resp_query(self): query = "code=SplxlOBeZQQYbYS6WxSbIA&state=hij" aresp = self.client.parse_response(AuthorizationResponse, info=query, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxSbIA" assert aresp["state"] == "hij" print self.client.grant.keys() assert self.client.grant["hij"] assert self.client.grant["hij"].code == aresp["code"] assert self.client.grant["hij"].grant_expiration_time def test_parse_authz_resp_query_multi_scope(self): query = "code=SplxlOBeZQQYbYS6WxAAAA&state=klm" aresp = self.client.parse_response(AuthorizationResponse, info=query, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxAAAA" assert aresp["state"] == "klm" assert self.client.grant["klm"] assert self.client.grant["klm"].code == aresp["code"] assert self.client.grant["klm"].grant_expiration_time assert _eq(self.client.grant.keys(), ['ghi', 'hij', 'klm']) def test_parse_authz_resp_query_unknown_parameter(self): query = "code=SplxlOBeZQQYbYS6WxSbIA&state=xyz&foo=bar" aresp = self.client.parse_response(AuthorizationResponse, info=query, sformat="urlencoded") assert aresp["code"] == "SplxlOBeZQQYbYS6WxSbIA" assert aresp["state"] == "xyz" print aresp.__dict__.keys() assert "foo" not in aresp.__dict__ assert self.client.grant["xyz"] assert self.client.grant["xyz"].code == aresp["code"] assert self.client.grant["xyz"].grant_expiration_time def test_get_access_token_request_1(self): self.client.reset() self.client.redirect_uris = ["http://client.example.com/authz"] grant = Grant() grant.code = "AbCdEf" grant.grant_expiration_time = time_util.utc_time_sans_frac() + 30 self.client.grant = {"stat": grant} # scope is default="" atr = self.client.construct_AccessTokenRequest(state="stat") assert atr["grant_type"] == "authorization_code" assert atr["code"] == "AbCdEf" assert atr["redirect_uri"] == "http://client.example.com/authz" def test_construct_access_token_request_fail(self): raises(Exception, 'self.client.construct_AccessTokenRequest(state="unknown")') def test_get_access_token_request_override(self): self.client.reset() self.client.redirect_uris = ["http://client.example.com/authz"] grant = Grant() grant.code = "AbCdEf" grant.grant_expiration_time = time_util.utc_time_sans_frac() + 30 self.client.grant = {"xyz": grant} atr = self.client.construct_AccessTokenRequest(state="xyz") assert atr["grant_type"] == "authorization_code" assert atr["code"] == "AbCdEf" assert atr["redirect_uri"] == "http://client.example.com/authz" def test_construct_request_no_input(self): self.client.response_type = ["code"] atr = self.client.construct_AuthorizationRequest() print atr assert atr["redirect_uri"] == "http://client.example.com/authz" assert atr["response_type"] == ["code"] assert atr["client_id"] == "1" def test_parse_access_token_response(self): jso = """{ "access_token":"2YotnFZFEjr1zCsicMWpAA", "token_type":"example", "expires_in":3600, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", "example_parameter":"example_value" }""" self.client.parse_response(AccessTokenResponse, info="".join( [x.strip() for x in jso.split("\n")])) assert self.client.grant _grant = self.client.grant[""] assert len(_grant.tokens) == 1 token = _grant.tokens[0] assert token.access_token == "2YotnFZFEjr1zCsicMWpAA" assert token.token_type == "example" assert token.expires_in == 3600 assert token.refresh_token == "tGzv3JOkF0XG5Qx2TlKWIA" # I'm dropping parameters I don't recognize assert "example_parameter" not in self.client.__dict__ #assert self.client.access_token_is_valid() def test_get_access_token_refresh_1(self): print self.client.grant self.client.grant[""].grant_expiration_time = time.time() + 60 self.client.grant[""].code = "access_code" token = self.client.grant[""].tokens[0] print token # Uses refresh_token from previous response atr = self.client.construct_RefreshAccessTokenRequest(token=token) print atr.to_dict() assert atr.type() == "RefreshAccessTokenRequest" assert atr["grant_type"] == "refresh_token" assert atr["refresh_token"] == "tGzv3JOkF0XG5Qx2TlKWIA" def test_get_access_token_refresh_2(self): self.client.grant["foo"] = Grant() _get = time_util.utc_time_sans_frac() + 60 self.client.grant["foo"].grant_expiration_time = _get self.client.grant["foo"].code = "access_code" print self.client.grant["foo"] resp = AccessTokenResponse(refresh_token="refresh_with_me", access_token="access") self.client.grant["foo"].tokens.append(Token(resp)) # Uses refresh_token from previous response atr = self.client.construct_RefreshAccessTokenRequest(state="foo") assert atr.type() == "RefreshAccessTokenRequest" assert atr["grant_type"] == "refresh_token" assert atr["refresh_token"] == "refresh_with_me" def test_parse_authz_err_response(self): ruri = "https://client.example.com/cb?error=access_denied&state=xyz" resp = self.client.parse_response(AuthorizationResponse, info=ruri, sformat="urlencoded") print type(resp), resp assert resp.type() == "AuthorizationErrorResponse" assert resp["error"] == "access_denied" assert resp["state"] == "xyz" def test_return_non_existant_grant(self): assert self.client.grant_from_state("123456abcdef") is None def test_construct_request_with_extra_args(self): print self.client.__dict__.items() req = self.client.construct_AccessTokenRequest( state="foo", extra_args={"foo": "bar"}) assert req print req.keys() assert _eq(req.keys(), ['code', 'grant_type', 'client_id', 'redirect_uri', 'foo']) assert req["foo"] == "bar" def test_construct_TokenRevocationRequest(self): req = self.client.construct_TokenRevocationRequest(state="foo") assert req print req.keys() assert _eq(req.keys(), ['token']) assert req["token"] == "access" def test_request_info_simple(self): self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info(AuthorizationRequest) # default == "POST" assert uri == 'https://example.com/authz' assert body == "redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1" assert h_args == { 'headers': { 'Content-type': 'application/x-www-form-urlencoded' } } assert cis.type() == "AuthorizationRequest" def test_request_info_simple_get(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info(AuthorizationRequest, method="GET") assert uri == 'https://example.com/authz?redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest" def test_request_info_simple_get_with_req_args(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info( AuthorizationRequest, method="GET", request_args={"state": "init"}) print uri assert uri == 'https://example.com/authz?state=init&redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest" def test_request_info_simple_get_with_extra_args(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info( AuthorizationRequest, method="GET", extra_args={"rock": "little"}) print uri assert uri == 'https://example.com/authz?redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1&rock=little' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest" def test_request_info_with_req_and_extra_args(self): #self.client.authorization_endpoint = "https://example.com/authz" uri, body, h_args, cis = self.client.request_info( AuthorizationRequest, method="GET", request_args={"state": "init"}, extra_args={"rock": "little"}) print uri assert uri == 'https://example.com/authz?state=init&redirect_uri=http%3A%2F%2Fclient.example.com%2Fauthz&response_type=code&client_id=1&rock=little' assert body is None assert h_args == {} assert cis.type() == "AuthorizationRequest"