def exchange_delegate_token(token, repository_id):
"""
Exchange a token for a delegated token
:param token: a JWT granting the onboarding service access to write on the
client's behalf
:param repository_id: the target repsitory's ID
:returns: a new JWT authorized to write to the repository
:raises: HTTPError
"""
try:
new_token = yield oauth2.get_token(options.url_auth,
options.service_id,
options.client_secret,
scope=oauth2.Write(repository_id),
jwt=token,
ssl_options=ssl_server_options())
except httpclient.HTTPError as exc:
if exc.code in (403, 400):
try:
body = json.loads(exc.response.body)
errors = [x['message'] for x in body['errors']]
except (AttributeError, KeyError):
errors = exc.message
raise exceptions.HTTPError(403, errors, source='authentication')
else:
msg = 'Error authorizing access to the repository'
logging.exception(msg)
raise exceptions.HTTPError(500, msg)
raise Return(new_token)
def test_get_token_with_scope(self):
token = yield oauth2.get_token('https://localhost:8007',
'4225f4774d6874a68565a04130001144',
'FMjU7vNIay5HGNABQVTTghOfEJqbet',
scope=oauth2.Scope(
oauth2.Write(1), oauth2.Read()))
assert token == self.token
body = self.API().auth.token.post.call_args[1]['body']
assert urlparse.parse_qs(body) == {
'grant_type': [oauth2.CLIENT_CREDENTIALS],
'scope': ['read write[1]']
}
def transform(data, content_type, r2rml_url):
"""
Transforms source data into RDF triples
:param data: the source data
:param content_type: the http request content type
:param r2rml_url: karma mapping file url
:return: Transformed data and errors
"""
logging.debug('>>> transform')
response = None
http_status = 200
errors = []
try:
token = yield oauth2.get_token(options.url_auth,
options.service_id,
options.client_secret,
scope=oauth2.Write(
options.url_transformation),
ssl_options=ssl_server_options())
except httpclient.HTTPError as exc:
logging.exception('Error getting token for the transformation service')
raise exceptions.HTTPError(500, 'Internal Server Error')
headers = {'Accept': 'application/json', 'Content-Type': content_type}
client = API(options.url_transformation,
token=token,
ssl_options=ssl_server_options())
if r2rml_url:
params = urlencode({'r2rml_url': r2rml_url})
client.transformation.assets.path += '?{}'.format(params)
try:
client.transformation.assets.prepare_request(request_timeout=180,
headers=headers,
body=data)
response = yield client.transformation.assets.post()
except httpclient.HTTPError as exc:
response = exc.response
logging.exception('Transformation service error body:{}'.format(
exc.response))
http_status = exc.code
errors = json.loads(exc.response.body)['errors']
logging.debug('<<< transform')
raise Return((response, http_status, errors))
def test_scope_remove_does_not_exist():
scope = oauth2.Scope(oauth2.Read(), oauth2.Write(1),
oauth2.Delegate(2, oauth2.Write(3)))
scope.remove(oauth2.Write(5))
assert str(scope) == 'delegate[2]:write[3] read write[1]'
def test_scope_remove():
scope = oauth2.Scope(oauth2.Read(), oauth2.Write(1),
oauth2.Delegate(2, oauth2.Write(3)))
scope.remove(oauth2.Write(1))
assert str(scope) == 'delegate[2]:write[3] read'
def test_scope_add():
scope = oauth2.Scope(oauth2.Read(), oauth2.Write(1),
oauth2.Delegate(2, oauth2.Write(3)))
scope.add(oauth2.Write(4))
assert str(scope) == 'delegate[2]:write[3] read write[1] write[4]'
def test_delegate_write_something():
obj = oauth2.Delegate('other', oauth2.Write('something'))
assert str(obj) == 'delegate[other]:write[something]'
assert obj.resource_id == 'other'
assert obj.access == oauth2.Write('something')
def test_write_nothing():
with pytest.raises(TypeError):
oauth2.Write()
def test_write_something():
obj = oauth2.Write('something')
assert str(obj) == 'write[something]'
assert obj.resource_id == 'something'