def test_splitquery(self):
# Normal cases are exercised by other tests; ensure that we also
# catch cases with no port specified (testcase ensuring coverage)
result = urllib_parse.splitquery('http://python.org/fake?foo=bar')
self.assertEqual(result, ('http://python.org/fake', 'foo=bar'))
result = urllib_parse.splitquery('http://python.org/fake?foo=bar?')
self.assertEqual(result, ('http://python.org/fake?foo=bar', ''))
result = urllib_parse.splitquery('http://python.org/fake')
self.assertEqual(result, ('http://python.org/fake', None))
def test_splitquery(self):
# Normal cases are exercised by other tests; ensure that we also
# catch cases with no port specified (testcase ensuring coverage)
result = urllib_parse.splitquery('http://python.org/fake?foo=bar')
self.assertEqual(result, ('http://python.org/fake', 'foo=bar'))
result = urllib_parse.splitquery('http://python.org/fake?foo=bar?')
self.assertEqual(result, ('http://python.org/fake?foo=bar', ''))
result = urllib_parse.splitquery('http://python.org/fake')
self.assertEqual(result, ('http://python.org/fake', None))
def _uris_to_tuples(uris):
tup = []
for uri in uris:
base, query = splitquery(uri)
if query:
tup.append((base, query))
else:
tup.append((base, ""))
return tup
def _uris_to_tuples(uris):
tup = []
for uri in uris:
base, query = splitquery(uri)
if query:
tup.append((base, query))
else:
tup.append((base, ""))
return tup
def _verify_redirect_uri(self, areq):
"""
MUST NOT contain a fragment
MAY contain query component
:return: An error response if the redirect URI is faulty otherwise
None
"""
try:
_redirect_uri = unquote(areq["redirect_uri"])
part = urlparse(_redirect_uri)
if part.fragment:
raise URIError("Contains fragment")
(_base, _query) = splitquery(_redirect_uri)
if _query:
_query = parse_qs(_query)
match = False
for regbase, rquery in self.cdb[str(areq["client_id"])][
"redirect_uris"]:
if _base == regbase or _redirect_uri.startswith(regbase):
# every registered query component must exist in the
# redirect_uri
if rquery:
for key, vals in rquery.items():
assert key in _query
for val in vals:
assert val in _query[key]
# and vice versa, every query component in the redirect_uri
# must be registered
if _query:
if rquery is None:
raise ValueError
for key, vals in _query.items():
assert key in rquery
for val in vals:
assert val in rquery[key]
match = True
break
if not match:
raise RedirectURIError("Doesn't match any registered uris")
# ignore query components that are not registered
return None
except Exception as err:
logger.error("Faulty redirect_uri: %s" % areq["redirect_uri"])
try:
_cinfo = self.cdb[str(areq["client_id"])]
except KeyError:
logger.info("Unknown client: %s" % areq["client_id"])
raise UnknownClient(areq["client_id"])
else:
logger.info("Registered redirect_uris: %s" % _cinfo)
raise RedirectURIError(
"Faulty redirect_uri: %s" % areq["redirect_uri"])
def pack_redirect_uri(redirect_uris):
ruri = []
for uri in redirect_uris:
if urlparse(uri).fragment:
print("Faulty redirect uri, contains fragment", file=sys.stderr)
base, query = splitquery(uri)
if query:
ruri.append([base, parse_qs(query)])
else:
ruri.append([base, query])
return ruri
def pack_redirect_uri(redirect_uris):
ruri = []
for uri in redirect_uris:
if urlparse(uri).fragment:
print("Faulty redirect uri, contains fragment", file=sys.stderr)
base, query = splitquery(uri)
if query:
ruri.append([base, parse_qs(query)])
else:
ruri.append([base, query])
return ruri
def _verify_redirect_uri(self, areq):
"""
MUST NOT contain a fragment
MAY contain query component
:return: An error response if the redirect URI is faulty otherwise
None
"""
try:
_redirect_uri = unquote(areq["redirect_uri"])
part = urlparse(_redirect_uri)
if part.fragment:
raise URIError("Contains fragment")
(_base, _query) = splitquery(_redirect_uri)
if _query:
_query = parse_qs(_query)
match = False
for regbase, rquery in self.cdb[str(areq["client_id"])][
"redirect_uris"]:
# The URI MUST exactly match one of the Redirection URI
if _base == regbase:
# every registered query component must exist in the
# redirect_uri
if rquery:
for key, vals in rquery.items():
assert key in _query
for val in vals:
assert val in _query[key]
# and vice versa, every query component in the redirect_uri
# must be registered
if _query:
if rquery is None:
raise ValueError
for key, vals in _query.items():
assert key in rquery
for val in vals:
assert val in rquery[key]
match = True
break
if not match:
raise RedirectURIError("Doesn't match any registered uris")
# ignore query components that are not registered
return None
except Exception:
logger.error("Faulty redirect_uri: %s" % areq["redirect_uri"])
try:
_cinfo = self.cdb[str(areq["client_id"])]
except KeyError:
try:
cid = areq["client_id"]
except KeyError:
logger.error('No client id found')
raise UnknownClient('No client_id provided')
else:
logger.info("Unknown client: %s" % cid)
raise UnknownClient(areq["client_id"])
else:
logger.info("Registered redirect_uris: %s" % sanitize(_cinfo))
raise RedirectURIError(
"Faulty redirect_uri: %s" % areq["redirect_uri"])
def _split_query(self, uri):
base, query = splitquery(uri)
if query:
return base, parse_qs(query)
else:
return base, None
def _split_query(self, uri):
base, query = splitquery(uri)
if query:
return base, parse_qs(query)
else:
return base, None
def _verify_redirect_uri(self, areq):
"""
MUST NOT contain a fragment
MAY contain query component
:return: An error response if the redirect URI is faulty otherwise
None
"""
try:
_redirect_uri = unquote(areq["redirect_uri"])
part = urlparse(_redirect_uri)
if part.fragment:
raise URIError("Contains fragment")
(_base, _query) = splitquery(_redirect_uri)
if _query:
_query = parse_qs(_query)
match = False
for regbase, rquery in self.cdb[str(areq["client_id"])]["redirect_uris"]:
# The URI MUST exactly match one of the Redirection URI
if _base != regbase:
continue
if not rquery and not _query:
match = True
break
if not rquery or not _query:
continue
# every registered query component must exist in the
# redirect_uri
is_match_query = True
for key, vals in _query.items():
if key not in rquery:
is_match_query = False
break
for val in vals:
if val not in rquery[key]:
is_match_query = False
break
if not is_match_query:
break
if not is_match_query:
continue
match = True
break
if not match:
raise RedirectURIError("Doesn't match any registered uris")
# ignore query components that are not registered
return None
except Exception:
logger.error("Faulty redirect_uri: %s" % areq["redirect_uri"])
try:
_cinfo = self.cdb[str(areq["client_id"])]
except KeyError:
try:
cid = areq["client_id"]
except KeyError:
logger.error('No client id found')
raise UnknownClient('No client_id provided')
else:
logger.info("Unknown client: %s" % cid)
raise UnknownClient(areq["client_id"])
else:
logger.info("Registered redirect_uris: %s" % sanitize(_cinfo))
raise RedirectURIError(
"Faulty redirect_uri: %s" % areq["redirect_uri"])