class TestClientTradeCode(unittest.TestCase):
server_url = TEST_SERVER_URL
@responses.activate
def setUp(self):
self.client = Client('abc', 'cake', self.server_url)
body = '{"access_token": "yeah"}'
responses.add(responses.POST,
'https://server/v1/token',
body=body,
content_type='application/json')
self.token = self.client.trade_code('1234')
self.response = responses.calls[0]
def test_reaches_server_on_token_url(self):
self.assertEqual(self.response.request.url, 'https://server/v1/token')
def test_posts_code_to_server(self):
body = json.loads(_decoded(self.response.request.body))
expected = {
"client_secret": "cake",
"code": "1234",
"client_id": "abc"
}
self.assertEqual(body, expected)
def test_returns_access_token_given_by_server(self):
self.assertEqual(self.token, "yeah")
@responses.activate
def test_raises_error_if_access_token_not_returned(self):
responses.add(responses.POST,
'https://server/v1/token',
body='{"missing": "token"}',
content_type='application/json')
self.assertRaises(fxa.errors.OutOfProtocolError,
self.client.trade_code,
client_id='abc',
client_secret='cake',
code='1234')
@responses.activate
def test_trade_token_can_take_client_credentials_as_arguments(self):
responses.add(responses.POST,
'https://server/v1/token',
body='{"access_token": "tokay"}',
content_type='application/json')
# As positional arguments.
token = self.client.trade_code('1234', 'abc', 'cake')
self.assertEqual(token, "tokay")
# As keyword arguments.
token = self.client.trade_code(code='1234',
client_id='abc',
client_secret='cake')
self.assertEqual(token, "tokay")
def fxa_oauth_token(request):
"""Return OAuth token from authorization code.
"""
state = request.validated['state']
code = request.validated['code']
# Require on-going session
stored_redirect = request.cache.get(state)
# Make sure we cannot try twice with the same code
request.registry.cache.delete(state)
if not stored_redirect:
return authorization_required(request)
# Trade the OAuth code for a longer-lived token
auth_client = OAuthClient(server_url=fxa_conf(request, 'oauth_uri'),
client_id=fxa_conf(request, 'client_id'),
client_secret=fxa_conf(request, 'client_secret'))
try:
token = auth_client.trade_code(code)
except fxa_errors.OutOfProtocolError:
raise httpexceptions.HTTPServiceUnavailable()
except fxa_errors.InProtocolError as error:
logger.error(error)
error_details = {
'name': 'code',
'location': 'querystring',
'description': 'Firefox Account code validation failed.'
}
errors.raise_invalid(request, **error_details)
return httpexceptions.HTTPFound(location='%s%s' % (stored_redirect, token))
def fxa_oauth_token(request):
"""Return OAuth token from authorization code.
"""
state = request.validated['state']
code = request.validated['code']
# Require on-going session
stored_redirect = request.registry.cache.get(state)
# Make sure we cannot try twice with the same code
request.registry.cache.delete(state)
if not stored_redirect:
error_msg = 'The OAuth session was not found, please re-authenticate.'
return http_error(httpexceptions.HTTPRequestTimeout(),
errno=ERRORS.MISSING_AUTH_TOKEN,
message=error_msg)
# Trade the OAuth code for a longer-lived token
auth_client = OAuthClient(server_url=fxa_conf(request, 'oauth_uri'),
client_id=fxa_conf(request, 'client_id'),
client_secret=fxa_conf(request, 'client_secret'))
try:
token = auth_client.trade_code(code)
except fxa_errors.OutOfProtocolError:
raise httpexceptions.HTTPServiceUnavailable()
except fxa_errors.InProtocolError as error:
logger.error(error)
error_details = {
'name': 'code',
'location': 'querystring',
'description': 'Firefox Account code validation failed.'
}
raise_invalid(request, **error_details)
return httpexceptions.HTTPFound(location='%s%s' % (stored_redirect, token))
class TestClientTradeCode(unittest.TestCase):
server_url = TEST_SERVER_URL
@responses.activate
def setUp(self):
self.client = Client('abc', 'cake', self.server_url)
body = '{"access_token": "yeah"}'
responses.add(responses.POST,
'https://server/v1/token',
body=body,
content_type='application/json')
self.tokens = self.client.trade_code('1234')
self.response = responses.calls[0]
def _get_request_body(self):
return json.loads(_decoded(responses.calls[0].request.body))
def test_reaches_server_on_token_url(self):
self.assertEqual(self.response.request.url,
'https://server/v1/token')
def test_posts_code_to_server(self):
body = json.loads(_decoded(self.response.request.body))
expected = {
"client_secret": "cake",
"code": "1234",
"client_id": "abc"
}
self.assertEqual(body, expected)
def test_returns_access_token_given_by_server(self):
self.assertEqual(self.tokens["access_token"], "yeah")
@responses.activate
def test_raises_error_if_access_token_not_returned(self):
responses.add(responses.POST,
'https://server/v1/token',
body='{"missing": "token"}',
content_type='application/json')
self.assertRaises(fxa.errors.OutOfProtocolError,
self.client.trade_code,
client_id='abc',
client_secret='cake',
code='1234')
@responses.activate
def test_trade_token_can_take_client_credentials_as_arguments(self):
responses.add(responses.POST,
'https://server/v1/token',
body='{"access_token": "tokay"}',
content_type='application/json')
# As positional arguments.
tokens = self.client.trade_code('1234', 'abc', 'cake2')
self.assertEqual(tokens, {"access_token": "tokay"})
self.assertEqual(self._get_request_body(), {
'client_id': 'abc',
'client_secret': 'cake2',
'code': '1234',
})
# As keyword arguments.
tokens = self.client.trade_code(
code='1234',
client_id='abc',
client_secret='cake2'
)
self.assertEqual(tokens, {"access_token": "tokay"})
self.assertEqual(self._get_request_body(), {
'client_id': 'abc',
'client_secret': 'cake2',
'code': '1234',
})
@responses.activate
def test_trade_token_can_take_pkce_verifier_as_argument(self):
responses.add(responses.POST,
'https://server/v1/token',
body='{"access_token": "tokay"}',
content_type='application/json')
tokens = self.client.trade_code(
code='1234',
code_verifier='verifyme',
)
self.assertEqual(tokens, {"access_token": "tokay"})
self.assertEqual(self._get_request_body(), {
'client_id': 'abc',
'client_secret': 'cake',
'code': '1234',
'code_verifier': 'verifyme',
})