class OAuth2Token(ModelFactory):
class Meta:
model = models.Token
sqlalchemy_session_persistence = 'flush'
userid = factory.LazyAttribute(
lambda _: ('acct:' + FAKER.user_name() + '@example.com'))
value = factory.LazyAttribute(
lambda _: (ACCESS_TOKEN_PREFIX + security.token_urlsafe()))
refresh_token = factory.LazyAttribute(
lambda _: (REFRESH_TOKEN_PREFIX + security.token_urlsafe()))
expires = factory.LazyAttribute(lambda _:
(datetime.utcnow() + timedelta(hours=1)))
authclient = factory.SubFactory(AuthClient)
def test_token_urlsafe(nbytes):
tok = token_urlsafe(nbytes)
# Should be text
assert isinstance(tok, text_type)
# Always at least nbytes of data
assert len(tok) > nbytes
def test_token_urlsafe(nbytes):
tok = token_urlsafe(nbytes)
# Should be text
assert isinstance(tok, text_type)
# Always at least nbytes of data
assert len(tok) > nbytes
class OAuth2Token(ModelFactory):
class Meta:
model = models.Token
sqlalchemy_session_persistence = "flush"
userid = factory.LazyAttribute(lambda _: (
"acct:" + FAKER.user_name() + "@example.com" # pylint:disable=no-member
))
value = factory.LazyAttribute(
lambda _: (ACCESS_TOKEN_PREFIX + security.token_urlsafe()))
refresh_token = factory.LazyAttribute(
lambda _: (REFRESH_TOKEN_PREFIX + security.token_urlsafe()))
expires = factory.LazyAttribute(lambda _:
(datetime.utcnow() + timedelta(hours=1)))
refresh_token_expires = factory.LazyAttribute(
lambda _: (datetime.utcnow() + timedelta(days=7)))
authclient = factory.SubFactory(AuthClient)
class DeveloperToken(ModelFactory):
class Meta:
model = models.Token
sqlalchemy_session_persistence = 'flush'
userid = factory.LazyAttribute(
lambda _: ('acct:' + FAKER.user_name() + '@example.com'))
value = factory.LazyAttribute(
lambda _: (DEVELOPER_TOKEN_PREFIX + security.token_urlsafe()))
class DeveloperToken(ModelFactory):
class Meta:
model = models.Token
sqlalchemy_session_persistence = "flush"
userid = factory.LazyAttribute(lambda _: (
"acct:" + FAKER.user_name() + "@example.com" # pylint:disable=no-member
))
value = factory.LazyAttribute(
lambda _: (DEVELOPER_TOKEN_PREFIX + security.token_urlsafe()))
def create_token(self, user, authclient):
"""
Creates a token for the passed-in user without any additional
verification.
It is the caller's responsibility to verify the token request, e.g. with
``verify_token_request``.
:param assertion: the user for whom the token should be created.
:type assertion: h.models.User
:rtype: h.models.Token
"""
value = ACCESS_TOKEN_PREFIX + security.token_urlsafe()
refresh_token = REFRESH_TOKEN_PREFIX + security.token_urlsafe()
token = models.Token(userid=user.userid,
value=value,
expires=(utcnow() + TOKEN_TTL),
refresh_token=refresh_token,
authclient=authclient)
self.session.add(token)
return token
def add(ctx, name, authority, type_):
"""Create a new OAuth client."""
request = ctx.obj["bootstrap"]()
client = models.AuthClient(name=name, authority=authority)
if type_ == "confidential":
client.secret = token_urlsafe()
request.db.add(client)
request.db.flush()
id_ = client.id
secret = client.secret
request.tm.commit()
message = f"OAuth client for {authority} created\nClient ID: {id_}"
if type_ == "confidential":
message += f"\nClient Secret: {secret}"
click.echo(message)
def add(ctx, name, authority, type_):
"""
Create a new OAuth client.
"""
request = ctx.obj['bootstrap']()
authclient = models.AuthClient(name=name, authority=authority)
if type_ == 'confidential':
authclient.secret = token_urlsafe()
request.db.add(authclient)
request.db.flush()
id_ = authclient.id
secret = authclient.secret
request.tm.commit()
message = ('OAuth client for {authority} created\n' 'Client ID: {id}')
if type_ == 'confidential':
message += '\nClient Secret: {secret}'
click.echo(message.format(authority=authority, id=id_, secret=secret))
def add(ctx, name, authority, type_):
"""
Create a new OAuth client.
"""
request = ctx.obj["bootstrap"]()
authclient = models.AuthClient(name=name, authority=authority)
if type_ == "confidential":
authclient.secret = token_urlsafe()
request.db.add(authclient)
request.db.flush()
id_ = authclient.id
secret = authclient.secret
request.tm.commit()
message = "OAuth client for {authority} created\n" "Client ID: {id}"
if type_ == "confidential":
message += "\nClient Secret: {secret}"
click.echo(message.format(authority=authority, id=id_, secret=secret))
def regenerate(self):
self.value = self.prefix + security.token_urlsafe()
def _generate_refresh_token(_oauth_request):
return REFRESH_TOKEN_PREFIX + token_urlsafe()
def _generate_access_token(oauth_request): # pylint: disable=unused-argument
return ACCESS_TOKEN_PREFIX + token_urlsafe()
def generate_access_token(self, oauth_request):
return ACCESS_TOKEN_PREFIX + token_urlsafe()
def __init__(self, **kwargs):
super(Token, self).__init__(**kwargs)
self.regenerate()
if self.expires:
self.refresh_token = security.token_urlsafe()
def test_token_urlsafe_no_args():
tok = token_urlsafe()
assert isinstance(tok, text_type)
assert len(tok) > 32
def regenerate(self):
self.value = self.prefix + security.token_urlsafe()
def generate_access_token(self, oauth_request):
return ACCESS_TOKEN_PREFIX + token_urlsafe()
def generate_refresh_token(self, oauth_request):
return REFRESH_TOKEN_PREFIX + token_urlsafe()
def test_token_urlsafe_no_args():
tok = token_urlsafe()
assert isinstance(tok, text_type)
assert len(tok) > 32
def _generate_token(self):
return PREFIX + security.token_urlsafe()
def _generate_token(self):
return PREFIX + security.token_urlsafe()
def __init__(self, **kwargs):
super(Token, self).__init__(**kwargs)
self.regenerate()
if self.expires:
self.refresh_token = security.token_urlsafe()
