def setUp(self): self.mock_validator = mock.MagicMock() self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock()) auth_code = AuthorizationCodeGrant( request_validator=self.mock_validator) auth_code.save_authorization_code = mock.MagicMock() implicit = ImplicitGrant( request_validator=self.mock_validator) implicit.save_token = mock.MagicMock() openid_connect_auth = OpenIDConnectAuthCode(self.mock_validator) openid_connect_implicit = OpenIDConnectImplicit(self.mock_validator) response_types = { 'code': auth_code, 'token': implicit, 'id_token': openid_connect_implicit, 'id_token token': openid_connect_implicit, 'code token': openid_connect_auth, 'code id_token': openid_connect_auth, 'code token id_token': openid_connect_auth, 'none': auth_code } self.expires_in = 1800 token = tokens.BearerToken(self.mock_validator, expires_in=self.expires_in) self.endpoint = AuthorizationEndpoint( default_response_type='code', default_token_type=token, response_types=response_types)
def setUp(self): self.mock_validator = mock.MagicMock() self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock()) auth_code = AuthorizationCodeGrant( request_validator=self.mock_validator) auth_code.save_authorization_code = mock.MagicMock() implicit = ImplicitGrant(request_validator=self.mock_validator) implicit.save_token = mock.MagicMock() openid_connect_auth = OpenIDConnectAuthCode(self.mock_validator) openid_connect_implicit = OpenIDConnectImplicit(self.mock_validator) response_types = { 'code': auth_code, 'token': implicit, 'id_token': openid_connect_implicit, 'id_token token': openid_connect_implicit, 'code token': openid_connect_auth, 'code id_token': openid_connect_auth, 'code token id_token': openid_connect_auth, 'none': auth_code } self.expires_in = 1800 token = tokens.BearerToken(self.mock_validator, expires_in=self.expires_in) self.endpoint = AuthorizationEndpoint(default_response_type='code', default_token_type=token, response_types=response_types)
def setUp(self): self.mock_validator = mock.MagicMock() self.mock_validator.get_code_challenge.return_value = None self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock()) auth_code = AuthorizationCodeGrant( request_validator=self.mock_validator) auth_code.save_authorization_code = mock.MagicMock() implicit = ImplicitGrant( request_validator=self.mock_validator) implicit.save_token = mock.MagicMock() response_types = { 'code': auth_code, 'token': implicit, 'none': auth_code } self.expires_in = 1800 token = tokens.BearerToken( self.mock_validator, expires_in=self.expires_in ) self.endpoint = AuthorizationEndpoint( default_response_type='code', default_token_type=token, response_types=response_types )
class ImplicitGrantTest(TestCase): def setUp(self): mock_client = mock.MagicMock() mock_client.user.return_value = 'mocked user' self.request = Request('http://a.b/path') self.request.scopes = ('hello', 'world') self.request.client = mock_client self.request.client_id = 'abcdef' self.request.response_type = 'token' self.request.state = 'xyz' self.request.redirect_uri = 'https://b.c/p' self.mock_validator = mock.MagicMock() self.auth = ImplicitGrant(request_validator=self.mock_validator) @mock.patch('oauthlib.common.generate_token') def test_create_token_response(self, generate_token): generate_token.return_value = '1234' bearer = BearerToken(self.mock_validator, expires_in=1800) h, b, s = self.auth.create_token_response(self.request, bearer) correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world' self.assertEqual(s, 302) self.assertURLEqual(h['Location'], correct_uri, parse_fragment=True) self.assertEqual(self.mock_validator.save_token.call_count, 1) correct_uri = 'https://b.c/p?access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world' self.request.response_mode = 'query' h, b, s = self.auth.create_token_response(self.request, bearer) self.assertURLEqual(h['Location'], correct_uri) def test_error_response(self): pass
def setUp(self): self.mock_validator = mock.MagicMock() self.addCleanup(setattr, self, "mock_validator", mock.MagicMock()) auth_code = AuthorizationCodeGrant(request_validator=self.mock_validator) auth_code.save_authorization_code = mock.MagicMock() implicit = ImplicitGrant(request_validator=self.mock_validator) implicit.save_token = mock.MagicMock() response_types = {"code": auth_code, "token": implicit} self.expires_in = 1800 token = tokens.BearerToken(self.mock_validator, expires_in=self.expires_in) self.endpoint = AuthorizationEndpoint( default_response_type="code", default_token_type=token, response_types=response_types )
def setUp(self): mock_client = mock.MagicMock() mock_client.user.return_value = 'mocked user' self.request = Request('http://a.b/path') self.request.scopes = ('hello', 'world') self.request.client = mock_client self.request.client_id = 'abcdef' self.request.response_type = 'token' self.request.state = 'xyz' self.request.redirect_uri = 'https://b.c/p' self.mock_validator = mock.MagicMock() self.auth = ImplicitGrant(request_validator=self.mock_validator)
class ImplicitGrantTest(TestCase): def setUp(self): mock_client = mock.MagicMock() mock_client.user.return_value = 'mocked user' self.request = Request('http://a.b/path') self.request.scopes = ('hello', 'world') self.request.client = mock_client self.request.client_id = 'abcdef' self.request.response_type = 'token' self.request.state = 'xyz' self.request.redirect_uri = 'https://b.c/p' self.mock_validator = mock.MagicMock() self.auth = ImplicitGrant(request_validator=self.mock_validator) def test_create_token_response(self): bearer = BearerToken(self.mock_validator, expires_in=1800) orig_generate_token = common.generate_token self.addCleanup(setattr, common, 'generate_token', orig_generate_token) common.generate_token = lambda *args, **kwargs: '1234' uri, headers, body, status_code = self.auth.create_token_response( self.request, bearer) correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world' self.assertURLEqual(uri, correct_uri, parse_fragment=True) def test_error_response(self): pass
def __init__(self, request_validator, oidc_token_handler): implicit_grant = ImplicitGrant(request_validator) refresh_grant = RefreshTokenGrant(request_validator) oidc_code_grant = OIDCAuthorizationCodeGrant(request_validator, oidc_token_handler) oidc_implicit_grant = OIDCImplicitGrant(request_validator, oidc_token_handler) bearer_token_handler = BearerToken(request_validator) AuthorizationEndpoint.__init__(self, default_response_type=oidc_code_grant, default_token_type=bearer_token_handler, response_types={ 'code': oidc_code_grant, 'token': implicit_grant, 'id_token token': oidc_implicit_grant, 'token id_token': oidc_implicit_grant, }) TokenEndpoint.__init__(self, default_grant_type=oidc_code_grant, default_token_type=bearer_token_handler, grant_types={ 'authorization_code': oidc_code_grant, 'refresh_token': refresh_grant, })
def __init__(self, request_validator, token_generator=None, token_expires_in=None, refresh_token_generator=None, **kwargs): """Construct a new web application server. :param request_validator: An implementation of oauthlib.oauth2.RequestValidator. :param token_expires_in: An int or a function to generate a token expiration offset (in seconds) given a oauthlib.common.Request object. :param token_generator: A function to generate a token from a request. :param refresh_token_generator: A function to generate a token from a request for the refresh token. :param kwargs: Extra parameters to pass to authorization-, token-, resource-, and revocation-endpoint constructors. """ implicit_grant = ImplicitGrant(request_validator) auth_grant = AuthorizationCodeGrant(request_validator) refresh_grant = RefreshTokenGrant(request_validator) openid_connect_auth = OpenIDConnectAuthCode(request_validator) resource_owner_password_credentials_grant = ResourceOwnerPasswordCredentialsGrant( request_validator) bearer = BearerToken(request_validator, token_generator, token_expires_in, refresh_token_generator) AuthorizationEndpoint.__init__(self, default_response_type='code', response_types={ 'code': auth_grant, 'code+token': openid_connect_auth, 'code+id_token': openid_connect_auth, 'code+token+id_token': openid_connect_auth, 'code token': openid_connect_auth, 'code id_token': openid_connect_auth, 'code token id_token': openid_connect_auth, 'token': implicit_grant }, default_token_type=bearer) TokenEndpoint.__init__(self, default_grant_type='authorization_code', grant_types={ 'authorization_code': auth_grant, 'refresh_token': refresh_grant, 'password': resource_owner_password_credentials_grant }, default_token_type=bearer) ResourceEndpoint.__init__(self, default_token='Bearer', token_types={'Bearer': bearer}) RevocationEndpoint.__init__(self, request_validator)
def setUp(self): self.request = Request('http://a.b/path') request_validator = mock.MagicMock() implicit_grant = ImplicitGrant(request_validator) openid_connect_implicit = OpenIDConnectImplicit(request_validator) self.dispatcher = ImplicitTokenGrantDispatcher( default_implicit_grant=implicit_grant, oidc_implicit_grant=openid_connect_implicit)
def create_token_response(self, request, token_handler): return ImplicitGrant.create_token_response(self, request, self._oidc_token_handler)
def __init__(self, request_validator, token_handler): ImplicitGrant.__init__(self, request_validator) self._oidc_token_handler = token_handler
def __init__(self, request_validator, token_expires_in=None, token_generator=None, refresh_token_generator=None, *args, **kwargs): """Construct a new all-grants-in-one server. :param request_validator: An implementation of oauthlib.oauth2.RequestValidator. :param token_expires_in: An int or a function to generate a token expiration offset (in seconds) given a oauthlib.common.Request object. :param token_generator: A function to generate a token from a request. :param refresh_token_generator: A function to generate a token from a request for the refresh token. :param kwargs: Extra parameters to pass to authorization-, token-, resource-, and revocation-endpoint constructors. """ auth_grant = AuthorizationCodeGrant(request_validator) implicit_grant = ImplicitGrant(request_validator) password_grant = ResourceOwnerPasswordCredentialsGrant( request_validator) credentials_grant = ClientCredentialsGrant(request_validator) refresh_grant = RefreshTokenGrant(request_validator) openid_connect_auth = OpenIDConnectAuthCode(request_validator) openid_connect_implicit = OpenIDConnectImplicit(request_validator) bearer = BearerToken(request_validator, token_generator, token_expires_in, refresh_token_generator) auth_grant_choice = AuthCodeGrantDispatcher( default_auth_grant=auth_grant, oidc_auth_grant=openid_connect_auth) # See http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#Combinations for valid combinations # noqa # internally our AuthorizationEndpoint will ensure they can appear in any order for any valid combination # noqa AuthorizationEndpoint.__init__( self, default_response_type='code', response_types={ 'code': auth_grant_choice, 'token': implicit_grant, 'id_token': openid_connect_implicit, 'id_token token': openid_connect_implicit, 'code token': openid_connect_auth, 'code id_token': openid_connect_auth, 'code token id_token': openid_connect_auth, 'none': auth_grant }, default_token_type=bearer) TokenEndpoint.__init__( self, default_grant_type='authorization_code', grant_types={ 'authorization_code': openid_connect_auth, 'password': password_grant, 'client_credentials': credentials_grant, 'refresh_token': refresh_grant, 'openid': openid_connect_auth }, default_token_type=bearer) ResourceEndpoint.__init__( self, default_token='Bearer', token_types={'Bearer': bearer}) RevocationEndpoint.__init__(self, request_validator)