def setUp(self):
self.mock_validator = mock.MagicMock()
self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock())
auth_code = AuthorizationCodeGrant(
request_validator=self.mock_validator)
auth_code.save_authorization_code = mock.MagicMock()
implicit = ImplicitGrant(
request_validator=self.mock_validator)
implicit.save_token = mock.MagicMock()
openid_connect_auth = OpenIDConnectAuthCode(self.mock_validator)
openid_connect_implicit = OpenIDConnectImplicit(self.mock_validator)
response_types = {
'code': auth_code,
'token': implicit,
'id_token': openid_connect_implicit,
'id_token token': openid_connect_implicit,
'code token': openid_connect_auth,
'code id_token': openid_connect_auth,
'code token id_token': openid_connect_auth,
'none': auth_code
}
self.expires_in = 1800
token = tokens.BearerToken(self.mock_validator,
expires_in=self.expires_in)
self.endpoint = AuthorizationEndpoint(
default_response_type='code',
default_token_type=token,
response_types=response_types)
def setUp(self):
self.mock_validator = mock.MagicMock()
self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock())
auth_code = AuthorizationCodeGrant(
request_validator=self.mock_validator)
auth_code.save_authorization_code = mock.MagicMock()
implicit = ImplicitGrant(request_validator=self.mock_validator)
implicit.save_token = mock.MagicMock()
openid_connect_auth = OpenIDConnectAuthCode(self.mock_validator)
openid_connect_implicit = OpenIDConnectImplicit(self.mock_validator)
response_types = {
'code': auth_code,
'token': implicit,
'id_token': openid_connect_implicit,
'id_token token': openid_connect_implicit,
'code token': openid_connect_auth,
'code id_token': openid_connect_auth,
'code token id_token': openid_connect_auth,
'none': auth_code
}
self.expires_in = 1800
token = tokens.BearerToken(self.mock_validator,
expires_in=self.expires_in)
self.endpoint = AuthorizationEndpoint(default_response_type='code',
default_token_type=token,
response_types=response_types)
def setUp(self):
self.mock_validator = mock.MagicMock()
self.mock_validator.get_code_challenge.return_value = None
self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock())
auth_code = AuthorizationCodeGrant(
request_validator=self.mock_validator)
auth_code.save_authorization_code = mock.MagicMock()
implicit = ImplicitGrant(
request_validator=self.mock_validator)
implicit.save_token = mock.MagicMock()
response_types = {
'code': auth_code,
'token': implicit,
'none': auth_code
}
self.expires_in = 1800
token = tokens.BearerToken(
self.mock_validator,
expires_in=self.expires_in
)
self.endpoint = AuthorizationEndpoint(
default_response_type='code',
default_token_type=token,
response_types=response_types
)
class ImplicitGrantTest(TestCase):
def setUp(self):
mock_client = mock.MagicMock()
mock_client.user.return_value = 'mocked user'
self.request = Request('http://a.b/path')
self.request.scopes = ('hello', 'world')
self.request.client = mock_client
self.request.client_id = 'abcdef'
self.request.response_type = 'token'
self.request.state = 'xyz'
self.request.redirect_uri = 'https://b.c/p'
self.mock_validator = mock.MagicMock()
self.auth = ImplicitGrant(request_validator=self.mock_validator)
@mock.patch('oauthlib.common.generate_token')
def test_create_token_response(self, generate_token):
generate_token.return_value = '1234'
bearer = BearerToken(self.mock_validator, expires_in=1800)
h, b, s = self.auth.create_token_response(self.request, bearer)
correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
self.assertEqual(s, 302)
self.assertURLEqual(h['Location'], correct_uri, parse_fragment=True)
self.assertEqual(self.mock_validator.save_token.call_count, 1)
correct_uri = 'https://b.c/p?access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
self.request.response_mode = 'query'
h, b, s = self.auth.create_token_response(self.request, bearer)
self.assertURLEqual(h['Location'], correct_uri)
def test_error_response(self):
pass
class ImplicitGrantTest(TestCase):
def setUp(self):
mock_client = mock.MagicMock()
mock_client.user.return_value = 'mocked user'
self.request = Request('http://a.b/path')
self.request.scopes = ('hello', 'world')
self.request.client = mock_client
self.request.client_id = 'abcdef'
self.request.response_type = 'token'
self.request.state = 'xyz'
self.request.redirect_uri = 'https://b.c/p'
self.mock_validator = mock.MagicMock()
self.auth = ImplicitGrant(request_validator=self.mock_validator)
@mock.patch('oauthlib.common.generate_token')
def test_create_token_response(self, generate_token):
generate_token.return_value = '1234'
bearer = BearerToken(self.mock_validator, expires_in=1800)
h, b, s = self.auth.create_token_response(self.request, bearer)
correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
self.assertEqual(s, 302)
self.assertURLEqual(h['Location'], correct_uri, parse_fragment=True)
self.assertEqual(self.mock_validator.save_token.call_count, 1)
correct_uri = 'https://b.c/p?access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
self.request.response_mode = 'query'
h, b, s = self.auth.create_token_response(self.request, bearer)
self.assertURLEqual(h['Location'], correct_uri)
def test_error_response(self):
pass
def setUp(self):
self.mock_validator = mock.MagicMock()
self.addCleanup(setattr, self, "mock_validator", mock.MagicMock())
auth_code = AuthorizationCodeGrant(request_validator=self.mock_validator)
auth_code.save_authorization_code = mock.MagicMock()
implicit = ImplicitGrant(request_validator=self.mock_validator)
implicit.save_token = mock.MagicMock()
response_types = {"code": auth_code, "token": implicit}
self.expires_in = 1800
token = tokens.BearerToken(self.mock_validator, expires_in=self.expires_in)
self.endpoint = AuthorizationEndpoint(
default_response_type="code", default_token_type=token, response_types=response_types
)
def setUp(self):
mock_client = mock.MagicMock()
mock_client.user.return_value = 'mocked user'
self.request = Request('http://a.b/path')
self.request.scopes = ('hello', 'world')
self.request.client = mock_client
self.request.client_id = 'abcdef'
self.request.response_type = 'token'
self.request.state = 'xyz'
self.request.redirect_uri = 'https://b.c/p'
self.mock_validator = mock.MagicMock()
self.auth = ImplicitGrant(request_validator=self.mock_validator)
class ImplicitGrantTest(TestCase):
def setUp(self):
mock_client = mock.MagicMock()
mock_client.user.return_value = 'mocked user'
self.request = Request('http://a.b/path')
self.request.scopes = ('hello', 'world')
self.request.client = mock_client
self.request.client_id = 'abcdef'
self.request.response_type = 'token'
self.request.state = 'xyz'
self.request.redirect_uri = 'https://b.c/p'
self.mock_validator = mock.MagicMock()
self.auth = ImplicitGrant(request_validator=self.mock_validator)
def test_create_token_response(self):
bearer = BearerToken(self.mock_validator, expires_in=1800)
orig_generate_token = common.generate_token
self.addCleanup(setattr, common, 'generate_token', orig_generate_token)
common.generate_token = lambda *args, **kwargs: '1234'
uri, headers, body, status_code = self.auth.create_token_response(
self.request, bearer)
correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
self.assertURLEqual(uri, correct_uri, parse_fragment=True)
def test_error_response(self):
pass
def __init__(self, request_validator, oidc_token_handler):
implicit_grant = ImplicitGrant(request_validator)
refresh_grant = RefreshTokenGrant(request_validator)
oidc_code_grant = OIDCAuthorizationCodeGrant(request_validator,
oidc_token_handler)
oidc_implicit_grant = OIDCImplicitGrant(request_validator,
oidc_token_handler)
bearer_token_handler = BearerToken(request_validator)
AuthorizationEndpoint.__init__(self,
default_response_type=oidc_code_grant,
default_token_type=bearer_token_handler,
response_types={
'code': oidc_code_grant,
'token': implicit_grant,
'id_token token': oidc_implicit_grant,
'token id_token': oidc_implicit_grant,
})
TokenEndpoint.__init__(self,
default_grant_type=oidc_code_grant,
default_token_type=bearer_token_handler,
grant_types={
'authorization_code': oidc_code_grant,
'refresh_token': refresh_grant,
})
class ImplicitGrantTest(TestCase):
def setUp(self):
mock_client = mock.MagicMock()
mock_client.user.return_value = 'mocked user'
self.request = Request('http://a.b/path')
self.request.scopes = ('hello', 'world')
self.request.client = mock_client
self.request.client_id = 'abcdef'
self.request.response_type = 'token'
self.request.state = 'xyz'
self.request.redirect_uri = 'https://b.c/p'
self.mock_validator = mock.MagicMock()
self.auth = ImplicitGrant(request_validator=self.mock_validator)
def test_create_token_response(self):
bearer = BearerToken(self.mock_validator, expires_in=1800)
orig_generate_token = common.generate_token
self.addCleanup(setattr, common, 'generate_token', orig_generate_token)
common.generate_token = lambda *args, **kwargs: '1234'
uri, headers, body, status_code = self.auth.create_token_response(
self.request, bearer)
correct_uri = 'https://b.c/p#access_token=1234&token_type=Bearer&expires_in=1800&state=xyz&scope=hello+world'
self.assertURLEqual(uri, correct_uri, parse_fragment=True)
def test_error_response(self):
pass
def __init__(self,
request_validator,
token_generator=None,
token_expires_in=None,
refresh_token_generator=None,
**kwargs):
"""Construct a new web application server.
:param request_validator: An implementation of
oauthlib.oauth2.RequestValidator.
:param token_expires_in: An int or a function to generate a token
expiration offset (in seconds) given a
oauthlib.common.Request object.
:param token_generator: A function to generate a token from a request.
:param refresh_token_generator: A function to generate a token from a
request for the refresh token.
:param kwargs: Extra parameters to pass to authorization-,
token-, resource-, and revocation-endpoint constructors.
"""
implicit_grant = ImplicitGrant(request_validator)
auth_grant = AuthorizationCodeGrant(request_validator)
refresh_grant = RefreshTokenGrant(request_validator)
openid_connect_auth = OpenIDConnectAuthCode(request_validator)
resource_owner_password_credentials_grant = ResourceOwnerPasswordCredentialsGrant(
request_validator)
bearer = BearerToken(request_validator, token_generator,
token_expires_in, refresh_token_generator)
AuthorizationEndpoint.__init__(self,
default_response_type='code',
response_types={
'code': auth_grant,
'code+token': openid_connect_auth,
'code+id_token':
openid_connect_auth,
'code+token+id_token':
openid_connect_auth,
'code token': openid_connect_auth,
'code id_token':
openid_connect_auth,
'code token id_token':
openid_connect_auth,
'token': implicit_grant
},
default_token_type=bearer)
TokenEndpoint.__init__(self,
default_grant_type='authorization_code',
grant_types={
'authorization_code':
auth_grant,
'refresh_token':
refresh_grant,
'password':
resource_owner_password_credentials_grant
},
default_token_type=bearer)
ResourceEndpoint.__init__(self,
default_token='Bearer',
token_types={'Bearer': bearer})
RevocationEndpoint.__init__(self, request_validator)
def setUp(self):
self.request = Request('http://a.b/path')
request_validator = mock.MagicMock()
implicit_grant = ImplicitGrant(request_validator)
openid_connect_implicit = OpenIDConnectImplicit(request_validator)
self.dispatcher = ImplicitTokenGrantDispatcher(
default_implicit_grant=implicit_grant,
oidc_implicit_grant=openid_connect_implicit)
def setUp(self):
mock_client = mock.MagicMock()
mock_client.user.return_value = 'mocked user'
self.request = Request('http://a.b/path')
self.request.scopes = ('hello', 'world')
self.request.client = mock_client
self.request.client_id = 'abcdef'
self.request.response_type = 'token'
self.request.state = 'xyz'
self.request.redirect_uri = 'https://b.c/p'
self.mock_validator = mock.MagicMock()
self.auth = ImplicitGrant(request_validator=self.mock_validator)
def create_token_response(self, request, token_handler):
return ImplicitGrant.create_token_response(self, request,
self._oidc_token_handler)
def __init__(self, request_validator, token_handler):
ImplicitGrant.__init__(self, request_validator)
self._oidc_token_handler = token_handler
def __init__(self, request_validator, token_expires_in=None,
token_generator=None, refresh_token_generator=None,
*args, **kwargs):
"""Construct a new all-grants-in-one server.
:param request_validator: An implementation of
oauthlib.oauth2.RequestValidator.
:param token_expires_in: An int or a function to generate a token
expiration offset (in seconds) given a
oauthlib.common.Request object.
:param token_generator: A function to generate a token from a request.
:param refresh_token_generator: A function to generate a token from a
request for the refresh token.
:param kwargs: Extra parameters to pass to authorization-,
token-, resource-, and revocation-endpoint constructors.
"""
auth_grant = AuthorizationCodeGrant(request_validator)
implicit_grant = ImplicitGrant(request_validator)
password_grant = ResourceOwnerPasswordCredentialsGrant(
request_validator)
credentials_grant = ClientCredentialsGrant(request_validator)
refresh_grant = RefreshTokenGrant(request_validator)
openid_connect_auth = OpenIDConnectAuthCode(request_validator)
openid_connect_implicit = OpenIDConnectImplicit(request_validator)
bearer = BearerToken(request_validator, token_generator,
token_expires_in, refresh_token_generator)
auth_grant_choice = AuthCodeGrantDispatcher(
default_auth_grant=auth_grant,
oidc_auth_grant=openid_connect_auth)
# See http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#Combinations for valid combinations # noqa
# internally our AuthorizationEndpoint will ensure they can appear in any order for any valid combination # noqa
AuthorizationEndpoint.__init__(
self,
default_response_type='code',
response_types={
'code': auth_grant_choice,
'token': implicit_grant,
'id_token': openid_connect_implicit,
'id_token token': openid_connect_implicit,
'code token': openid_connect_auth,
'code id_token': openid_connect_auth,
'code token id_token': openid_connect_auth,
'none': auth_grant
},
default_token_type=bearer)
TokenEndpoint.__init__(
self,
default_grant_type='authorization_code',
grant_types={
'authorization_code': openid_connect_auth,
'password': password_grant,
'client_credentials': credentials_grant,
'refresh_token': refresh_grant,
'openid': openid_connect_auth
},
default_token_type=bearer)
ResourceEndpoint.__init__(
self,
default_token='Bearer',
token_types={'Bearer': bearer})
RevocationEndpoint.__init__(self, request_validator)
def create_token_response(self, request, token_handler):
return ImplicitGrant.create_token_response(self, request,
self._oidc_token_handler)
def __init__(self, request_validator, token_handler):
ImplicitGrant.__init__(self, request_validator)
self._oidc_token_handler = token_handler
