def secret_for_others(self, environ, start_response): r"""This can not be accessed from oauth""" if not not_oauth().is_met(environ): start_response('401 ', [('Content-Type', 'text/plain')]) return HTTPUnauthorized() start_response('200 OK', [('Content-Type', 'text/plain')]) return ['This is for all except oauth']
def test_with_credentials(self): r"""Test how not_oauth handles credentials""" env = self._make_environ() # Do not even try to pass consumers env['repoze.what.credentials']['repoze.what.userid'] = \ 'consumer:Some Consumer' p = not_oauth() self.eval_unmet_predicate(p, env, 'Access through OAuth forbidden') env = self._make_environ() env['repoze.who.identity']['repoze.who.consumerkey'] = 'Some Consumer' p = not_oauth() self.eval_unmet_predicate(p, env, 'Access through OAuth forbidden') # While simple users will do env = self._make_environ() env['repoze.who.identity']['repoze.who.userid'] = 'Some User' p = not_oauth() self.eval_met_predicate(p, env)
def test_without_credentials(self): r"""Test how not_oauth behaves without credentials""" env = self._make_environ() p = not_oauth() # We're good to go! As long as we don't mention oauth and consumers self.eval_met_predicate(p, env)