def test_redirect_fallback(): responses.add( responses.POST, "https://example.com/oauth/access_token", body="oauth_token=xxx&oauth_token_secret=yyy", ) blueprint = OAuth1ConsumerBlueprint( "test-service", __name__, client_key="client_key", client_secret="client_secret", base_url="https://example.com", request_token_url="https://example.com/oauth/request_token", access_token_url="https://example.com/oauth/access_token", authorization_url="https://example.com/oauth/authorize", ) app = flask.Flask(__name__) app.secret_key = "secret" app.register_blueprint(blueprint, url_prefix="/login") with app.test_client() as client: resp = client.get( "/login/test-service/authorized?oauth_token=foobar&oauth_verifier=xyz", base_url="https://a.b.c", ) # check that we redirected the client assert resp.status_code == 302 assert resp.headers["Location"] == "https://a.b.c/"
def test_custom_session_class(): bp = OAuth1ConsumerBlueprint("test", __name__, client_key="client_key", client_secret="client_secret", base_url="https://example.com", request_token_url="https://example.com/oauth/request_token", access_token_url="https://example.com/oauth/access_token", authorization_url="https://example.com/oauth/authorize", redirect_to="index", session_class=CustomOAuth1Session, ) assert isinstance(bp.session, CustomOAuth1Session) assert bp.session.my_attr == "foobar"
def test_signal_sender_oauth_authorized(request): app, bp = make_app() bp2 = OAuth1ConsumerBlueprint( "test2", __name__, client_key="client_key", client_secret="client_secret", base_url="https://example.com", request_token_url="https://example.com/oauth/request_token", access_token_url="https://example.com/oauth/access_token", authorization_url="https://example.com/oauth/authorize", redirect_to="index", ) app.register_blueprint(bp2, url_prefix="/login") calls = [] def callback(*args, **kwargs): calls.append((args, kwargs)) oauth_authorized.connect(callback, sender=bp) request.addfinalizer(lambda: oauth_authorized.disconnect(callback, sender=bp)) with app.test_client() as client: bp.session.fetch_access_token = mock.Mock(return_value="test-token") bp2.session.fetch_access_token = mock.Mock(return_value="test2-token") resp = client.get( "/login/test2/authorized?oauth_token=foobar&oauth_verifier=xyz" ) assert len(calls) == 0 with app.test_client() as client: bp.session.fetch_access_token = mock.Mock(return_value="test-token") bp2.session.fetch_access_token = mock.Mock(return_value="test2-token") resp = client.get( "/login/test-service/authorized?oauth_token=foobar&oauth_verifier=xyz" ) assert len(calls) == 1 assert calls[0][0] == (bp,) assert calls[0][1] == {"token": "test-token"} with app.test_client() as client: bp.session.fetch_access_token = mock.Mock(return_value="test-token") bp2.session.fetch_access_token = mock.Mock(return_value="test2-token") resp = client.get( "/login/test2/authorized?oauth_token=foobar&oauth_verifier=xyz" ) assert len(calls) == 1 # unchanged
def make_app(login_url=None): blueprint = OAuth1ConsumerBlueprint("test-service", __name__, client_key="client_key", client_secret="client_secret", base_url="https://example.com", request_token_url="https://example.com/oauth/request_token", access_token_url="https://example.com/oauth/access_token", authorization_url="https://example.com/oauth/authorize", redirect_to="index", login_url=login_url, ) app = flask.Flask(__name__) app.secret_key = "secret" app.register_blueprint(blueprint, url_prefix="/login") @app.route("/") def index(): return "index" return app, blueprint
def test_rule_kwargs(): blueprint = OAuth1ConsumerBlueprint( "test-service", __name__, client_key="client_key", client_secret="client_secret", base_url="https://example.com", request_token_url="https://example.com/oauth/request_token", access_token_url="https://example.com/oauth/access_token", authorization_url="https://example.com/oauth/authorize", redirect_to="my_view", rule_kwargs={"host": "example2.com"}, ) app = flask.Flask(__name__) app.secret_key = "secret" app.register_blueprint(blueprint, url_prefix="/login") rules = [ rule for rule in app.url_map.iter_rules() if rule.endpoint.startswith("test-service.") ] assert all(rule.host == "example2.com" for rule in rules) assert len(rules) == 2
def make_jira_blueprint( base_url, consumer_key=None, rsa_key=None, redirect_url=None, redirect_to=None, login_url=None, authorized_url=None, session_class=None, backend=None): """ Make a blueprint for authenticating with JIRA using OAuth 1. This requires a consumer key and RSA key for the JIRA application link. You should either pass them to this constructor, or make sure that your Flask application config defines them, using the variables JIRA_OAUTH_CONSUMER_KEY and JIRA_OAUTH_RSA_KEY. Args: base_url (str): The base URL of your JIRA installation. For example, for Atlassian's hosted Cloud JIRA, the base_url would be ``https://jira.atlassian.com`` consumer_key (str): The consumer key for your Application Link on JIRA rsa_key (str or path): The RSA private key for your Application Link on JIRA. This can be the contents of the key as a string, or a path to the key file on disk. redirect_url (str): the URL to redirect to after the authentication dance is complete redirect_to (str): if ``redirect_url`` is not defined, the name of the view to redirect to after the authentication dance is complete. The actual URL will be determined by :func:`flask.url_for` login_url (str, optional): the URL path for the ``login`` view. Defaults to ``/jira`` authorized_url (str, optional): the URL path for the ``authorized`` view. Defaults to ``/jira/authorized``. session_class (class, optional): The class to use for creating a Requests session. Defaults to :class:`~flask_dance.contrib.jira.JsonOAuth1Session`. backend: A storage backend class, or an instance of a storage backend class, to use for this blueprint. Defaults to :class:`~flask_dance.consumer.backend.session.SessionBackend`. :rtype: :class:`~flask_dance.consumer.OAuth1ConsumerBlueprint` :returns: A :ref:`blueprint <flask:blueprints>` to attach to your Flask app. """ if rsa_key and os.path.isfile(rsa_key): with open(rsa_key) as f: rsa_key = f.read() base_url = URLObject(base_url) jira_bp = OAuth1ConsumerBlueprint("jira", __name__, client_key=consumer_key, rsa_key=rsa_key, signature_method=SIGNATURE_RSA, base_url=base_url, request_token_url=base_url.relative("plugins/servlet/oauth/request-token"), access_token_url=base_url.relative("plugins/servlet/oauth/access-token"), authorization_url=base_url.relative("plugins/servlet/oauth/authorize"), redirect_url=redirect_url, redirect_to=redirect_to, login_url=login_url, authorized_url=authorized_url, session_class=session_class or JsonOAuth1Session, backend=backend, ) jira_bp.from_config["client_key"] = "JIRA_OAUTH_CONSUMER_KEY" jira_bp.from_config["rsa_key"] = "JIRA_OAUTH_RSA_KEY" @jira_bp.before_app_request def set_applocal_session(): ctx = stack.top ctx.jira_oauth = jira_bp.session return jira_bp
def make_twitter_blueprint( api_key=None, api_secret=None, redirect_url=None, redirect_to=None, login_url=None, authorized_url=None, session_class=None, storage=None, ): """ Make a blueprint for authenticating with Twitter using OAuth 1. This requires an API key and API secret from Twitter. You should either pass them to this constructor, or make sure that your Flask application config defines them, using the variables :envvar:`TWITTER_OAUTH_CLIENT_KEY` and :envvar:`TWITTER_OAUTH_CLIENT_SECRET`. Args: api_key (str): The API key for your Twitter application api_secret (str): The API secret for your Twitter application redirect_url (str): the URL to redirect to after the authentication dance is complete redirect_to (str): if ``redirect_url`` is not defined, the name of the view to redirect to after the authentication dance is complete. The actual URL will be determined by :func:`flask.url_for` login_url (str, optional): the URL path for the ``login`` view. Defaults to ``/twitter`` authorized_url (str, optional): the URL path for the ``authorized`` view. Defaults to ``/twitter/authorized``. session_class (class, optional): The class to use for creating a Requests session. Defaults to :class:`~flask_dance.consumer.requests.OAuth1Session`. storage: A token storage class, or an instance of a token storage class, to use for this blueprint. Defaults to :class:`~flask_dance.consumer.storage.session.SessionStorage`. :rtype: :class:`~flask_dance.consumer.OAuth1ConsumerBlueprint` :returns: A :ref:`blueprint <flask:blueprints>` to attach to your Flask app. """ twitter_bp = OAuth1ConsumerBlueprint( "twitter", __name__, client_key=api_key, client_secret=api_secret, base_url="https://api.twitter.com/1.1/", request_token_url="https://api.twitter.com/oauth/request_token", access_token_url="https://api.twitter.com/oauth/access_token", authorization_url="https://api.twitter.com/oauth/authorize", redirect_url=redirect_url, redirect_to=redirect_to, login_url=login_url, authorized_url=authorized_url, session_class=session_class, storage=storage, ) twitter_bp.from_config["client_key"] = "TWITTER_OAUTH_CLIENT_KEY" twitter_bp.from_config["client_secret"] = "TWITTER_OAUTH_CLIENT_SECRET" @twitter_bp.before_app_request def set_applocal_session(): ctx = stack.top ctx.twitter_oauth = twitter_bp.session return twitter_bp