def test_get_create_remote_token(models_fixture): """Test create remote token.""" app = models_fixture existing_email = "*****@*****.**" datastore = app.extensions['invenio-accounts'].datastore user = datastore.find_user(email=existing_email) t = RemoteToken.create(user.id, "dev", "mytoken", "mysecret") assert t assert t.token() == ('mytoken', 'mysecret') acc = RemoteAccount.get(user.id, "dev") assert acc assert t.remote_account.id == acc.id assert t.token_type == '' t2 = RemoteToken.create( user.id, "dev", "mytoken2", "mysecret2", token_type='t2' ) assert t2.remote_account.id == acc.id assert t2.token_type == 't2' t3 = RemoteToken.get(user.id, "dev") t4 = RemoteToken.get(user.id, "dev", token_type="t2") assert t4.token() != t3.token() assert RemoteToken.query.count() == 2 acc.delete() assert RemoteToken.query.count() == 0
def test_get_create(self): from invenio_oauthclient.models import RemoteAccount, RemoteToken t = RemoteToken.create(self.u1, "dev", "mytoken", "mysecret") assert t assert t.token() == ('mytoken', 'mysecret') acc = RemoteAccount.get(self.u1, "dev") assert acc assert t.remote_account.id == acc.id assert t.token_type == '' t2 = RemoteToken.create(self.u1, "dev", "mytoken2", "mysecret2", token_type='t2') assert t2.remote_account.id == acc.id assert t2.token_type == 't2' t3 = RemoteToken.get(self.u1, "dev") t4 = RemoteToken.get(self.u1, "dev", token_type="t2") assert t4.token() != t3.token() assert RemoteToken.query.count() == 2 acc.delete() assert RemoteToken.query.count() == 0
def test_get_create(self): from invenio_oauthclient.models import RemoteAccount, RemoteToken t = RemoteToken.create(self.u1, "dev", "mytoken", "mysecret") assert t assert t.token() == ('mytoken', 'mysecret') acc = RemoteAccount.get(self.u1, "dev") assert acc assert t.remote_account.id == acc.id assert t.token_type == '' t2 = RemoteToken.create( self.u1, "dev", "mytoken2", "mysecret2", token_type='t2' ) assert t2.remote_account.id == acc.id assert t2.token_type == 't2' t3 = RemoteToken.get(self.u1, "dev") t4 = RemoteToken.get(self.u1, "dev", token_type="t2") assert t4.token() != t3.token() assert RemoteToken.query.count() == 2 acc.delete() assert RemoteToken.query.count() == 0
def test_get_create_remote_token(models_fixture, example): """Test create remote token.""" app = models_fixture existing_email = "*****@*****.**" datastore = app.extensions['invenio-accounts'].datastore user = datastore.find_user(email=existing_email) t = RemoteToken.create(user.id, "dev", "mytoken", "mysecret") assert t assert t.token() == ('mytoken', 'mysecret') acc = RemoteAccount.get(user.id, "dev") assert acc assert t.remote_account.id == acc.id assert t.token_type == '' t2 = RemoteToken.create(user.id, "dev", "mytoken2", "mysecret2", token_type='t2') assert t2.remote_account.id == acc.id assert t2.token_type == 't2' t3 = RemoteToken.get(user.id, "dev") t4 = RemoteToken.get(user.id, "dev", token_type="t2") assert t4.token() != t3.token() assert RemoteToken.query.count() == 2 acc.delete() assert RemoteToken.query.count() == 0
def test_get_create_remote_token(app, example): """Test create remote token.""" existing_email = "*****@*****.**" datastore = app.extensions["invenio-accounts"].datastore user = datastore.find_user(email=existing_email) t = RemoteToken.create(user.id, "dev", "mytoken", "mysecret") assert t assert t.token() == ("mytoken", "mysecret") acc = RemoteAccount.get(user.id, "dev") assert acc assert t.remote_account.id == acc.id assert t.token_type == "" t2 = RemoteToken.create(user.id, "dev", "mytoken2", "mysecret2", token_type="t2") assert t2.remote_account.id == acc.id assert t2.token_type == "t2" t3 = RemoteToken.get(user.id, "dev") t4 = RemoteToken.get(user.id, "dev", token_type="t2") assert t4.token() != t3.token() assert RemoteToken.query.count() == 2 acc.delete() assert RemoteToken.query.count() == 0
def test_get_create_remote_token(app, models_fixture): """Test create remote token.""" existing_email = '*****@*****.**' datastore = app.extensions['invenio-accounts'].datastore user = datastore.find_user(email=existing_email) t = RemoteToken.create(user.id, 'dev', 'mytoken', 'mysecret') assert t assert t.token() == ('mytoken', 'mysecret') acc = RemoteAccount.get(user.id, 'dev') assert acc assert t.remote_account.id == acc.id assert t.token_type == '' t2 = RemoteToken.create( user.id, 'dev', 'mytoken2', 'mysecret2', token_type='t2' ) assert t2.remote_account.id == acc.id assert t2.token_type == 't2' t3 = RemoteToken.get(user.id, 'dev') t4 = RemoteToken.get(user.id, 'dev', token_type='t2') assert t4.token() != t3.token() assert RemoteToken.query.count() == 2 acc.delete() assert RemoteToken.query.count() == 0
def test_get_regression(self): from invenio_oauthclient.models import RemoteToken t3 = RemoteToken.create(self.u2, "dev", "mytoken", "mysecret") t4 = RemoteToken.create(self.u3, "dev", "mytoken", "mysecret") assert RemoteToken.get(self.u2, "dev").remote_account.user_id == t3.remote_account.user_id assert RemoteToken.get(self.u3, "dev").remote_account.user_id == t4.remote_account.user_id
def test_get_regression(self): from invenio_oauthclient.models import RemoteToken t3 = RemoteToken.create(self.u2, "dev", "mytoken", "mysecret") t4 = RemoteToken.create(self.u3, "dev", "mytoken", "mysecret") assert RemoteToken.get(self.u2, "dev").remote_account.user_id == \ t3.remote_account.user_id assert RemoteToken.get(self.u3, "dev").remote_account.user_id == \ t4.remote_account.user_id
def test_get_regression(app, example): """Test regression.""" datastore = app.extensions["invenio-accounts"].datastore email2 = "*****@*****.**" email3 = "*****@*****.**" user2 = datastore.find_user(email=email2) user3 = datastore.find_user(email=email3) t3 = RemoteToken.create(user2.id, "dev", "mytoken", "mysecret") t4 = RemoteToken.create(user3.id, "dev", "mytoken", "mysecret") assert RemoteToken.get(user2.id, "dev").remote_account.user_id == t3.remote_account.user_id assert RemoteToken.get(user3.id, "dev").remote_account.user_id == t4.remote_account.user_id
def get_api(user_id=None): """Get an authenticated GitHub API interface.""" if user_id: access_token = RemoteToken.get(user_id, get_client_id()).access_token else: access_token = get_remote().get_request_token()[0] return init_api(access_token)
def token_getter(remote, token=''): """Retrieve OAuth access token. Used by flask-oauthlib to get the access token when making requests. :param remote: The remote application. :param token: Type of token to get. Data passed from ``oauth.request()`` to identify which token to retrieve. (Default: ``''``) :returns: The token. """ session_key = token_session_key(remote.name) if session_key not in session and current_user.is_authenticated: # Fetch key from token store if user is authenticated, and the key # isn't already cached in the session. remote_token = RemoteToken.get( current_user.get_id(), remote.consumer_key, token_type=token, ) if remote_token is None: return None # Store token and secret in session session[session_key] = remote_token.token() return session.get(session_key, None)
def token_setter(remote, token, secret='', token_type='', extra_data=None, user=None): """Set token for user. :param remote: The remote application. :param token: The token to set. :param token_type: The token type. (Default: ``''``) :param extra_data: Extra information. (Default: ``None``) :param user: The user owner of the remote token. If it's not defined, the current user is used automatically. (Default: ``None``) :returns: A :class:`invenio_oauthclient.models.RemoteToken` instance or ``None``. """ session[token_session_key(remote.name)] = (token, secret) user = user or current_user # Save token if user is not anonymous (user exists but can be not active at # this moment) if not user.is_anonymous: uid = user.id cid = remote.consumer_key # Check for already existing token t = RemoteToken.get(uid, cid, token_type=token_type) if t: t.update_token(token, secret) else: t = RemoteToken.create( uid, cid, token, secret, token_type=token_type, extra_data=extra_data ) return t return None
def access_token(self): """Return OAuth access token.""" if self.user_id: return RemoteToken.get( self.user_id, self.remote.consumer_key ).access_token return self.remote.get_request_token()[0]
def build_fs(self, current_user, credentials, root=None, callback_url=None, request=None, session=None): """Build google drive filesystem.""" url = url_for('oauthclient.login', remote_app='google_drive') client_id = oauth.remote_apps['google_drive'].consumer_key client_secret = oauth.remote_apps['google_drive'].consumer_secret user_id = current_user.get_id() token = RemoteToken.get(user_id, client_id) if token is not None: credentials = { 'access_token': token.access_token, 'client_id': client_id, 'client_secret': client_secret, 'refresh_token': token.remote_account.extra_data.get('refresh_token'), 'token_expiry': None, 'token_uri': 'https://accounts.google.com/o/oauth2/token' } try: filesystem = GoogleDriveFS(root, credentials) filesystem.about() return filesystem except Exception: raise CloudRedirectUrl(url, __name__) else: raise CloudRedirectUrl(url, __name__)
def token_getter(remote, token=''): """Retrieve OAuth access token. Used by flask-oauthlib to get the access token when making requests. :param remote: The remote application. :param token: Type of token to get. Data passed from ``oauth.request()`` to identify which token to retrieve. (Default: ``''``) :returns: The token. """ session_key = token_session_key(remote.name) if session_key not in session and current_user.is_authenticated: # Fetch key from token store if user is authenticated, and the key # isn't already cached in the session. remote_token = RemoteToken.get( current_user.get_id(), remote.consumer_key, token_type=token, ) if remote_token is None: return None # Store token and secret in session session[session_key] = remote_token.token() return session.get(session_key, None)
def test_get_regression(app, example): """Test regression.""" datastore = app.extensions['invenio-accounts'].datastore email2 = "*****@*****.**" email3 = "*****@*****.**" user2 = datastore.find_user(email=email2) user3 = datastore.find_user(email=email3) t3 = RemoteToken.create(user2.id, "dev", "mytoken", "mysecret") t4 = RemoteToken.create(user3.id, "dev", "mytoken", "mysecret") assert RemoteToken.get(user2.id, "dev").remote_account.user_id == \ t3.remote_account.user_id assert RemoteToken.get(user3.id, "dev").remote_account.user_id == \ t4.remote_account.user_id
def test_get_regression(app, models_fixture): """Test regression.""" datastore = app.extensions['invenio-accounts'].datastore email2 = '*****@*****.**' email3 = '*****@*****.**' user2 = datastore.find_user(email=email2) user3 = datastore.find_user(email=email3) t3 = RemoteToken.create(user2.id, 'dev', 'mytoken', 'mysecret') t4 = RemoteToken.create(user3.id, 'dev', 'mytoken', 'mysecret') assert RemoteToken.get(user2.id, 'dev').remote_account.user_id == \ t3.remote_account.user_id assert RemoteToken.get(user3.id, 'dev').remote_account.user_id == \ t4.remote_account.user_id
def test_get_regression(models_fixture): """Test regression.""" app = models_fixture datastore = app.extensions['invenio-accounts'].datastore email2 = '*****@*****.**' email3 = '*****@*****.**' user2 = datastore.find_user(email=email2) user3 = datastore.find_user(email=email3) t3 = RemoteToken.create(user2.id, 'dev', 'mytoken', 'mysecret') t4 = RemoteToken.create(user3.id, 'dev', 'mytoken', 'mysecret') assert RemoteToken.get(user2.id, 'dev').remote_account.user_id == \ t3.remote_account.user_id assert RemoteToken.get(user3.id, 'dev').remote_account.user_id == \ t4.remote_account.user_id
def session_token(self): """Return OAuth session token.""" session_token = None if self.user_id is not None: session_token = token_getter(self.remote) if session_token: token = RemoteToken.get(self.user_id, self.remote.consumer_key, access_token=session_token[0]) return token return None
def session_token(self): """Return OAuth session token.""" session_token = None if self.user_id is not None: session_token = token_getter(self.remote) if session_token: token = RemoteToken.get( self.user_id, self.remote.consumer_key, access_token=session_token[0] ) return token return None
def get_token(user_id=None): """Retrieve token for linked GitHub account.""" session_token = None if user_id is None: session_token = token_getter(get_remote()) if session_token: token = RemoteToken.get( current_user.get_id(), get_client_id(), access_token=session_token[0] ) return token return None
def test_utilities(models_fixture): """Test utilities.""" app = models_fixture datastore = app.extensions['invenio-accounts'].datastore assert obj_or_import_string('invenio_oauthclient.errors') # User existing_email = '*****@*****.**' user = datastore.find_user(email=existing_email) # Authenticate assert not _get_external_id({}) assert not oauth_authenticate('dev', user, require_existing_link=True) _security.confirmable = True _security.login_without_confirmation = False user.confirmed_at = None assert not oauth_authenticate('dev', user) # Tokens t = RemoteToken.create(user.id, 'dev', 'mytoken', 'mysecret') assert \ RemoteToken.get(user.id, 'dev', access_token='mytoken') == \ RemoteToken.get_by_token('dev', 'mytoken') assert oauth_get_user('dev', access_token=t.access_token) == user assert \ oauth_get_user('dev', account_info={ 'user': { 'email': existing_email } }) == user # Link user to external id external_id = {'id': '123', 'method': 'test_method'} oauth_link_external_id(user, external_id) with pytest.raises(AlreadyLinkedError): oauth_link_external_id(user, external_id) assert oauth_get_user('dev', account_info={ 'external_id': external_id['id'], 'external_method': external_id['method'] }) == user # Cleanup oauth_unlink_external_id(external_id) acc = RemoteAccount.get(user.id, 'dev') acc.delete()
def test_utilities(models_fixture): """Test utilities.""" app = models_fixture datastore = app.extensions['invenio-accounts'].datastore assert obj_or_import_string('invenio_oauthclient.errors') # User existing_email = '*****@*****.**' user = datastore.find_user(email=existing_email) # Authenticate assert not _get_external_id({}) assert not oauth_authenticate('dev', user, require_existing_link=True) _security.confirmable = True _security.login_without_confirmation = False user.confirmed_at = None assert not oauth_authenticate('dev', user) # Tokens t = RemoteToken.create(user.id, 'dev', 'mytoken', 'mysecret') assert \ RemoteToken.get(user.id, 'dev', access_token='mytoken') == \ RemoteToken.get_by_token('dev', 'mytoken') assert oauth_get_user('dev', access_token=t.access_token) == user assert \ oauth_get_user('dev', account_info={'user': {'email': existing_email}}) == user # Link user to external id external_id = {'id': '123', 'method': 'test_method'} oauth_link_external_id(user, external_id) with pytest.raises(AlreadyLinkedError): oauth_link_external_id(user, external_id) assert oauth_get_user('dev', account_info={ 'external_id': external_id['id'], 'external_method': external_id['method'] }) == user # Cleanup oauth_unlink_external_id(external_id) acc = RemoteAccount.get(user.id, 'dev') acc.delete()
def disconnect(remote): """Disconnect callback handler for GitHub. This is a test! """ # User must be authenticated if not current_user.is_authenticated(): return current_app.login_manager.unauthorized() token = RemoteToken.get(current_user.get_id(), remote.consumer_key) if token: disconnect_github.delay(remote.name, token.access_token, token.remote_account.extra_data) token.remote_account.delete() return redirect(url_for('oauthclient_settings.index'))
def disconnect(remote): """Disconnect callback handler for GitHub. This is a test! """ # User must be authenticated if not current_user.is_authenticated(): return current_app.login_manager.unauthorized() token = RemoteToken.get(current_user.get_id(), remote.consumer_key) if token: disconnect_github.delay( remote.name, token.access_token, token.remote_account.extra_data ) token.remote_account.delete() return redirect(url_for('oauthclient_settings.index'))
def disconnect(remote): """Disconnect callback handler for GitHub.""" # User must be authenticated if not current_user.is_authenticated: return current_app.login_manager.unauthorized() external_method = 'github' external_ids = [i.id for i in current_user.external_identifiers if i.method == external_method] if external_ids: oauth_unlink_external_id(dict(id=external_ids[0], method=external_method)) user_id = current_user.get_id() token = RemoteToken.get(user_id, remote.consumer_key) if token: extra_data = token.remote_account.extra_data # Delete the token that we issued for GitHub to deliver webhooks webhook_token_id = extra_data.get('tokens', {}).get('webhook') ProviderToken.query.filter_by(id=webhook_token_id).delete() # Disable GitHub webhooks from our side db_repos = Repository.query.filter_by(user_id=user_id).all() # Keep repositories with hooks to pass to the celery task later on repos_with_hooks = [(r.github_id, r.hook) for r in db_repos if r.hook] for repo in db_repos: try: Repository.disable(user_id=user_id, github_id=repo.github_id, name=repo.name) except NoResultFound: # If the repository doesn't exist, no action is necessary pass db.session.commit() # Send Celery task for webhooks removal and token revocation disconnect_github.delay(token.access_token, repos_with_hooks) # Delete the RemoteAccount (along with the associated RemoteToken) token.remote_account.delete() return redirect(url_for('invenio_oauthclient_settings.index'))
def disconnect(remote): """Disconnect callback handler for GitHub.""" # User must be authenticated if not current_user.is_authenticated: return current_app.login_manager.unauthorized() external_method = 'github' external_ids = [i.id for i in current_user.external_identifiers if i.method == external_method] if external_ids: oauth_unlink_external_id(dict(id=external_ids[0], method=external_method)) user_id = int(current_user.get_id()) token = RemoteToken.get(user_id, remote.consumer_key) if token: extra_data = token.remote_account.extra_data # Delete the token that we issued for GitHub to deliver webhooks webhook_token_id = extra_data.get('tokens', {}).get('webhook') ProviderToken.query.filter_by(id=webhook_token_id).delete() # Disable GitHub webhooks from our side db_repos = Repository.query.filter_by(user_id=user_id).all() # Keep repositories with hooks to pass to the celery task later on repos_with_hooks = [(r.github_id, r.hook) for r in db_repos if r.hook] for repo in db_repos: try: Repository.disable(user_id=user_id, github_id=repo.github_id, name=repo.name) except NoResultFound: # If the repository doesn't exist, no action is necessary pass db.session.commit() # Send Celery task for webhooks removal and token revocation disconnect_github.delay(token.access_token, repos_with_hooks) # Delete the RemoteAccount (along with the associated RemoteToken) token.remote_account.delete() return redirect(url_for('invenio_oauthclient_settings.index'))
def test_utilities(models_fixture): """Test utilities.""" app = models_fixture datastore = app.extensions["invenio-accounts"].datastore assert obj_or_import_string("invenio_oauthclient.errors") # User existing_email = "*****@*****.**" user = datastore.find_user(email=existing_email) # Authenticate assert not _get_external_id({}) assert not oauth_authenticate("dev", user, require_existing_link=True) _security.confirmable = True _security.login_without_confirmation = False user.confirmed_at = None assert not oauth_authenticate("dev", user) # Tokens t = RemoteToken.create(user.id, "dev", "mytoken", "mysecret") assert RemoteToken.get(user.id, "dev", access_token="mytoken") == RemoteToken.get_by_token("dev", "mytoken") assert oauth_get_user("dev", access_token=t.access_token) == user assert oauth_get_user("dev", account_info={"user": {"email": existing_email}}) == user # Link user to external id external_id = {"id": "123", "method": "test_method"} oauth_link_external_id(user, external_id) with pytest.raises(AlreadyLinkedError): oauth_link_external_id(user, external_id) assert ( oauth_get_user("dev", account_info={"external_id": external_id["id"], "external_method": external_id["method"]}) == user ) # Cleanup oauth_unlink_external_id(external_id) acc = RemoteAccount.get(user.id, "dev") acc.delete()
def token_setter(remote, token, secret='', token_type='', extra_data=None, user=None): """Set token for user. :param remote: The remote application. :param token: The token to set. :param token_type: The token type. (Default: ``''``) :param extra_data: Extra information. (Default: ``None``) :param user: The user owner of the remote token. If it's not defined, the current user is used automatically. (Default: ``None``) :returns: A :class:`invenio_oauthclient.models.RemoteToken` instance or ``None``. """ session[token_session_key(remote.name)] = (token, secret) user = user or current_user # Save token if user is not anonymous (user exists but can be not active at # this moment) if not user.is_anonymous: uid = user.id cid = remote.consumer_key # Check for already existing token t = RemoteToken.get(uid, cid, token_type=token_type) if t: t.update_token(token, secret) else: t = RemoteToken.create(uid, cid, token, secret, token_type=token_type, extra_data=extra_data) return t return None
def build_fs(self, current_user, credentials, root=None, callback_url=None, request=None, session=None): """Build dropbox filesystem.""" url = url_for('oauthclient.login', remote_app='dropbox') client_id = oauth.remote_apps['dropbox'].consumer_key user_id = current_user.get_id() token = RemoteToken.get(user_id, client_id) if token is not None: credentials = {'access_token': token.access_token} try: filesystem = DropboxFS(root, credentials) filesystem.about() return filesystem except ResourceNotFoundError: if(root != "/"): filesystem = DropboxFS("/", credentials) filesystem.makedir(root, recursive=True) filesystem = DropboxFS(root, credentials) return filesystem except Exception: raise CloudRedirectUrl(url, __name__) else: raise CloudRedirectUrl(url, __name__)
def test_token_getter_setter(views_fixture, monkeypatch): """Test token getter setter.""" # Mock session id monkeypatch.setattr('flask_login._create_identifier', lambda: '1234') monkeypatch.setattr('invenio_oauthclient.views.client._create_identifier', lambda: '1234') app = views_fixture oauth = app.extensions['oauthlib.client'] # Mock user user = MagicMock() user.id = 1 user.get_id = MagicMock(return_value=1) user.is_anonymous = False with patch('flask_login._get_user', return_value=user): with app.test_client() as c: # First call login to be redirected res = c.get(url_for("invenio_oauthclient.login", remote_app='full')) assert res.status_code == 302 assert res.location.startswith( oauth.remote_apps['full'].authorize_url) state = parse_qs(urlparse(res.location).query)['state'][0] # Mock resposen class mock_response(app.extensions['oauthlib.client'], 'full') # Imitate that the user authorized our request in the remote # application. c.get( url_for( "invenio_oauthclient.authorized", remote_app='full', code='test', state=state, )) # Assert if everything is as it should be. from flask import session as flask_session assert flask_session['oauth_token_full'] == \ ('test_access_token', '') t = RemoteToken.get(1, "fullid") assert t.remote_account.client_id == 'fullid' assert t.access_token == 'test_access_token' assert RemoteToken.query.count() == 1 # Mock a new authorized request mock_response(app.extensions['oauthlib.client'], 'full', data={ "access_token": "new_access_token", "scope": "", "token_type": "bearer" }) c.get( url_for("invenio_oauthclient.authorized", remote_app='full', code='test', state=state)) t = RemoteToken.get(1, "fullid") assert t.access_token == 'new_access_token' assert RemoteToken.query.count() == 1 val = token_getter( app.extensions['oauthlib.client'].remote_apps['full']) assert val == ('new_access_token', '') # Disconnect account res = c.get( url_for( "invenio_oauthclient.disconnect", remote_app='full', )) assert res.status_code == 302 assert res.location.endswith( url_for('invenio_oauthclient_settings.index')) # Assert that remote account have been removed. t = RemoteToken.get(1, "fullid") assert t is None # TODO: Figure out what is leaving session open & blocked db.session.close()
def test_token_getter_setter(app_rest, monkeypatch): """Test token getter setter.""" # Mock session id monkeypatch.setattr('invenio_oauthclient._compat._create_identifier', lambda: '1234') monkeypatch.setattr( 'invenio_oauthclient.views.client._create_identifier', lambda: '1234') oauth = app_rest.extensions['oauthlib.client'] # Mock user user = MagicMock() user.id = 1 user.get_id = MagicMock(return_value=1) user.is_anonymous = False with app_rest.test_client() as c: login_user_via_session(c, user) # First call login to be redirected res = c.get(url_for('invenio_oauthclient.rest_login', remote_app='full')) assert res.status_code == 302 assert res.location.startswith( oauth.remote_apps['full'].authorize_url ) state = parse_qs(urlparse(res.location).query)['state'][0] # Mock resposen class mock_response(app_rest.extensions['oauthlib.client'], 'full') # Imitate that the user authorized our request in the remote # application. c.get(url_for( 'invenio_oauthclient.rest_authorized', remote_app='full', code='test', state=state, )) # Assert if everything is as it should be. from flask import session as flask_session assert flask_session['oauth_token_full'] == \ ('test_access_token', '') t = RemoteToken.get(1, 'fullid') assert t.remote_account.client_id == 'fullid' assert t.access_token == 'test_access_token' assert RemoteToken.query.count() == 1 # Mock a new authorized request mock_response(app_rest.extensions['oauthlib.client'], 'full', data={ 'access_token': 'new_access_token', 'scope': "", 'token_type': 'bearer' }) c.get(url_for( 'invenio_oauthclient.rest_authorized', remote_app='full', code='test', state=state )) t = RemoteToken.get(1, 'fullid') assert t.access_token == 'new_access_token' assert RemoteToken.query.count() == 1 val = token_getter( app_rest.extensions['oauthlib.client'].remote_apps['full']) assert val == ('new_access_token', '') # Disconnect account res = c.get(url_for( 'invenio_oauthclient.rest_disconnect', remote_app='full', )) assert res.status_code == 302 expected_url_args = { "message": "Successfully disconnected.", "code": 200 } check_response_redirect_url_args(res, expected_url_args) # Assert that remote account have been removed. t = RemoteToken.get(1, 'fullid') assert t is None # TODO: Figure out what is leaving session open & blocked db.session.close()
def test_token_getter_setter(self, session, save_session): from invenio_oauthclient.models import RemoteToken from invenio_oauthclient.handlers import token_getter from invenio_oauthclient.client import oauth # Mock user user = MagicMock() user.get_id = MagicMock(return_value=1) user.is_authenticated = MagicMock(return_value=True) # Mock session id session.sid = '1234' with patch('flask_login._get_user', return_value=user): with self.app.test_client() as c: # First call login to be redirected res = c.get(url_for("oauthclient.login", remote_app='full')) assert res.status_code == 302 assert res.location.startswith( oauth.remote_apps['full'].authorize_url) state = parse_qs(urlparse(res.location).query)['state'][0] # Mock resposen class self.mock_response(app='full') # Imitate that the user authorized our request in the remote # application. c.get( url_for( "oauthclient.authorized", remote_app='full', code='test', state=state, )) # Assert if everything is as it should be. from flask import session as flask_session assert flask_session['oauth_token_full'] == \ ('test_access_token', '') t = RemoteToken.get(1, "fullid") assert t.remote_account.client_id == 'fullid' assert t.access_token == 'test_access_token' assert RemoteToken.query.count() == 1 # Mock a new authorized request self.mock_response(app='full', data={ "access_token": "new_access_token", "scope": "", "token_type": "bearer" }) c.get( url_for("oauthclient.authorized", remote_app='full', code='test', state=state)) t = RemoteToken.get(1, "fullid") assert t.access_token == 'new_access_token' assert RemoteToken.query.count() == 1 val = token_getter(oauth.remote_apps['full']) assert val == ('new_access_token', '') # Disconnect account res = c.get( url_for( "oauthclient.disconnect", remote_app='full', )) assert res.status_code == 302 assert res.location.endswith( url_for('oauthclient_settings.index')) # Assert that remote account have been removed. t = RemoteToken.get(1, "fullid") assert t is None
def access_token(self): """Return OAuth access token.""" if self.user_id: return RemoteToken.get(self.user_id, self.remote.consumer_key).access_token return self.remote.get_request_token()[0]
def test_token_getter_setter(monkeypatch): """Test token getter setter.""" # Mock session id monkeypatch.setattr('flask_login._create_identifier', lambda: '1234') monkeypatch.setattr( 'invenio_oauthclient.views.client._create_identifier', lambda: '1234') app = setup_app() oauth = app.extensions['oauthlib.client'] # Mock user user = MagicMock() user.id = 1 user.get_id = MagicMock(return_value=1) user.is_anonymous = False with patch('flask_login._get_user', return_value=user): with app.test_client() as c: # First call login to be redirected res = c.get(url_for("invenio_oauthclient.login", remote_app='full')) assert res.status_code == 302 assert res.location.startswith( oauth.remote_apps['full'].authorize_url ) state = parse_qs(urlparse(res.location).query)['state'][0] # Mock resposen class mock_response(app.extensions['oauthlib.client'], 'full') # Imitate that the user authorized our request in the remote # application. c.get(url_for( "invenio_oauthclient.authorized", remote_app='full', code='test', state=state, )) # Assert if everything is as it should be. from flask import session as flask_session assert flask_session['oauth_token_full'] == \ ('test_access_token', '') t = RemoteToken.get(1, "fullid") assert t.remote_account.client_id == 'fullid' assert t.access_token == 'test_access_token' assert RemoteToken.query.count() == 1 # Mock a new authorized request mock_response(app.extensions['oauthlib.client'], 'full', data={ "access_token": "new_access_token", "scope": "", "token_type": "bearer" }) c.get(url_for( "invenio_oauthclient.authorized", remote_app='full', code='test', state=state )) t = RemoteToken.get(1, "fullid") assert t.access_token == 'new_access_token' assert RemoteToken.query.count() == 1 val = token_getter( app.extensions['oauthlib.client'].remote_apps['full']) assert val == ('new_access_token', '') # Disconnect account res = c.get(url_for( "invenio_oauthclient.disconnect", remote_app='full', )) assert res.status_code == 302 assert res.location.endswith( url_for('invenio_oauthclient_settings.index') ) # Assert that remote account have been removed. t = RemoteToken.get(1, "fullid") assert t is None
def test_token_getter_setter(self, session, save_session): from invenio_oauthclient.models import RemoteToken from invenio_oauthclient.handlers import token_getter from invenio_oauthclient.client import oauth # Mock user user = MagicMock() user.get_id = MagicMock(return_value=1) user.is_authenticated = MagicMock(return_value=True) # Mock session id session.sid = '1234' with patch('flask_login._get_user', return_value=user): with self.app.test_client() as c: # First call login to be redirected res = c.get(url_for("oauthclient.login", remote_app='full')) assert res.status_code == 302 assert res.location.startswith( oauth.remote_apps['full'].authorize_url ) state = parse_qs(urlparse(res.location).query)['state'][0] # Mock resposen class self.mock_response(app='full') # Imitate that the user authorized our request in the remote # application. c.get(url_for( "oauthclient.authorized", remote_app='full', code='test', state=state, )) # Assert if everything is as it should be. from flask import session as flask_session assert flask_session['oauth_token_full'] == \ ('test_access_token', '') t = RemoteToken.get(1, "fullid") assert t.remote_account.client_id == 'fullid' assert t.access_token == 'test_access_token' assert RemoteToken.query.count() == 1 # Mock a new authorized request self.mock_response(app='full', data={ "access_token": "new_access_token", "scope": "", "token_type": "bearer" }) c.get(url_for( "oauthclient.authorized", remote_app='full', code='test', state=state )) t = RemoteToken.get(1, "fullid") assert t.access_token == 'new_access_token' assert RemoteToken.query.count() == 1 val = token_getter(oauth.remote_apps['full']) assert val == ('new_access_token', '') # Disconnect account res = c.get(url_for( "oauthclient.disconnect", remote_app='full', )) assert res.status_code == 302 assert res.location.endswith( url_for('oauthclient_settings.index') ) # Assert that remote account have been removed. t = RemoteToken.get(1, "fullid") assert t is None