Exemplo n.º 1
0
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc", client_secret="xyz",
                                redirect_uris=[])

        token_store = TokenStore()
        token_gen = Uuid4()
        token_gen.expires_in['client_credentials'] = 3600

        auth_controller = Provider(
            access_token_store=token_store,
            auth_code_store=token_store,
            client_store=client_store,
            token_generator=token_gen)
        auth_controller.add_grant(ClientCredentialsGrant())

        app = Application(provider=auth_controller)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

        print("Starting implicit_grant oauth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
        def run_provider(queue):
            try:

                redirect_uri = "http://127.0.0.1:15487/callback"

                stores = store_factory(client_identifier="abc",
                                       client_secret="xyz",
                                       redirect_uris=[redirect_uri])

                provider = Provider(access_token_store=stores["access_token_store"],
                                    auth_code_store=stores["auth_code_store"],
                                    client_store=stores["client_store"],
                                    site_adapter=TestSiteAdapter(),
                                    token_generator=Uuid4())

                provider.add_grant(AuthorizationCodeGrant(expires_in=120))
                provider.add_grant(RefreshToken(expires_in=60))

                app = Wsgi(server=provider)

                httpd = make_server('', 15486, app,
                                    handler_class=NoLoggingHandler)

                queue.put({"result": 0})

                httpd.serve_forever()
            except Exception as e:
                queue.put({"result": 1, "error_message": str(e)})
Exemplo n.º 3
0
def run_auth_server():
    client_store = ClientStore()
    client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"])

    token_store = TokenStore()

    provider = Provider(
        access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()
    )
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    try:
        app = Application(
            [
                url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
                url(provider.token_path, OAuth2Handler, dict(provider=provider)),
            ]
        )

        app.listen(8080)
        print("Starting OAuth2 server on http://localhost:8080/...")
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
Exemplo n.º 4
0
def run_auth_server():
    client_store = ClientStore()
    # client_store.add_client(client_id="abc", client_secret="xyz",
    #                         redirect_uris=["http://localhost:8081/callback"])
    client_store.add_client(client_id="abc", client_secret="xyz",
                            redirect_uris=["http://localhost:8080/auth/realms/keycloak-express/broker/oidc/endpoint"])

    token_store = TokenStore()

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store, client_store=client_store,
                        token_generator=Uuid4())
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    try:
        app = Application([
            url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
            url(provider.token_path, OAuth2Handler, dict(provider=provider)),
        ])

        app.listen(8090)
        print("Starting OAuth2 server on http://localhost:8090/...")
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
Exemplo n.º 5
0
def run_auth_server():
    client_store = ClientStore()
    client_store.add_client(client_id="abc", client_secret="xyz",
                            redirect_uris=["http://10.10.112.59:8081/callback"])
    client_store.add_client(client_id="bcd", client_secret="fff",
                            redirect_uris=["http://10.10.112.59:50000/callback"])
    client_store.add_client(client_id="9fdc2c7a1cee0cca54c150e3e0b822eb", client_secret="zzz",
                            redirect_uris=["http://10.10.112.59:8888/callback"])

    token_store = TokenStore()

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store, client_store=client_store,
                        token_generator=Uuid4())
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    settings = dict(
        template_path=os.path.join(os.path.dirname(__file__), "templates"),
        static_path=os.path.join(os.path.dirname(__file__), "static"),
        cookie_secret='61oETzKXQAGaYdkL5gEmGEJJFuYh7EQnp2XdTP1o/Vo=',
    )
    try:
        app = Application([
            url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
            url(provider.token_path, OAuth2Handler, dict(provider=provider)),
            url("/", MainHandler),
        ], **settings)

        app.listen(8080)
        print "Starting OAuth2 server on http://10.10.112.59:8080/..."
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
Exemplo n.º 6
0
def create_auth_server():
    client_store = ClientStore()
    client_store.add_client(
        client_id="alexa.matsuoka",
        client_secret="xxxx",
        redirect_uris=[
            "https://layla.amazon.com/api/skill/link/M2Q7FOC6AVxxxx",
            "https://pitangui.amazon.com/api/skill/link/M2Q7FOC6AVxxxx",
            "https://alexa.amazon.co.jp/api/skill/link/M2Q7FOC6AVxxxx"
        ])

    token_store = TokenStore()
    token_store.save_token(
        AccessToken(client_id="alexa.matsuoka",
                    grant_type="authorization_code",
                    user_id="*****@*****.**",
                    token="xxxx"))

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store,
                        client_store=client_store,
                        token_generator=Uuid4(),
                        client_authentication_source=http_basic_auth)
    provider.add_grant(
        AuthorizationCodeGrant(site_adapter=TestSiteAdapter(),
                               unique_token=True))

    app = Application([
        url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
        url(provider.token_path, OAuth2Handler, dict(provider=provider)),
    ],
                      debug=False)

    return app
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc",
                                client_secret="xyz",
                                redirect_uris=["http://localhost:8081/"])

        token_store = TokenStore()

        provider = Provider(access_token_store=token_store,
                            auth_code_store=token_store,
                            client_store=client_store,
                            token_generator=Uuid4())
        provider.add_grant(ImplicitGrant(site_adapter=TestSiteAdapter()))

        app = Application(provider=provider)

        httpd = make_server('', 8080, app)

        print(
            "Starting implicit_grant oauth2 server on http://localhost:8080/..."
        )
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(
            client_id="abc",
            client_secret="xyz",
            redirect_uris=["http://localhost:8081/callback"])

        token_store = TokenStore()

        auth_controller = Provider(access_token_store=token_store,
                                   auth_code_store=token_store,
                                   client_store=client_store,
                                   site_adapter=TestSiteAdapter(),
                                   token_generator=Uuid4())
        auth_controller.add_grant(AuthorizationCodeGrant())

        app = Wsgi(server=auth_controller)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

        print(
            "Starting implicit_grant oauth2 server on http://localhost:8080/..."
        )
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 9
0
def run_auth_server():
    client_store = ClientStore()
    client_store.add_client(client_id="abc", client_secret="xyz",
                            redirect_uris=[],
                            authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type])

    token_store = TokenStore()

    # Generator of tokens
    token_generator = oauth2.tokengenerator.Uuid4()
    token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store, client_store=client_store,
                        token_generator=token_generator)
    # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))
    provider.add_grant(ClientCredentialsGrant())

    try:
        app = Application([
            url(provider.authorize_path, OAuth2Handler, dict(provider=provider)),
            url(provider.token_path, OAuth2Handler, dict(provider=provider)),
        ])

        app.listen(8080)
        print("Starting OAuth2 server on http://localhost:8080/...")
        IOLoop.current().start()

    except KeyboardInterrupt:
        IOLoop.close()
def run_auth_server(certfile):
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc", client_secret="xyz",
                                redirect_uris=["http://localhost:8081/callback"])

        token_store = TokenStore()

        auth_controller = Provider(
            access_token_store=token_store,
            auth_code_store=token_store,
            client_store=client_store,
            site_adapter=TestSiteAdapter(),
            token_generator=Uuid4())
        auth_controller.add_grant(AuthorizationCodeGrant())

        app = Wsgi(server=auth_controller)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)
        httpd.socket = ssl.wrap_socket(httpd.socket, certfile=certfile, server_side=True)

        print("Starting implicit_grant oauth2 server on https://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 11
0
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc", client_secret="xyz",
                                redirect_uris=[])

        token_store = TokenStore()

        provider = Provider(
            access_token_store=token_store,
            auth_code_store=token_store,
            client_store=client_store,
            token_generator=Uuid4())

        provider.add_grant(
            ResourceOwnerGrant(site_adapter=TestSiteAdapter())
        )

        app = Application(provider=provider)

        httpd = make_server('', 8080, app)

        print("Starting OAuth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 12
0
def make_application(token_store, client_store, token_gen):
    auth_controller = Provider(access_token_store=token_store,
                               auth_code_store=token_store,
                               client_store=client_store,
                               token_generator=token_gen)

    auth_controller.add_grant(ClientCredentialsGrant())
    return Application(provider=auth_controller)
Exemplo n.º 13
0
def make_application(token_store, client_store, token_gen):
    auth_controller = Provider(
        access_token_store=token_store,
        auth_code_store=token_store,
        client_store=client_store,
        token_generator=token_gen)

    auth_controller.add_grant(ClientCredentialsGrant())
    return Application(provider=auth_controller)
Exemplo n.º 14
0
def make_application(token_store, client_store, token_gen):
    provider = Provider(
        access_token_store=token_store,
        auth_code_store=token_store,
        client_store=client_store,
        token_generator=token_gen,
    )

    provider.add_grant(ResourceOwnerGrant(expires_in=3600, site_adapter=TestSiteAdapter()))
    return Application(provider=provider)
Exemplo n.º 15
0
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()
        self.token_generator_mock.expires_in = {}
        self.token_generator_mock.refresh_expires_in = 0

        self.auth_server = Provider(access_token_store=Mock(),
                                    auth_code_store=Mock(),
                                    client_store=self.client_store_mock,
                                    site_adapter=Mock(),
                                    token_generator=self.token_generator_mock,
                                    response_class=Mock())
Exemplo n.º 16
0
def make_application(token_store, client_store, token_gen):
    provider = Provider(
        access_token_store=token_store,
        auth_code_store=token_store,
        client_store=client_store,
        token_generator=token_gen)

    provider.add_grant(
        ResourceOwnerGrant(
            expires_in=3600,
            site_adapter=TestSiteAdapter())
    )
    return Application(provider=provider)
Exemplo n.º 17
0
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()

        self.response_mock = Mock(spec=Response)
        self.response_mock.body = ""
        response_class_mock = Mock(return_value=self.response_mock)

        self.token_generator_mock.expires_in = {}
        self.token_generator_mock.refresh_expires_in = 0

        self.auth_server = Provider(access_token_store=Mock(),
                                    auth_code_store=Mock(),
                                    client_store=self.client_store_mock,
                                    token_generator=self.token_generator_mock,
                                    response_class=response_class_mock)
Exemplo n.º 18
0
 def setUp(self):
     self.client_store_mock = Mock(spec=ClientStore)
     self.token_generator_mock = Mock()
     
     self.auth_server = Provider(access_token_store=Mock(),
                                            auth_code_store=Mock(),
                                            client_store=self.client_store_mock,
                                            site_adapter=Mock(),
                                            token_generator=self.token_generator_mock,
                                            response_class=Mock())
Exemplo n.º 19
0
    def get(self):
        try:
            client_store = ClientStore()
            client_store.add_client(client_id="abc", client_secret="xyz",
                                    redirect_uris=[],
                                    authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type])

            token_store = TokenStore()

            # Generator of tokens
            token_generator = oauth2.tokengenerator.Uuid4()
            token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600

            provider = Provider(access_token_store=token_store,
                                auth_code_store=token_store, client_store=client_store,
                                token_generator=token_generator)
            # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))
            provider.add_grant(ClientCredentialsGrant())
        except StandardError,e:
            result = {"success":0,"return_code":str(e),"error_msg":utils.format_error()}
Exemplo n.º 20
0
def run_auth_server(port=8282):
    print("Starting OAuth2 server on port:" + str(port))

    client_store = ClientStore()
    client_store.add_client(client_id="abc",
                            client_secret="xyz",
                            redirect_uris=["http://0.0.0.0:5000/"])

    token_store = TokenStore()

    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store,
                        client_store=client_store,
                        token_generator=Uuid4())
    provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

    app = Application(provider=provider)

    httpd = make_server('', port, app, handler_class=OAuthRequestHandler)

    httpd.serve_forever()
Exemplo n.º 21
0
        def run_provider(queue):
            try:

                redirect_uri = "http://127.0.0.1:15487/callback"

                stores = store_factory(client_identifier="abc",
                                       client_secret="xyz",
                                       redirect_uris=[redirect_uri])

                provider = Provider(
                    access_token_store=stores["access_token_store"],
                    auth_code_store=stores["auth_code_store"],
                    client_store=stores["client_store"],
                    site_adapter=TestSiteAdapter(),
                    token_generator=Uuid4())

                provider.add_grant(AuthorizationCodeGrant(expires_in=120))
                provider.add_grant(RefreshToken(expires_in=60))

                app = Wsgi(server=provider)

                httpd = make_server('',
                                    15486,
                                    app,
                                    handler_class=NoLoggingHandler)

                queue.put({"result": 0})

                httpd.serve_forever()
            except Exception as e:
                queue.put({"result": 1, "error_message": str(e)})
def run_auth_server():
    try:
        client = MongoClient('localhost', 27017)

        db = client.test_database

        client_store = ClientStore(collection=db["clients"])

        token_store = AccessTokenStore(collection=db["access_tokens"])
        code_store = AuthCodeStore(collection=db["auth_codes"])

        provider = Provider(
            access_token_store=token_store,
            auth_code_store=code_store,
            client_store=client_store,
            token_generator=Uuid4())
        provider.add_grant(
            AuthorizationCodeGrant(site_adapter=TestSiteAdapter(), scopes=["basic", "big", "long"],
                                   unique_token=True,
                                   expires_in=20
                                   )
        )

        provider.add_grant(
            RefreshToken(scopes=["basic", "big", "long"], expires_in=2592000, reissue_refresh_tokens=True)
        )

        app = Application(provider=provider)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

        print("Starting OAuth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
def create_provider():
    redirect_uri = "http://127.0.0.1:15487/callback"

    stores = store_factory(client_identifier="abc",
                           client_secret="xyz",
                           redirect_uris=[redirect_uri])

    provider = Provider(access_token_store=stores["access_token_store"],
                        auth_code_store=stores["auth_code_store"],
                        client_store=stores["client_store"],
                        token_generator=Uuid4())

    provider.add_grant(
        AuthorizationCodeGrant(
            expires_in=120,
            site_adapter=TestSiteAdapter()
        )
    )

    provider.add_grant(RefreshToken(expires_in=60))

    return provider
Exemplo n.º 24
0
    def get(self):
        try:
            client_store = ClientStore()
            client_store.add_client(client_id="abc", client_secret="xyz",
                                    redirect_uris=[],
                                    authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type])

            token_store = TokenStore()

            # Generator of tokens
            token_generator = oauth2.tokengenerator.Uuid4()
            token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600

            provider = Provider(access_token_store=token_store,
                                auth_code_store=token_store, client_store=client_store,
                                token_generator=token_generator)
            # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))
            provider.add_grant(ClientCredentialsGrant())
        except Exception as e:
            result = {"success":0,"return_code":unicode(e),"error_msg":utils.format_error()}

        self.finish(result)
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"])

        token_store = TokenStore()

        provider = Provider(
            access_token_store=token_store,
            auth_code_store=token_store,
            client_store=client_store,
            token_generator=Uuid4(),
        )
        provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter()))

        app = Application(provider=provider)

        httpd = make_server("", 8080, app, handler_class=OAuthRequestHandler)

        print("Starting OAuth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 26
0
def run_auth_server():
    try:
        client_store = ClientStore()
        client_store.add_client(client_id="abc", client_secret="xyz",
                                redirect_uris=["http://localhost:8081/"])

        token_store = TokenStore()

        auth_server = Provider(
            access_token_store=token_store,
            auth_code_store=token_store,
            client_store=client_store,
            site_adapter=TestSiteAdapter(),
            token_generator=Uuid4())
        auth_server.add_grant(ImplicitGrant())

        app = Wsgi(server=auth_server)

        httpd = make_server('', 8080, app)

        print("Starting implicit_grant oauth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 27
0
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()

        self.response_mock = Mock(spec=Response)
        self.response_mock.body = ""
        response_class_mock = Mock(return_value=self.response_mock)

        self.token_generator_mock.expires_in = {}
        self.token_generator_mock.refresh_expires_in = 0

        self.auth_server = Provider(access_token_store=Mock(),
                                    auth_code_store=Mock(),
                                    client_store=self.client_store_mock,
                                    token_generator=self.token_generator_mock,
                                    response_class=response_class_mock)
Exemplo n.º 28
0
def make_provider(session_factory, url_prefix, login_url):
    """Make an OAuth provider"""
    token_store = AccessTokenStore(session_factory)
    code_store = AuthCodeStore(session_factory)
    client_store = ClientStore(session_factory)
    
    provider = Provider(
        access_token_store=token_store,
        auth_code_store=code_store,
        client_store=client_store,
        token_generator=UUID4(),
    )
    provider.token_path = url_path_join(url_prefix, 'token')
    provider.authorize_path = url_path_join(url_prefix, 'authorize')
    site_adapter = JupyterHubSiteAdapter(login_url=login_url)
    provider.add_grant(AuthorizationCodeGrant(site_adapter=site_adapter))
    return provider
Exemplo n.º 29
0
def create_provider():
    redirect_uri = "http://127.0.0.1:15487/callback"

    stores = store_factory(client_identifier="abc",
                           client_secret="xyz",
                           redirect_uris=[redirect_uri])

    provider = Provider(access_token_store=stores["access_token_store"],
                        auth_code_store=stores["auth_code_store"],
                        client_store=stores["client_store"],
                        token_generator=Uuid4())

    provider.add_grant(
        AuthorizationCodeGrant(expires_in=120, site_adapter=TestSiteAdapter()))

    provider.add_grant(RefreshToken(expires_in=60))

    return provider
Exemplo n.º 30
0
def run_auth_server():
    try:
        client = MongoClient('localhost', 27017)

        db = client.test_database

        client_store = ClientStore(collection=db["clients"])

        # memory
        # client_store = ClientStore()
        # client_store.add_client(client_id="abc", client_secret="xyz",
        #                         redirect_uris=["http://localhost:8081/callback"])
        #
        # token_store = TokenStore()

        token_store = AccessTokenStore(collection=db["access_tokens"])
        code_store = AuthCodeStore(collection=db["auth_codes"])

        provider = Provider(access_token_store=token_store,
                            auth_code_store=code_store,
                            client_store=client_store,
                            token_generator=Uuid4())
        provider.add_grant(
            AuthorizationCodeGrant(site_adapter=TestSiteAdapter(),
                                   scopes=["test", "test2"],
                                   unique_token=True,
                                   expires_in=1))
        # auth_controller.add_grant_type(ResourceOwnerGrant(tokens_expire=600))
        provider.add_grant(
            RefreshToken(scopes=["test", "test2"],
                         expires_in=2592000,
                         reissue_refresh_tokens=True))
        # auth_controller.add_grant_type(RefreshToken(tokens_expire=1200))
        app = Application(provider=provider)

        httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler)

        print("Starting OAuth2 server on http://localhost:8080/...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 31
0
def main():
    token_store = AccessTokenStore()
    provider = Provider(access_token_store=token_store,
                        auth_code_store=token_store,
                        client_store=AuthUserStore(),
                        token_generator=Uuid4())
    provider.add_grant(
        ResourceOwnerGrant(site_adapter=AuthSiteAdapter(),
                           unique_token=True,
                           expires_in=ACCESS_TOKEN_REDIS_TTL))
    provider.add_grant(RefreshToken(expires_in=REFRESH_TOKEN_REDIS_TTL))

    app = Application(handlers=[
        url(provider.token_path, OAuth2Handler, dict(provider=provider)),
        url('/validate-token', AuthValidationHandler)
    ],
                      template_path=TEMPLATE_PATH,
                      static_path=STATIC_PATH,
                      cookie_secret=COOKIE_SECRET)

    print 'Starting OAuth Server on port %d' % options.port
    server = HTTPServer(app)
    server.listen(options.port)
    IOLoop.current().start()
Exemplo n.º 32
0
class AuthorizationControllerTestCase(unittest.TestCase):
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()
        self.token_generator_mock.expires_in = {}
        self.token_generator_mock.refresh_expires_in = 0

        self.auth_server = Provider(access_token_store=Mock(),
                                    auth_code_store=Mock(),
                                    client_store=self.client_store_mock,
                                    site_adapter=Mock(),
                                    token_generator=self.token_generator_mock,
                                    response_class=Mock())

    def test_add_grant_set_expire_time(self):
        """
        Provider.add_grant() should set the expiration time on the instance of TokenGenerator
        """
        self.auth_server.add_grant(AuthorizationCodeGrant(expires_in=400))
        self.auth_server.add_grant(ResourceOwnerGrant(expires_in=500))
        self.auth_server.add_grant(RefreshToken(expires_in=1200))

        self.assertEqual(
            self.token_generator_mock.expires_in[
                AuthorizationCodeGrant.grant_type], 400)
        self.assertEqual(
            self.token_generator_mock.expires_in[
                ResourceOwnerGrant.grant_type], 500)
        self.assertEqual(self.token_generator_mock.refresh_expires_in, 1200)

    def test_dispatch(self):
        environ = {"session": "data"}
        process_result = "response"

        request_mock = Mock(spec=Request)

        response_mock = Mock(spec=Response)
        response_class_mock = Mock(return_value=response_mock)

        grant_handler_mock = Mock(spec=["process", "read_validate_params"])
        grant_handler_mock.process.return_value = process_result

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.response_class = response_class_mock
        self.auth_server.site_adapter = Mock(spec=SiteAdapter)
        self.auth_server.add_grant(grant_factory_mock)
        result = self.auth_server.dispatch(request_mock, environ)

        grant_factory_mock.assert_called_with(request_mock, self.auth_server)
        response_class_mock.assert_called_with()
        grant_handler_mock.read_validate_params.assert_called_with(
            request_mock)
        grant_handler_mock.process.assert_called_with(request_mock,
                                                      response_mock, environ)
        self.assertEqual(result, process_result)

    def test_dispatch_no_grant_type_found(self):
        error_body = {
            "error": "unsupported_response_type",
            "error_description": "Server does not support given response_type"
        }

        request_mock = Mock(spec=Request)

        response_mock = Mock(spec=Response)
        response_class_mock = Mock(return_value=response_mock)

        self.auth_server.response_class = response_class_mock
        result = self.auth_server.dispatch(request_mock, {})

        response_mock.add_header.assert_called_with("Content-type",
                                                    "application/json")
        self.assertEqual(response_mock.status_code, 400)
        self.assertEqual(response_mock.body, json.dumps(error_body))
        self.assertEqual(result, response_mock)
Exemplo n.º 33
0
def main():
    parser = argparse.ArgumentParser(description="python-oauth2 test provider")
    parser.add_argument("--store", dest="store", type=str, default="mongodb",
                        help="The store adapter to use. Can one of 'mongodb'"\
                             "(default), 'mysql'")
    args = parser.parse_args()

    if args.store == "mongodb":
        print("Using mongodb stores...")
        client = MongoClient()

        db = client.testdb

        access_token_store = AccessTokenStore(collection=db["access_tokens"])
        auth_code_store = AuthCodeStore(collection=db["auth_codes"])
        client_store = ClientStore(collection=db["clients"])
    elif args.store == "mysql":
        print("Using mysql stores...")
        connection = mysql.connector.connect(host="127.0.0.1",
                                             user="******",
                                             passwd="",
                                             db="testdb")

        access_token_store = MysqlAccessTokenStore(connection=connection)
        auth_code_store = MysqlAuthCodeStore(connection=connection)
        client_store = MysqlClientStore(connection=connection)
    else:
        raise Exception("Unknown store")

    provider = Provider(access_token_store=access_token_store,
                        auth_code_store=auth_code_store,
                        client_store=client_store,
                        site_adapter=TestSiteAdapter(),
                        token_generator=Uuid4())

    provider.add_grant(AuthorizationCodeGrant(expires_in=120))
    provider.add_grant(ImplicitGrant())
    provider.add_grant(ResourceOwnerGrant())
    provider.add_grant(ClientCredentialsGrant())
    provider.add_grant(RefreshToken(expires_in=60))

    app = Wsgi(server=provider)

    try:
        httpd = make_server('', 8888, app)
        print("Starting test auth server on port 8888...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 34
0
class AuthorizationControllerTestCase(unittest.TestCase):
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()
        
        self.auth_server = Provider(access_token_store=Mock(),
                                               auth_code_store=Mock(),
                                               client_store=self.client_store_mock,
                                               site_adapter=Mock(),
                                               token_generator=self.token_generator_mock,
                                               response_class=Mock())
    
    def test_add_grant_set_expire_time(self):
        """
        Provider.add_grant() should set the expiration time on the instance of TokenGenerator
        """
        self.auth_server.add_grant(RefreshToken(expires_in=600))
        
        self.assertEqual(self.token_generator_mock.expires_in, 600)
    
    def test_dispatch(self):
        environ        = {"session": "data"}
        process_result = "response"
        
        request_mock = Mock(spec=Request)
        
        response_mock = Mock(spec=Response)
        response_class_mock = Mock(return_value=response_mock)
        
        grant_handler_mock = Mock(spec=["process", "read_validate_params"])
        grant_handler_mock.process.return_value = process_result
        
        grant_factory_mock = Mock(return_value=grant_handler_mock)
        
        self.auth_server.response_class = response_class_mock
        self.auth_server.site_adapter = Mock(spec=SiteAdapter)
        self.auth_server.add_grant(grant_factory_mock)
        result = self.auth_server.dispatch(request_mock, environ)
        
        grant_factory_mock.assert_called_with(request_mock, self.auth_server)
        response_class_mock.assert_called_with()
        grant_handler_mock.read_validate_params.assert_called_with(request_mock)
        grant_handler_mock.process.assert_called_with(request_mock,
                                                      response_mock, environ)
        self.assertEqual(result, process_result)
    
    def test_dispatch_no_grant_type_found(self):
        error_body = {"error": "unsupported_response_type",
                      "error_description": "Server does not support given response_type"}
        
        request_mock = Mock(spec=Request)
        
        response_mock = Mock(spec=Response)
        response_class_mock = Mock(return_value=response_mock)
        
        self.auth_server.response_class = response_class_mock
        result = self.auth_server.dispatch(request_mock, {})
        
        response_mock.add_header.assert_called_with("Content-type",
                                                    "application/json")
        self.assertEqual(response_mock.status_code, 400)
        self.assertEqual(response_mock.body, json.dumps(error_body))
        self.assertEqual(result, response_mock)
Exemplo n.º 35
0
class ProviderTestCase(unittest.TestCase):
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()

        self.response_mock = Mock(spec=Response)
        self.response_mock.body = ""
        response_class_mock = Mock(return_value=self.response_mock)

        self.token_generator_mock.expires_in = {}
        self.token_generator_mock.refresh_expires_in = 0

        self.auth_server = Provider(access_token_store=Mock(),
                                    auth_code_store=Mock(),
                                    client_store=self.client_store_mock,
                                    token_generator=self.token_generator_mock,
                                    response_class=response_class_mock)

    def test_add_grant_set_expire_time(self):
        """
        Provider.add_grant() should set the expiration time on the instance of TokenGenerator
        """
        self.auth_server.add_grant(
            AuthorizationCodeGrant(
                expires_in=400,
                site_adapter=Mock(spec=AuthorizationCodeGrantSiteAdapter)))
        self.auth_server.add_grant(
            ResourceOwnerGrant(
                expires_in=500,
                site_adapter=Mock(spec=ResourceOwnerGrantSiteAdapter)))
        self.auth_server.add_grant(RefreshToken(expires_in=1200))

        self.assertEqual(
            self.token_generator_mock.expires_in[
                AuthorizationCodeGrant.grant_type], 400)
        self.assertEqual(
            self.token_generator_mock.expires_in[
                ResourceOwnerGrant.grant_type], 500)
        self.assertEqual(self.token_generator_mock.refresh_expires_in, 1200)

    def test_dispatch(self):
        environ = {"session": "data"}
        process_result = "response"

        request_mock = Mock(spec=Request)

        grant_handler_mock = Mock(spec=["process", "read_validate_params"])
        grant_handler_mock.process.return_value = process_result

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.site_adapter = Mock(
            spec=AuthorizationCodeGrantSiteAdapter)
        self.auth_server.add_grant(grant_factory_mock)
        result = self.auth_server.dispatch(request_mock, environ)

        grant_factory_mock.assert_called_with(request_mock, self.auth_server)
        grant_handler_mock.read_validate_params.\
            assert_called_with(request_mock)
        grant_handler_mock.process.assert_called_with(request_mock,
                                                      self.response_mock,
                                                      environ)
        self.assertEqual(result, process_result)

    def test_dispatch_no_grant_type_found(self):
        error_body = {
            "error": "unsupported_response_type",
            "error_description": "Grant not supported"
        }

        request_mock = Mock(spec=Request)

        result = self.auth_server.dispatch(request_mock, {})

        self.response_mock.add_header.assert_called_with(
            "Content-Type", "application/json")
        self.assertEqual(self.response_mock.status_code, 400)
        self.assertEqual(self.response_mock.body, json.dumps(error_body))
        self.assertEqual(result, self.response_mock)

    def test_dispatch_no_client_found(self):
        request_mock = Mock(spec=Request)

        grant_handler_mock = Mock(spec=GrantHandler)
        grant_handler_mock.process.side_effect = OAuthInvalidNoRedirectError(
            error="")

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.add_grant(grant_factory_mock)
        self.auth_server.dispatch(request_mock, {})

        self.response_mock.add_header.assert_called_with(
            "Content-Type", "application/json")
        self.assertEqual(self.response_mock.status_code, 400)
        self.assertEqual(
            json.loads(self.response_mock.body)["error"],
            "invalid_redirect_uri")

    def test_dispatch_general_exception(self):
        request_mock = Mock(spec=Request)

        grant_handler_mock = Mock(spec=GrantHandler)
        grant_handler_mock.process.side_effect = KeyError

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.add_grant(grant_factory_mock)
        self.auth_server.dispatch(request_mock, {})

        self.assertTrue(grant_handler_mock.handle_error.called)
Exemplo n.º 36
0
    def __init__(self, dbconnection):
        self.templates = os.path.join(os.path.dirname(__file__),
                                      "../templates")
        self.static = os.path.join(os.path.dirname(__file__), "../static")

        # DataBase connection
        self.dbconnection = dbconnection

        ##
        # OAuth authentication service (token provider)
        # Client Store (will be taken from db)
        client_store = ClientStore()
        client_store.add_client(client_id="abc",
                                client_secret="xyz",
                                redirect_uris=["http://localhost:8111"])

        ##
        # OAuth Token Store (in memory)
        token_store = TokenStore()

        # Generator of tokens
        token_generator = Uuid4()
        #token_generator.expires_in[ClientCredentialsGrant.grant_type] = 3600

        ##
        # OAuth Provider
        provider = Provider(access_token_store=token_store,
                            auth_code_store=token_store,
                            client_store=client_store,
                            token_generator=token_generator)

        #provider.token_path = '/oauth/token'

        # Support for the authorization code grant
        provider.add_grant(
            AuthorizationCodeGrant(site_adapter=CodeGrant(self.templates)))
        # provider.add_grant(
        #     ImplicitGrant(site_adapter=Authentication())
        # )

        logger.debug(provider.authorize_path)
        logger.debug(provider.token_path)
        ##
        # Auth handlers
        auth_handlers = [
            web.url(provider.authorize_path, OAuth2Handler,
                    dict(provider=provider)),
            web.url(provider.token_path, OAuth2Handler,
                    dict(provider=provider))
        ]

        ##
        # Web
        web_handlers = [
            web.url(r"/login", login.Index),
            web.url(r"/logout", logout.Index),
            web.url(r"/password/(.*)", password.Index),
            web.url(r"/forgot_password", password.Forgot),
            web.url(r"/registration", registration.Index),
            web.url(r'/', home.Index),
            web.url(r'/settings', home.User),
            web.url(r'/projects', projects.Projects),
            web.url(r'/slices/([a-z0-9\._\-]+)', slices.Slices),
            web.url(r'/users', users.Users),
            web.url(r'/users/?(' + self.urn_regex + ')', users.Users),
            web.url(r'/activity', activity.Index),
            web.url(r'/confirm/(' + self.uuid_regex + ')?', confirm.Index),
            web.url(r'/status', status.Index),
            web.url(r'/static/(.*)', web.StaticFileHandler,
                    {'path': self.static}),
            web.url(r'/test', test.Index),
            web.url(r"/addOrganization", addOrganization.Index)
        ]

        ##
        # REST API

        rest_handlers = [
            web.url(r'/api/v1/activity?([A-Za-z0-9-]+)?', ActivityHandler),
            web.url(r'/api/v1/activity/(' + self.uuid_regex + ')?',
                    ActivityHandler),
            web.url(r'/api/v1/confirm/(' + self.uuid_regex + ')?',
                    ConfirmHandler),
            web.url(r'/api/v1/requests?([A-Za-z0-9-]+)?', RequestsHandler),
            web.url(r'/api/v1/requests/(' + self.uuid_regex + ')?',
                    RequestsHandler),
            web.url(r'/api/v1/usertoken?', UserTokenHandler),
            web.url(r'/api/v1/login', LoginHandler),
            web.url(r'/api/v1/password', PasswordHandler),
            web.url(r'/api/v1/password/(.*)', PasswordHandler),
            web.url(r'/api/v1/resources$', ResourcesHandler),
            web.url(r'/api/v1/resources/(' + self.urn_regex + ')?$',
                    ResourcesHandler),
            web.url(r'/api/v1/resources/(' + self.urn_regex + ')?/?(leases)?$',
                    ResourcesHandler),
            web.url(r'/api/v1/resources/(' + self.urn_regex + ')?/?(slices)?$',
                    ResourcesHandler),
            web.url(
                r'/api/v1/resources/(' + self.urn_regex + ')?/?(testbeds)?$',
                ResourcesHandler),
            # leases
            web.url(r'/api/v1/leases$', LeasesHandler),
            web.url(r'/api/v1/leases/([A-Za-z0-9-]+)?', LeasesHandler),
            web.url(r'/api/v1/profile$', ProfileHandler),
            # testbeds
            web.url(
                r'/api/v1/testbeds/?(' + self.urn_regex + ')?/?(resources)?$',
                TestbedsHandler),
            web.url(r'/api/v1/testbeds/?(' + self.urn_regex + ')?/?(leases)?$',
                    TestbedsHandler),
            # users
            web.url(r'/api/v1/users$', UsersHandler),
            web.url(r'/api/v1/users/(' + self.email_regex + ')$',
                    UsersHandler),
            web.url(
                r'/api/v1/users/?(' + self.urn_regex +
                ')?/?(authorities|projects|slices)?$', UsersHandler),
            web.url(r'/api/v1/users/?(authorities|projects|slices)?$',
                    UsersHandler),
            # authorities
            web.url(r'/api/v1/authorities$', AuthoritiesHandler),
            web.url(
                r'/api/v1/authorities/?(' + self.urn_regex +
                ')?/?(users|projects)?$', AuthoritiesHandler),
            # projects
            web.url(
                r'/api/v1/projects/?(' + self.urn_regex +
                ')?/?(users|slices)?$', ProjectsHandler),
            # slices
            web.url(
                r'/api/v1/slices/?(' + self.hrn_regex +
                ')?/?(users|resources)?$', SlicesHandler),
            web.url(
                r'/api/v1/slices/?(' + self.urn_regex +
                ')?/?(users|resources)?$', SlicesHandler),

            # F-Interop sessions
            # security based on the slice id
            web.url(
                r'/api/v1/finterop/sessions/?(' + self.urn_regex +
                ')?/?(start|stop)?$', FinteropSessionsHandler),
            web.url(
                r'/api/v1/finterop/sessions/?(' + self.hrn_regex +
                ')?/?(start|stop)?$', FinteropSessionsHandler),
            web.url(
                r'/api/v1/finterop/sessions/?([a-zA-Z0-9]+)?/?(start|stop)?$',
                FinteropSessionsHandler),
            #web.url(r'/api/v1/finterop/sessions/?([a-zA-Z0-9]+)?/resources$', ResourceRepoHandler),
        ]

        ##
        # Websockets API
        # SockJSRouter: configure Websocket
        WebsocketRouter = SockJSRouter(WebsocketsHandler, '/api/v1/live')

        ##
        # URLs handlers
        handlers = auth_handlers + web_handlers + rest_handlers + WebsocketRouter.urls

        settings = dict(
            cookie_secret=config.web["cookie_secret"],
            login_url="/login",
            token_secret=config.web["token_secret"],
            template_path=self.templates,
            static_path=self.static,
            #xsrf_cookies=True,
            debug=True)

        web.Application.__init__(self, handlers, **settings)
Exemplo n.º 37
0
class ProviderTestCase(unittest.TestCase):
    def setUp(self):
        self.client_store_mock = Mock(spec=ClientStore)
        self.token_generator_mock = Mock()

        self.response_mock = Mock(spec=Response)
        self.response_mock.body = ""
        response_class_mock = Mock(return_value=self.response_mock)

        self.token_generator_mock.expires_in = {}
        self.token_generator_mock.refresh_expires_in = 0

        self.auth_server = Provider(access_token_store=Mock(),
                                    auth_code_store=Mock(),
                                    client_store=self.client_store_mock,
                                    token_generator=self.token_generator_mock,
                                    response_class=response_class_mock)

    def test_add_grant_set_expire_time(self):
        """
        Provider.add_grant() should set the expiration time on the instance of TokenGenerator
        """
        self.auth_server.add_grant(
            AuthorizationCodeGrant(
                expires_in=400,
                site_adapter=Mock(spec=AuthorizationCodeGrantSiteAdapter)
            )
        )
        self.auth_server.add_grant(
            ResourceOwnerGrant(
                expires_in=500,
                site_adapter=Mock(spec=ResourceOwnerGrantSiteAdapter)
            )
        )
        self.auth_server.add_grant(RefreshToken(expires_in=1200))

        self.assertEqual(self.token_generator_mock.expires_in[AuthorizationCodeGrant.grant_type], 400)
        self.assertEqual(self.token_generator_mock.expires_in[ResourceOwnerGrant.grant_type], 500)
        self.assertEqual(self.token_generator_mock.refresh_expires_in, 1200)

    def test_dispatch(self):
        environ = {"session": "data"}
        process_result = "response"

        request_mock = Mock(spec=Request)

        grant_handler_mock = Mock(spec=["process", "read_validate_params"])
        grant_handler_mock.process.return_value = process_result

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.site_adapter = Mock(
            spec=AuthorizationCodeGrantSiteAdapter
        )
        self.auth_server.add_grant(grant_factory_mock)
        result = self.auth_server.dispatch(request_mock, environ)

        grant_factory_mock.assert_called_with(request_mock, self.auth_server)
        grant_handler_mock.read_validate_params.\
            assert_called_with(request_mock)
        grant_handler_mock.process.assert_called_with(request_mock,
                                                      self.response_mock,
                                                      environ)
        self.assertEqual(result, process_result)

    def test_dispatch_no_grant_type_found(self):
        error_body = {
            "error": "unsupported_response_type",
            "error_description": "Grant not supported"
        }

        request_mock = Mock(spec=Request)

        result = self.auth_server.dispatch(request_mock, {})

        self.response_mock.add_header.assert_called_with("Content-Type",
                                                         "application/json")
        self.assertEqual(self.response_mock.status_code, 400)
        self.assertEqual(self.response_mock.body, json.dumps(error_body))
        self.assertEqual(result, self.response_mock)

    def test_dispatch_no_client_found(self):
        request_mock = Mock(spec=Request)

        grant_handler_mock = Mock(spec=GrantHandler)
        grant_handler_mock.process.side_effect = OAuthInvalidNoRedirectError(
            error="")

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.add_grant(grant_factory_mock)
        self.auth_server.dispatch(request_mock, {})

        self.response_mock.add_header.assert_called_with("Content-Type",
                                                         "text/plain")
        self.assertEqual(self.response_mock.status_code, 400)
        self.assertEqual(self.response_mock.body, "")

    def test_dispatch_general_exception(self):
        request_mock = Mock(spec=Request)

        grant_handler_mock = Mock(spec=GrantHandler)
        grant_handler_mock.process.side_effect = KeyError

        grant_factory_mock = Mock(return_value=grant_handler_mock)

        self.auth_server.add_grant(grant_factory_mock)
        self.auth_server.dispatch(request_mock, {})

        self.assertTrue(grant_handler_mock.handle_error.called)
Exemplo n.º 38
0
def main():
    client = MongoClient()

    db = client.testdb

    access_token_store = AccessTokenStore(collection=db["access_tokens"])
    auth_code_store = AuthCodeStore(collection=db["auth_codes"])
    client_store = ClientStore(collection=db["clients"])

    provider = Provider(access_token_store=access_token_store,
                        auth_code_store=auth_code_store,
                        client_store=client_store,
                        site_adapter=TestSiteAdapter(),
                        token_generator=Uuid4())

    provider.add_grant(AuthorizationCodeGrant())
    provider.add_grant(ImplicitGrant())
    provider.add_grant(ResourceOwnerGrant())
    provider.add_grant(ClientCredentialsGrant())
    provider.add_grant(RefreshToken(expires_in=600))

    provider.enable_unique_tokens()

    app = Wsgi(server=provider)

    try:
        httpd = make_server('', 8888, app)
        print("Starting test auth server on port 8888...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 39
0
def main():
    parser = argparse.ArgumentParser(description="python-oauth2 test provider")
    parser.add_argument("--store", dest="store", type=str, default="mongodb",
                        help="The store adapter to use. Can one of 'mongodb'"\
                             "(default), 'mysql'")
    args = parser.parse_args()

    if args.store == "mongodb":
        print("Using mongodb stores...")
        client = MongoClient()

        db = client.testdb

        access_token_store = AccessTokenStore(collection=db["access_tokens"])
        auth_code_store = AuthCodeStore(collection=db["auth_codes"])
        client_store = ClientStore(collection=db["clients"])
    elif args.store == "mysql":
        print("Using mysql stores...")
        connection = mysql.connector.connect(host="127.0.0.1", user="******",
                                             passwd="", db="testdb")

        access_token_store = MysqlAccessTokenStore(connection=connection)
        auth_code_store = MysqlAuthCodeStore(connection=connection)
        client_store = MysqlClientStore(connection=connection)
    else:
        raise Exception("Unknown store")

    provider = Provider(access_token_store=access_token_store,
                        auth_code_store=auth_code_store,
                        client_store=client_store,
                        site_adapter=TestSiteAdapter(),
                        token_generator=Uuid4())

    provider.add_grant(AuthorizationCodeGrant(expires_in=120))
    provider.add_grant(ImplicitGrant())
    provider.add_grant(ResourceOwnerGrant())
    provider.add_grant(ClientCredentialsGrant())
    provider.add_grant(RefreshToken(expires_in=60))

    app = Wsgi(server=provider)

    try:
        httpd = make_server('', 8888, app)
        print("Starting test auth server on port 8888...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()
Exemplo n.º 40
0
def main():
    client = MongoClient()

    db = client.testdb

    access_token_store = AccessTokenStore(collection=db["access_tokens"])
    auth_code_store = AuthCodeStore(collection=db["auth_codes"])
    client_store = ClientStore(collection=db["clients"])

    provider = Provider(
        access_token_store=access_token_store,
        auth_code_store=auth_code_store,
        client_store=client_store,
        site_adapter=TestSiteAdapter(),
        token_generator=Uuid4(),
    )

    provider.add_grant(AuthorizationCodeGrant())
    provider.add_grant(ImplicitGrant())
    provider.add_grant(ResourceOwnerGrant())
    provider.add_grant(ClientCredentialsGrant())
    provider.add_grant(RefreshToken(expires_in=600))

    provider.enable_unique_tokens()

    app = Wsgi(server=provider)

    try:
        httpd = make_server("", 8888, app)
        print("Starting test auth server on port 8888...")
        httpd.serve_forever()
    except KeyboardInterrupt:
        httpd.server_close()