def test_wrapper(self):
class TestServer(Server):
@catch_errors_and_unavailability
def throw_error(self, uri):
raise ValueError()
@catch_errors_and_unavailability
def throw_oauth_error(self, uri):
raise OAuth2Error()
@catch_errors_and_unavailability
def throw_fatal_oauth_error(self, uri):
raise FatalClientError()
validator = RequestValidator()
server = TestServer(validator)
server.catch_errors = True
h, b, s = server.throw_error('a')
self.assertIn("server_error", b)
self.assertEqual(s, 500)
server.available = False
h, b, s = server.throw_error('a')
self.assertIn("temporarily_unavailable", b)
self.assertEqual(s, 503)
server.available = True
self.assertRaises(OAuth2Error, server.throw_oauth_error, 'a')
self.assertRaises(FatalClientError, server.throw_fatal_oauth_error, 'a')
server.catch_errors = False
self.assertRaises(OAuth2Error, server.throw_oauth_error, 'a')
self.assertRaises(FatalClientError, server.throw_fatal_oauth_error, 'a')
def test_error_catching(self):
validator = RequestValidator()
server = Server(validator)
server.catch_errors = True
h, b, s = server.create_authorization_response('https://example.com')
self.assertIn("server_error", b)
self.assertEqual(s, 500)
def test_unavailability(self):
validator = RequestValidator()
server = Server(validator)
server.available = False
h, b, s = server.create_authorization_response('https://example.com')
self.assertIn("temporarily_unavailable", b)
self.assertEqual(s, 503)
def test_grant_types(config):
from oauthlib.oauth2 import ImplicitGrant, RequestValidator
from pyramid_oauthlib import Server
server = config.registry.oauth
validator = RequestValidator()
config.add_grant_type(MockGrant, request_validator=validator)
config.add_grant_type('oauthlib.oauth2.ImplicitGrant', 'implicit')
default = server.default_grant_type_handler
assert validator is default.request_validator
assert default is server.grant_types['']
assert isinstance(server.grant_types[''], MockGrant)
assert isinstance(server.grant_types['implicit'], ImplicitGrant)
with pytest.raises(AttributeError):
request = testing.DummyRequest()
request.grant_type = None
server.create_token_response(request)
with patch.object(Server, 'default_token_type') as token:
request = testing.DummyRequest()
request.grant_type = None
server.create_token_response(request, credentials={'userid': 'jill'})
assert default.create_token_response.called_with(request, token)
assert request.extra_credentials == {'userid': 'jill'}
with patch.object(ImplicitGrant, 'create_token_response') as g:
request.grant_type = 'implicit'
server.create_token_response(request)
assert g.called_with(request, token)
def unauthenticated_userid(self, request):
validator = RequestValidator(request)
token_generator = generate_token
server = BackendApplicationServer(validator, token_generator)
# bw compat
token = request.environ.get(self.environ_key)
if token is not None:
request.authorization = 'Bearer %s' % token
try:
valid, r = server.verify_request(
request.url,
request.method,
None,
request.headers,
['annotations'],
)
except:
valid = False
if valid:
return r.user
# bw compat
personas = request.session.get('personas', [])
if len(personas):
return personas[0]
return None
def test_token_types(config):
from oauthlib.oauth2 import BearerToken, RequestValidator
server = config.registry.oauth
validator = RequestValidator()
config.add_token_type(MockToken, request_validator=validator)
config.add_token_type('oauthlib.oauth2.BearerToken', 'Bearer')
default = server.default_token_type_handler
assert validator is default.request_validator
assert default is server.tokens['']
assert server.tokens[''] is default
assert isinstance(server.tokens[''], MockToken)
assert isinstance(server.tokens['Bearer'], BearerToken)
request = testing.DummyRequest()
request.access_token = 'feedfeed'
request.token_type = None
server.verify_request(request, scopes=['foo'])
call = default.validate_request
assert call.called_with(request)
assert request.scopes == ['foo']
with patch.object(validator, 'validate_bearer_token') as token_validator:
request.authorization = 'Bearer deadbeef'
server.verify_request(request, scopes=['bar'])
call = server.tokens['Bearer'].validate_request
assert token_validator.called_with('deadbeef', ['bar'], request)
def test_error_catching(self):
validator = RequestValidator()
server = Server(validator)
server.catch_errors = True
h, b, s = server.create_token_response(
'https://example.com', body='grant_type=authorization_code&code=abc'
)
self.assertIn("server_error", b)
self.assertEqual(s, 500)
def setUp(self):
self.validator = MagicMock(wraps=RequestValidator())
self.validator.authenticate_client.return_value = True
self.validator.revoke_token.return_value = True
self.endpoint = RevocationEndpoint(self.validator)
self.uri = 'https://example.com/revoke_token'
self.headers = {
'Content-Type': 'application/x-www-form-urlencoded',
}
def test_method_contracts(self):
v = RequestValidator()
self.assertRaises(NotImplementedError, v.authenticate_client, 'r')
self.assertRaises(NotImplementedError, v.authenticate_client_id,
'client_id', 'r')
self.assertRaises(NotImplementedError, v.confirm_redirect_uri,
'client_id', 'code', 'redirect_uri', 'client',
'request')
self.assertRaises(NotImplementedError, v.get_default_redirect_uri,
'client_id', 'request')
self.assertRaises(NotImplementedError, v.get_default_scopes,
'client_id', 'request')
self.assertRaises(NotImplementedError, v.get_original_scopes,
'refresh_token', 'request')
self.assertFalse(
v.is_within_original_scope(['scope'], 'refresh_token', 'request'))
self.assertRaises(NotImplementedError, v.invalidate_authorization_code,
'client_id', 'code', 'request')
self.assertRaises(NotImplementedError, v.save_authorization_code,
'client_id', 'code', 'request')
self.assertRaises(NotImplementedError, v.save_bearer_token, 'token',
'request')
self.assertRaises(NotImplementedError, v.validate_bearer_token,
'token', 'scopes', 'request')
self.assertRaises(NotImplementedError, v.validate_client_id,
'client_id', 'request')
self.assertRaises(NotImplementedError, v.validate_code, 'client_id',
'code', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_grant_type,
'client_id', 'grant_type', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_redirect_uri,
'client_id', 'redirect_uri', 'request')
self.assertRaises(NotImplementedError, v.validate_refresh_token,
'refresh_token', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_response_type,
'client_id', 'response_type', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_scopes, 'client_id',
'scopes', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_user, 'username',
'password', 'client', 'request')
self.assertTrue(v.client_authentication_required('r'))
self.assertFalse(
v.is_origin_allowed('client_id', 'https://foo.bar', 'r'))
def test_method_contracts(self):
v = RequestValidator()
self.assertRaises(NotImplementedError, v.authenticate_client, 'r')
self.assertRaises(NotImplementedError, v.authenticate_client_id,
'client_id', 'r')
self.assertRaises(NotImplementedError, v.confirm_redirect_uri,
'client_id', 'code', 'redirect_uri', 'client', 'request')
self.assertRaises(NotImplementedError, v.get_default_redirect_uri,
'client_id', 'request')
self.assertRaises(NotImplementedError, v.get_default_scopes,
'client_id', 'request')
self.assertRaises(NotImplementedError, v.get_original_scopes,
'refresh_token', 'request')
self.assertFalse(v.is_within_original_scope(
['scope'], 'refresh_token', 'request'))
self.assertRaises(NotImplementedError, v.invalidate_authorization_code,
'client_id', 'code', 'request')
self.assertRaises(NotImplementedError, v.save_authorization_code,
'client_id', 'code', 'request')
self.assertRaises(NotImplementedError, v.save_bearer_token,
'token', 'request')
self.assertRaises(NotImplementedError, v.validate_bearer_token,
'token', 'scopes', 'request')
self.assertRaises(NotImplementedError, v.validate_client_id,
'client_id', 'request')
self.assertRaises(NotImplementedError, v.validate_code,
'client_id', 'code', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_grant_type,
'client_id', 'grant_type', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_redirect_uri,
'client_id', 'redirect_uri', 'request')
self.assertRaises(NotImplementedError, v.validate_refresh_token,
'refresh_token', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_response_type,
'client_id', 'response_type', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_scopes,
'client_id', 'scopes', 'client', 'request')
self.assertRaises(NotImplementedError, v.validate_user,
'username', 'password', 'client', 'request')
self.assertTrue(v.client_authentication_required('r'))
def setUp(self):
self.validator = MagicMock(wraps=RequestValidator())
self.validator.client_authentication_required.return_value = True
self.validator.authenticate_client.return_value = True
self.validator.revoke_token.return_value = True
self.endpoint = RevocationEndpoint(self.validator)
self.uri = 'https://example.com/revoke_token'
self.headers = {
'Content-Type': 'application/x-www-form-urlencoded',
}
self.resp_h = {
'Cache-Control': 'no-store',
'Content-Type': 'application/json',
'Pragma': 'no-cache'
}
def setUp(self):
self.validator = MagicMock(wraps=RequestValidator())
self.validator.client_authentication_required.return_value = True
self.validator.authenticate_client.return_value = True
self.validator.validate_bearer_token.return_value = True
self.validator.introspect_token.return_value = {}
self.endpoint = IntrospectEndpoint(self.validator)
self.uri = 'should_not_matter'
self.headers = {
'Content-Type': 'application/x-www-form-urlencoded',
}
self.resp_h = {
'Cache-Control': 'no-store',
'Content-Type': 'application/json',
'Pragma': 'no-cache'
}
self.resp_b = {"active": True}
def test_response_types(config):
from oauthlib.oauth2 import ImplicitGrant, RequestValidator
from pyramid_oauthlib import Server
server = config.registry.oauth
validator = RequestValidator()
config.add_response_type(MockResponse, request_validator=validator)
config.add_response_type('oauthlib.oauth2.ImplicitGrant', 'token')
default = server.default_response_type_handler
assert validator is default.request_validator
assert default is server.response_types['']
assert isinstance(server.response_types[''], MockResponse)
assert isinstance(server.response_types['token'], ImplicitGrant)
with pytest.raises(AttributeError):
request = testing.DummyRequest()
request.response_type = None
server.create_authorization_response(request)
with patch.object(Server, 'default_token_type') as token:
request = testing.DummyRequest()
request.response_type = None
server.create_authorization_response(
request,
scopes=['foo'],
credentials={'userid': 'jill'},
)
call = default.create_authorization_response
assert call.called_with(request, token)
assert request.scopes == ['foo']
server.validate_authorization_request(request)
assert request.scopes is None
assert default.validate_authorization_request.called_with(request)
with patch.object(ImplicitGrant, 'create_authorization_response') as r:
request.grant_type = 'implicit'
server.create_authorization_response(request)
assert r.called_with(request, token)
def __init__(self, request_validator=None):
self.request_validator = request_validator or RequestValidator()
def __init__(self, *args, **kwargs):
self.username = None
self.user = None
self.name = None
self.client = None
RequestValidator.__init__(self, *args, **kwargs)
