def test_parse_authz_without_code(self):
sid, loc = self.consumer.begin("http://localhost:8087",
"http://localhost:8088/authorization")
atr = AuthorizationResponse(code="SplxlOBeZQQYbYS6WxSbIA", state=sid)
adict = atr.to_dict()
del adict["code"]
with pytest.raises(MissingRequiredAttribute):
self.consumer.handle_authorization_response(query=urlencode(adict))
def test_parse_authz_without_code(self):
sid, loc = self.consumer.begin("http://localhost:8087",
"http://localhost:8088/authorization")
atr = AuthorizationResponse(code="SplxlOBeZQQYbYS6WxSbIA",
state=sid)
adict = atr.to_dict()
del adict["code"]
with pytest.raises(MissingRequiredAttribute):
self.consumer.handle_authorization_response(query=urlencode(adict))
def test_consumer_parse_authz_exception():
_session_db = {}
cons = Consumer(_session_db, client_config=CLIENT_CONFIG,
server_info=SERVER_INFO, **CONSUMER_CONFIG)
cons.debug = True
sid, loc = cons.begin("http://localhost:8087",
"http://localhost:8088/authorization")
atr = AuthorizationResponse(code="SplxlOBeZQQYbYS6WxSbIA",
state=sid)
adict = atr.to_dict()
del adict["code"]
QUERY_STRING = urllib.urlencode(adict)
raises(MissingRequiredAttribute,
"cons.handle_authorization_response(query=QUERY_STRING)")
def test_consumer_parse_authz_exception():
_session_db = {}
cons = Consumer(_session_db, client_config = CLIENT_CONFIG,
server_info=SERVER_INFO, **CONSUMER_CONFIG)
cons.debug = True
environ = BASE_ENVIRON
_ = cons.begin(environ, start_response)
atr = AuthorizationResponse(code="SplxlOBeZQQYbYS6WxSbIA",
state=cons.state)
adict = atr.to_dict()
del adict["code"]
environ = BASE_ENVIRON.copy()
environ["QUERY_STRING"] = urllib.urlencode(adict)
raises(MissingRequiredAttribute,
"cons.handle_authorization_response(environ, start_response)")
def test_consumer_parse_authz_exception():
_session_db = {}
cons = Consumer(_session_db,
client_config=CLIENT_CONFIG,
server_info=SERVER_INFO,
**CONSUMER_CONFIG)
cons.debug = True
sid, loc = cons.begin("http://localhost:8087",
"http://localhost:8088/authorization")
atr = AuthorizationResponse(code="SplxlOBeZQQYbYS6WxSbIA", state=sid)
adict = atr.to_dict()
del adict["code"]
QUERY_STRING = urllib.urlencode(adict)
raises(MissingRequiredAttribute,
"cons.handle_authorization_response(query=QUERY_STRING)")
def authz_part2(self, user, areq, skey, permission=None, authn=None,
**kwargs):
"""
After the authentication this is where you should end up
:param user:
:param areq: The Authorization Request
:param skey: Session key
:param permission: A permission specification
:param authn: The Authentication Method used
:param kwargs: possible other parameters
:return: A redirect to the redirect_uri of the client
"""
_log_debug = logger.debug
_log_debug("- in authenticated() -")
self.sdb.update(skey, "auz", permission)
_log_debug("response type: %s" % areq["response_type"])
# create the response
aresp = AuthorizationResponse()
try:
aresp["state"] = areq["state"]
except KeyError:
pass
if "response_type" in areq and \
len(areq["response_type"]) == 1 and \
"none" in areq["response_type"]:
pass
else:
#if self.sdb.is_revoked(sinfo):
# return self._error(error="access_denied",
# descr="Token is revoked")
try:
aresp["scope"] = areq["scope"]
except KeyError:
pass
_log_debug("_dic: %s" % self.sdb[skey])
rtype = set(areq["response_type"][:])
if "code" in areq["response_type"]:
#if issue_new_code:
# scode = self.sdb.duplicate(_sinfo)
# _sinfo = self.sdb[scode]
_code = aresp["code"] = self.sdb.get_token(skey)
rtype.remove("code")
else:
_code = self.sdb[skey]["code"]
self.sdb.update(skey, "code", None)
if "token" in rtype:
self.sdb.upgrade_to_token(skey, issue_refresh=False,
access_grant=_code)
atr = AccessTokenResponse(**aresp.to_dict())
aresp = atr
_cont = self.sdb[skey]
_log_debug("_dic: %s" % _cont)
for key, val in _cont.items():
if key in aresp.parameters() and val is not None:
aresp[key] = val
rtype.remove("token")
if len(rtype):
return BadRequest("Unknown response type")
try:
redirect_uri = self.get_redirect_uri(areq)
except (RedirectURIError, ParameterError), err:
return BadRequest("%s" % err)
def authz_part2(self,
user,
areq,
skey,
permission=None,
authn=None,
**kwargs):
"""
After the authentication this is where you should end up
:param user:
:param areq: The Authorization Request
:param skey: Session key
:param permission: A permission specification
:param authn: The Authentication Method used
:param kwargs: possible other parameters
:return: A redirect to the redirect_uri of the client
"""
_log_debug = logger.debug
_log_debug("- in authenticated() -")
self.sdb.update(skey, "auz", permission)
_log_debug("response type: %s" % areq["response_type"])
# create the response
aresp = AuthorizationResponse()
try:
aresp["state"] = areq["state"]
except KeyError:
pass
if "response_type" in areq and \
len(areq["response_type"]) == 1 and \
"none" in areq["response_type"]:
pass
else:
# if self.sdb.is_revoked(sinfo):
# return self._error(error="access_denied",
# descr="Token is revoked")
try:
aresp["scope"] = areq["scope"]
except KeyError:
pass
_log_debug("_dic: %s" % self.sdb[skey])
rtype = set(areq["response_type"][:])
if "code" in areq["response_type"]:
#if issue_new_code:
# scode = self.sdb.duplicate(_sinfo)
# _sinfo = self.sdb[scode]
_code = aresp["code"] = self.sdb.get_token(skey)
rtype.remove("code")
else:
_code = self.sdb[skey]["code"]
self.sdb.update(skey, "code", None)
if "token" in rtype:
self.sdb.upgrade_to_token(skey,
issue_refresh=False,
access_grant=_code)
atr = AccessTokenResponse(**aresp.to_dict())
aresp = atr
_cont = self.sdb[skey]
_log_debug("_dic: %s" % _cont)
for key, val in _cont.items():
if key in aresp.parameters() and val is not None:
aresp[key] = val
rtype.remove("token")
if len(rtype):
return BadRequest("Unknown response type")
try:
redirect_uri = self.get_redirect_uri(areq)
except (RedirectURIError, ParameterError), err:
return BadRequest("%s" % err)
