def setUpClass(cls):
logging.debug('Clearing the db...')
Container.objects.all().delete()
logging.debug('Creating user...')
cls.user = User.objects.get_or_create(username='******')[0]
logging.debug('Adding to the DB two bundles...')
cls.ids = [Container.create('search_test_1', examples.bundles1(), cls.user, False).id,
Container.create('search_test_1_other', examples.bundles2(), cls.user, False).id]
def save(self, owner, commit=True):
if self.errors:
raise ValueError("The %s could not be %s because the data didn't"
" validate." % ('Container', 'created'))
container = Container.create(self.cleaned_data['rec_id'], self.bundle, owner, self.cleaned_data['public'])
save = False
if 'submission' in self.files:
file_sub = self.files['submission']
sub = Submission.objects.create()
sub.content.save(sub.timestamp.strftime('%Y-%m-%d%H-%M-%S')+file_sub._name, file_sub)
container.submission = sub
save = True
for l in self.cleaned_data['license']:
container.license.add(l)
save = True
if save:
container.save()
return container
def testOAuthAccess(self):
self.user = User.objects.create_user('jane', '*****@*****.**', 'toto')
self.resource = Resource.objects.get_or_create(name='api', url='/api/')
self.CONSUMER_KEY = 'dpf43f3p2l4k3l03'
self.CONSUMER_SECRET = 'kd94hf93k423kf44'
self.consumer, _ = Consumer.objects.get_or_create(
key=self.CONSUMER_KEY, secret=self.CONSUMER_SECRET,
defaults={
'name': 'Test',
'description': 'Testing...'
})
pb = ProvBundle()
pb._decode_JSON_container('')
self.bundle = Container.create('test_bundle', pb, self.user)
c = Client()
response = c.get("/oauth/request_token/")
self.assertEqual(response.status_code, 401)
import time
parameters = {
'oauth_consumer_key': self.CONSUMER_KEY,
'oauth_signature_method': 'PLAINTEXT',
'oauth_signature': '%s&' % self.CONSUMER_SECRET,
'oauth_timestamp': str(int(time.time())),
'oauth_nonce': 'requestnonce',
'oauth_version': '1.0',
'oauth_callback': 'http://test/request_token_ready',
'scope': 'api',
}
response = c.get("/oauth/request_token/", parameters)
self.assertEqual(response.status_code, 200)
token = list(Token.objects.all())[-1]
self.assertIn(token.key, response.content)
self.assertIn(token.secret, response.content)
self.assertTrue(token.callback_confirmed)
parameters = {'oauth_token': token.key,}
response = c.get("/oauth/authorize/", parameters)
self.assertEqual(response.status_code, 302)
self.assertIn(token.key, response['Location'])
c.login(username='******', password='******')
self.assertFalse(token.is_approved)
response = c.get("/oauth/authorize/", parameters)
self.assertEqual(response.status_code, 200)
# fake authorization by the user
parameters['authorize_access'] = 1
response = c.post("/oauth/authorize/", parameters)
self.assertEqual(response.status_code, 302)
token = Token.objects.get(key=token.key)
self.assertIn(token.key, response['Location'])
self.assertTrue(token.is_approved)
c.logout()
# Exchange the Request token for an Access token
parameters = {
'oauth_consumer_key': self.CONSUMER_KEY,
'oauth_token': token.key,
'oauth_signature_method': 'PLAINTEXT',
'oauth_signature': '%s&%s' % (self.CONSUMER_SECRET, token.secret),
'oauth_timestamp': str(int(time.time())),
'oauth_nonce': 'accessnonce',
'oauth_version': '1.0',
'oauth_verifier': token.verifier,
'scope': 'api',
}
response = c.get("/oauth/access_token/", parameters)
self.assertEqual(response.status_code, 200)
access_token = list(Token.objects.filter(token_type=Token.ACCESS))[-1]
self.assertIn(access_token.key, response.content)
self.assertIn(access_token.secret, response.content)
self.assertEqual(access_token.user.username, self.user.username)
# Generating signature base string
parameters = {
'oauth_consumer_key': self.CONSUMER_KEY,
'oauth_token': access_token.key,
'oauth_signature_method': 'HMAC-SHA1',
'oauth_timestamp': str(int(time.time())),
'oauth_nonce': 'accessresourcenonce',
'oauth_version': '1.0',
}
url_path = "/api/v0/bundle/%d/" % self.bundle.id
oauth_request = oauth.Request.from_token_and_callback(access_token, http_url='http://testserver' + url_path, parameters=parameters)
signature_method = oauth.SignatureMethod_HMAC_SHA1()
signature = signature_method.sign(oauth_request, self.consumer, access_token)
parameters['oauth_signature'] = signature
response = c.get(url_path + '?format=json', parameters)
self.assertEqual(response.status_code, 200)
