Exemplo n.º 1
0
    def test_oauth_token(self):
        tok = OAuthToken(
            access_token='double',
            token_type='Bearer',
            scope='',
            expires_in=3600,
        )
        tok.user_id = 1
        tok.client_id = 2
        db.session.add(tok)
        db.session.commit()

        assert OAuthToken.query.get((2, 1)) is not None
        assert OAuthToken.query.get((1, 2)) is None

        tok = OAuthToken(
            access_token='double2',
            token_type='Bearer',
            scope='',
            expires_in=3600,
        )
        tok.user_id = 1
        tok.client_id = 2
        db.session.add(tok)
        self.assertRaises(IntegrityError, db.session.commit)
Exemplo n.º 2
0
    def test_update_current_user(self):
        # prepare token
        token = OAuthToken(
            access_token='current-user-access',
            refresh_token='current-user-refresh',
            token_type='Bearer',
            scope='',
            expires_in=3600,
        )
        token.user_id = 1
        token.client_id = 1
        db.session.add(token)
        db.session.commit()

        rv = self.client.patch(
            '/api/users/me',
            data=json.dumps({'description': 'unique_description'}),
            headers={
                'Authorization': 'Bearer current-user-access',
                'Content-Type': 'application/json',
            })
        assert rv.status_code == 401

        token.scope = 'user:write'
        db.session.add(token)
        db.session.commit()

        rv = self.client.patch(
            '/api/users/me',
            data=json.dumps({'description': 'unique_description'}),
            headers={
                'Authorization': 'Bearer current-user-access',
                'Content-Type': 'application/json',
            })
        assert b'unique_description' in rv.data
Exemplo n.º 3
0
    def test_update_current_user(self):
        # prepare token
        token = OAuthToken(
            access_token='current-user-access',
            refresh_token='current-user-refresh',
            token_type='Bearer',
            scope='',
            expires_in=3600,
        )
        token.user_id = 1
        token.client_id = 1
        db.session.add(token)
        db.session.commit()

        rv = self.client.patch('/api/users/me', data=json.dumps({
            'description': 'unique_description'
        }), headers={
            'Authorization': 'Bearer current-user-access',
            'Content-Type': 'application/json',
        })
        assert rv.status_code == 401

        token.scope = 'user:write'
        db.session.add(token)
        db.session.commit()

        rv = self.client.patch('/api/users/me', data=json.dumps({
            'description': 'unique_description'
        }), headers={
            'Authorization': 'Bearer current-user-access',
            'Content-Type': 'application/json',
        })
        assert b'unique_description' in rv.data
Exemplo n.º 4
0
 def get_authorized_header(self, user_id=1, scope=""):
     # prepare token
     token = OAuthToken(
         access_token=gen_salt(10), refresh_token=gen_salt(10), token_type="Bearer", scope=scope, expires_in=3600
     )
     token.user_id = user_id
     token.client_id = 1
     db.session.add(token)
     db.session.commit()
     return {"Authorization": "Bearer %s" % token.access_token, "Content-Type": "application/json"}
Exemplo n.º 5
0
 def get_authorized_header(self, user_id=1, scope=''):
     # prepare token
     token = OAuthToken(
         access_token=gen_salt(10),
         refresh_token=gen_salt(10),
         token_type='Bearer',
         scope=scope,
         expires_in=3600,
     )
     token.user_id = user_id
     token.client_id = 1
     db.session.add(token)
     db.session.commit()
     return {
         'Authorization': 'Bearer %s' % token.access_token,
         'Content-Type': 'application/json',
     }