def validate_client_id(client_id):
if not client_id:
return False
try:
db_oauth_client.get_client(client_id)
return True
except db_exceptions.NoDataFoundException:
return False
def test_update(self):
oauth_client = self.create_dummy_application()
db_oauth_client.update(
client_id=oauth_client["client_id"],
name="Testing Application",
desc="An app for testing",
)
client = db_oauth_client.get_client(oauth_client["client_id"])
self.assertEqual(client["name"], "Testing Application")
self.assertEqual(client["desc"], "An app for testing")
def test_update(self):
oauth_client = self.create_dummy_application()
db_oauth_client.update(
client_id=oauth_client["client_id"],
name="Testing Application",
desc="An app for testing",
)
client = db_oauth_client.get_client(oauth_client["client_id"])
self.assertEqual(client["name"], "Testing Application")
self.assertEqual(client["desc"], "An app for testing")
def delete(client_id):
try:
application = db_oauth_client.get_client(client_id)
except db_exceptions.NoDataFoundException:
raise NotFound()
if str(application["user_id"]) != current_user.id:
raise NotFound()
db_oauth_client.delete(application["client_id"])
flash.success(gettext('You have deleted an application.'))
return redirect(url_for('.index'))
def authorize_prompt():
"""OAuth 2.0 authorization endpoint."""
response_type = request.args.get('response_type')
client_id = request.args.get('client_id')
redirect_uri = request.args.get('redirect_uri')
scope = request.args.get('scope')
state = request.args.get('state')
if request.method == 'GET': # Client requests access
oauth.validate_authorization_request(client_id, response_type, redirect_uri, scope)
client = db_oauth_client.get_client(client_id)
return render_template('oauth/prompt.html', client=client, scope=scope,
cancel_url=build_url(redirect_uri, dict(error='access_denied')))
if request.method == 'POST': # User grants access to the client
oauth.validate_authorization_request(client_id, response_type, redirect_uri, scope)
code = oauth.generate_grant(client_id, current_user.id, redirect_uri, scope)
return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def authorize_prompt():
"""OAuth 2.0 authorization endpoint."""
response_type = request.args.get('response_type')
client_id = request.args.get('client_id')
redirect_uri = request.args.get('redirect_uri')
scope = request.args.get('scope')
state = request.args.get('state')
if request.method == 'GET': # Client requests access
oauth.validate_authorization_request(client_id, response_type,
redirect_uri, scope)
client = db_oauth_client.get_client(client_id)
return render_template('oauth/prompt.html',
client=client,
scope=scope,
cancel_url=build_url(
redirect_uri, dict(error='access_denied')))
if request.method == 'POST': # User grants access to the client
oauth.validate_authorization_request(client_id, response_type,
redirect_uri, scope)
code = oauth.generate_grant(client_id, current_user.id, redirect_uri,
scope)
return redirect(build_url(redirect_uri, dict(code=code, state=state)))
def edit(client_id):
try:
application = db_oauth_client.get_client(client_id)
except db_exceptions.NoDataFoundException:
raise NotFound()
if str(application["user_id"]) != current_user.id:
raise NotFound()
form = ApplicationForm()
if form.validate_on_submit():
db_oauth_client.update(
client_id=application["client_id"],
name=form.name.data,
desc=form.desc.data,
website=form.website.data,
redirect_uri=form.redirect_uri.data,
)
flash.success(gettext("You have updated an application!"))
return redirect(url_for('.index'))
form.name.data = application["name"]
form.desc.data = application["desc"]
form.website.data = application["website"]
form.redirect_uri.data = application["redirect_uri"]
return render_template('profile/applications/edit.html', form=form)
def validate_client_redirect_uri(client_id, redirect_uri):
client = db_oauth_client.get_client(client_id)
if client is None or isinstance(redirect_uri, str) is False:
return False
return client["redirect_uri"] == redirect_uri.split('?')[0]
def validate_client_secret(client_id, client_secret):
client = db_oauth_client.get_client(client_id)
if client is None:
return False
return client["client_secret"] == client_secret
def test_delete(self):
oauth_client = self.create_dummy_application()
db_oauth_client.delete(oauth_client["client_id"])
with self.assertRaises(NoDataFoundException):
db_oauth_client.get_client(oauth_client["client_id"])
def test_delete(self):
oauth_client = self.create_dummy_application()
db_oauth_client.delete(oauth_client["client_id"])
with self.assertRaises(NoDataFoundException):
db_oauth_client.get_client(oauth_client["client_id"])
