Пример #1
0
def get_bearer_token(email,
                     password,
                     scopes=None,
                     account_server_url=None,
                     oauth_server_url=None,
                     client_id=None):

    message = None

    if not account_server_url:
        message = 'Please define an account_server_url.'

    elif not oauth_server_url:
        message = 'Please define an oauth_server_url.'

    elif not client_id:
        message = 'Please define a client_id.'

    if message:
        raise ValueError(message)

    if scopes is None:
        scopes = ['profile']

    client = core.Client(server_url=account_server_url)
    session = client.login(email, password)

    url = urlparse(oauth_server_url)
    audience = "%s://%s/" % (url.scheme, url.netloc)

    bid_assertion = session.get_identity_assertion(audience)
    oauth_client = oauth.Client(server_url=oauth_server_url)
    token = oauth_client.authorize_token(bid_assertion, ' '.join(scopes),
                                         client_id)
    return token
Пример #2
0
def create_new_fxa_account(fxa_user_salt=None,
                           account_server_url=None,
                           prefix="fxa",
                           content_server_url=None):
    if account_server_url and 'stage' in account_server_url:
        if not fxa_user_salt:
            fxa_user_salt = os.urandom(36)
        else:
            fxa_user_salt = base64.urlsafe_b64decode(fxa_user_salt)

        password = hmac.new(fxa_user_salt, b"loadtest").hexdigest()
        email = "*****@*****.**" % (prefix, password)

        client = core.Client(server_url=account_server_url)

        try:
            client.create_account(email, password=password, preVerified=True)
        except errors.ClientError as e:
            if e.errno != FXA_ERROR_ACCOUNT_EXISTS:
                raise
        finally:
            return email, password
    else:
        message = ("You are not using stage (%s), make sure your FxA test "
                   "account exists: %s" %
                   (account_server_url, content_server_url))
        raise ValueError(message)
Пример #3
0
def get_bearer_token(email,
                     password,
                     scopes=None,
                     account_server_url=None,
                     oauth_server_url=None,
                     client_id=None,
                     client_secret=None,
                     use_pkce=False,
                     unblock_code=None):

    message = None

    if not account_server_url:
        message = 'Please define an account_server_url.'

    elif not oauth_server_url:
        message = 'Please define an oauth_server_url.'

    elif not client_id:
        message = 'Please define a client_id.'

    if message:
        raise ValueError(message)

    if scopes is None:
        scopes = ['profile']

    client = core.Client(server_url=account_server_url)
    session = client.login(email, password, unblock_code=unblock_code)

    oauth_client = oauth.Client(client_id,
                                client_secret,
                                server_url=oauth_server_url)

    # XXX TODO: we should be able to automaticaly choose the most
    # direct route to getting a token, based on registered client
    # metadata.  Unfortunately the oauth-server doesn't (yet) expose
    # client properties like `canGrant` and `isPublic`.
    # print metadata
    # metadata = oauth_client.get_client_metadata()

    scope = ' '.join(scopes)
    if client_secret is None and not use_pkce:
        token = oauth_client.authorize_token(session, scope)
    else:
        challenge = verifier = {}
        if use_pkce:
            (challenge, verifier) = oauth_client.generate_pkce_challenge()
        code = oauth_client.authorize_code(session, scope, **challenge)
        token = oauth_client.trade_code(code, **verifier)

    return token
Пример #4
0
def get_browserid_assertion(email,
                            password,
                            audience,
                            account_server_url=None,
                            duration=core.DEFAULT_ASSERTION_DURATION):
    if not account_server_url:
        message = 'Please define an account_server_url.'
        raise ValueError(message)

    client = core.Client(server_url=account_server_url)
    session = client.login(email, password, keys=True)

    bid_assertion = session.get_identity_assertion(audience=audience,
                                                   duration=duration)
    _, keyB = session.fetch_keys()
    client_state = hexlify(sha256(keyB).digest()[0:16]).decode('utf-8')

    return bid_assertion, client_state
Пример #5
0
def send_unblock_code(email, account_server_url=None):
    if not account_server_url:
        raise ValueError('Please define an account_server_url.')

    client = core.Client(server_url=account_server_url)
    return client.send_unblock_code(email)