def persist_token_information(self, client_id, scope, access_token,
token_type, expires_in, refresh_token,
data):
"""Save OAuth access and refresh token information.
:param client_id: Client Id.
:type client_id: str
:param scope: Scope.
:type scope: str
:param access_token: Access token.
:type access_token: str
:param token_type: Token type (currently only Bearer)
:type token_type: str
:param expires_in: Access token expiration seconds.
:type expires_in: int
:param refresh_token: Refresh token.
:type refresh_token: str
:param data: Data from authorization code grant.
:type data: mixed
"""
# Set access token with proper expiration
access_key = 'oauth2.access_token:%s' % access_token
self.redis.setex(access_key, expires_in, json.dumps(data))
# Set refresh token with no expiration
token = RefreshToken.save(client_id, refresh_token, json.dumps(data))
# Associate tokens to user for easy token revocation per app user
AccessKey.save(client_id, data.get('user_id'), access_key, token)
def discard_client_user_tokens(self, client_id, user_id):
"""Delete access and refresh tokens from the store.
:param client_id: Client Id.
:type client_id: str
:param user_id: User Id.
:type user_id: str
"""
AccessKey.delete(client_id, user_id)
def test_without_api_key(self):
bad_api_key = AccessKey.generate_uuid()
with self.assertRaises(AppError) as caught:
self.do_request(bad_api_key)
self.assert_(caught.exception.message.startswith('Bad response: 401'),
'Expected request without valid API key to return 401')
def create_key():
description = request.form.get('description')
new_key = AccessKey.create(description)
flash(
'Your API key {} has been created. Refresh the page to see it below.'.
format(new_key.access_key))
return redirect(url_for('keys'))
def setUp(self):
super(AutocompleteTest, self).setUp()
create_employee(username='******')
create_employee(username='******')
create_employee(username='******')
create_employee(username='******')
logic.employee.rebuild_index()
self.api_key = AccessKey.create('autocomplete key').access_key
def setUp(self):
super(AutocompleteTest, self).setUp()
create_employee(username='******')
create_employee(username='******')
create_employee(username='******')
create_employee(username='******')
with mock.patch('logic.employee.memory_usage', autospec=True):
logic.employee.rebuild_index()
self.api_key = AccessKey.create('autocomplete key').access_key
def authorization_code():
client_id = request.args.get('client_id')
if not AccessKey.has_access(client_id, g.user.id):
client = OAuthClient.find(client_id)
scope = request.args.get('scope')
response_type = request.args.get('response_type')
redirect_uri = request.args.get('redirect_uri')
return render_template('oauth/request.html',
client=client,
redirect_uri=redirect_uri,
scope=scope,
response_type=response_type)
else:
return code_request(lambda: provider.get_authorization_code_from_uri(request.url))
def keys():
api_keys = AccessKey.query().fetch()
return render_template(
'keys.html',
keys=api_keys
)
def test_with_api_key(self):
api_key = AccessKey.create('test key').access_key
response = self.do_request(api_key)
self.assertEqual(response.status_int, self.successful_response_code)
def setUp(self):
self.api_key = AccessKey.create('test key').access_key
create_employee(username='******')
create_alias_with_employee_username(name='bobby', username='******')
create_employee(username='******')
