def run_auth_server(certfile): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"]) token_store = TokenStore() auth_controller = Provider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, site_adapter=TestSiteAdapter(), token_generator=Uuid4()) auth_controller.add_grant(AuthorizationCodeGrant()) app = Wsgi(server=auth_controller) httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler) httpd.socket = ssl.wrap_socket(httpd.socket, certfile=certfile, server_side=True) print("Starting implicit_grant oauth2 server on https://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=[]) token_store = TokenStore() provider = Provider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()) provider.add_grant( ResourceOwnerGrant(site_adapter=TestSiteAdapter()) ) app = Application(provider=provider) httpd = make_server('', 8080, app) print("Starting OAuth2 server on http://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): client_store = ClientStore() # client_store.add_client(client_id="abc", client_secret="xyz", # redirect_uris=["http://localhost:8081/callback"]) client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8080/auth/realms/keycloak-express/broker/oidc/endpoint"]) token_store = TokenStore() provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()) provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) try: app = Application([ url(provider.authorize_path, OAuth2Handler, dict(provider=provider)), url(provider.token_path, OAuth2Handler, dict(provider=provider)), ]) app.listen(8090) print("Starting OAuth2 server on http://localhost:8090/...") IOLoop.current().start() except KeyboardInterrupt: IOLoop.close()
def create_auth_server(): client_store = ClientStore() client_store.add_client( client_id="alexa.matsuoka", client_secret="xxxx", redirect_uris=[ "https://layla.amazon.com/api/skill/link/M2Q7FOC6AVxxxx", "https://pitangui.amazon.com/api/skill/link/M2Q7FOC6AVxxxx", "https://alexa.amazon.co.jp/api/skill/link/M2Q7FOC6AVxxxx" ]) token_store = TokenStore() token_store.save_token( AccessToken(client_id="alexa.matsuoka", grant_type="authorization_code", user_id="*****@*****.**", token="xxxx")) provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4(), client_authentication_source=http_basic_auth) provider.add_grant( AuthorizationCodeGrant(site_adapter=TestSiteAdapter(), unique_token=True)) app = Application([ url(provider.authorize_path, OAuth2Handler, dict(provider=provider)), url(provider.token_path, OAuth2Handler, dict(provider=provider)), ], debug=False) return app
def run_auth_server(): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=[]) token_store = TokenStore() token_gen = Uuid4() token_gen.expires_in['client_credentials'] = 3600 auth_controller = Provider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=token_gen) auth_controller.add_grant(ClientCredentialsGrant()) app = Application(provider=auth_controller) httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler) print("Starting implicit_grant oauth2 server on http://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/"]) token_store = TokenStore() provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()) provider.add_grant(ImplicitGrant(site_adapter=TestSiteAdapter())) app = Application(provider=provider) httpd = make_server('', 8080, app) print( "Starting implicit_grant oauth2 server on http://localhost:8080/..." ) httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"]) token_store = TokenStore() provider = Provider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4() ) provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) try: app = Application( [ url(provider.authorize_path, OAuth2Handler, dict(provider=provider)), url(provider.token_path, OAuth2Handler, dict(provider=provider)), ] ) app.listen(8080) print("Starting OAuth2 server on http://localhost:8080/...") IOLoop.current().start() except KeyboardInterrupt: IOLoop.close()
def run_auth_server(): client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=[], authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type]) token_store = TokenStore() # Generator of tokens token_generator = oauth2.tokengenerator.Uuid4() token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600 provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=token_generator) # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) provider.add_grant(ClientCredentialsGrant()) try: app = Application([ url(provider.authorize_path, OAuth2Handler, dict(provider=provider)), url(provider.token_path, OAuth2Handler, dict(provider=provider)), ]) app.listen(8080) print("Starting OAuth2 server on http://localhost:8080/...") IOLoop.current().start() except KeyboardInterrupt: IOLoop.close()
def run_auth_server(): try: client_store = ClientStore() client_store.add_client( client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"]) token_store = TokenStore() auth_controller = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, site_adapter=TestSiteAdapter(), token_generator=Uuid4()) auth_controller.add_grant(AuthorizationCodeGrant()) app = Wsgi(server=auth_controller) httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler) print( "Starting implicit_grant oauth2 server on http://localhost:8080/..." ) httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://10.10.112.59:8081/callback"]) client_store.add_client(client_id="bcd", client_secret="fff", redirect_uris=["http://10.10.112.59:50000/callback"]) client_store.add_client(client_id="9fdc2c7a1cee0cca54c150e3e0b822eb", client_secret="zzz", redirect_uris=["http://10.10.112.59:8888/callback"]) token_store = TokenStore() provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()) provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) settings = dict( template_path=os.path.join(os.path.dirname(__file__), "templates"), static_path=os.path.join(os.path.dirname(__file__), "static"), cookie_secret='61oETzKXQAGaYdkL5gEmGEJJFuYh7EQnp2XdTP1o/Vo=', ) try: app = Application([ url(provider.authorize_path, OAuth2Handler, dict(provider=provider)), url(provider.token_path, OAuth2Handler, dict(provider=provider)), url("/", MainHandler), ], **settings) app.listen(8080) print "Starting OAuth2 server on http://10.10.112.59:8080/..." IOLoop.current().start() except KeyboardInterrupt: IOLoop.close()
def run_auth_server(): try: client = MongoClient('localhost', 27017) db = client.test_database client_store = ClientStore(collection=db["clients"]) token_store = AccessTokenStore(collection=db["access_tokens"]) code_store = AuthCodeStore(collection=db["auth_codes"]) provider = Provider( access_token_store=token_store, auth_code_store=code_store, client_store=client_store, token_generator=Uuid4()) provider.add_grant( AuthorizationCodeGrant(site_adapter=TestSiteAdapter(), scopes=["basic", "big", "long"], unique_token=True, expires_in=20 ) ) provider.add_grant( RefreshToken(scopes=["basic", "big", "long"], expires_in=2592000, reissue_refresh_tokens=True) ) app = Application(provider=provider) httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler) print("Starting OAuth2 server on http://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def test_add_client_and_fetch_by_client_id(self): expected_client_data = {"client_id": "abc", "client_secret": "xyz", "redirect_uris": ["http://localhost"]} store = ClientStore() success = store.add_client(expected_client_data["client_id"], expected_client_data["client_secret"], expected_client_data["redirect_uris"]) self.assertTrue(success) client = store.fetch_by_client_id("abc") self.assertEqual(client.identifier, expected_client_data["client_id"]) self.assertEqual(client.secret, expected_client_data["client_secret"]) self.assertEqual(client.redirect_uris, expected_client_data["redirect_uris"])
def get(self): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=[], authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type]) token_store = TokenStore() # Generator of tokens token_generator = oauth2.tokengenerator.Uuid4() token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600 provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=token_generator) # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) provider.add_grant(ClientCredentialsGrant()) except StandardError,e: result = {"success":0,"return_code":str(e),"error_msg":utils.format_error()}
def test_add_client_and_fetch_by_client_id(self): expected_client_data = { "client_id": "abc", "client_secret": "xyz", "redirect_uris": ["http://localhost"] } store = ClientStore() success = store.add_client(expected_client_data["client_id"], expected_client_data["client_secret"], expected_client_data["redirect_uris"]) self.assertTrue(success) client = store.fetch_by_client_id("abc") self.assertEqual(client.identifier, expected_client_data["client_id"]) self.assertEqual(client.secret, expected_client_data["client_secret"]) self.assertEqual(client.redirect_uris, expected_client_data["redirect_uris"])
def run_auth_server(port=8282): print("Starting OAuth2 server on port:" + str(port)) client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://0.0.0.0:5000/"]) token_store = TokenStore() provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()) provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) app = Application(provider=provider) httpd = make_server('', port, app, handler_class=OAuthRequestHandler) httpd.serve_forever()
def get(self): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=[], authorized_grants=[oauth2.grant.ClientCredentialsGrant.grant_type]) token_store = TokenStore() # Generator of tokens token_generator = oauth2.tokengenerator.Uuid4() token_generator.expires_in[oauth2.grant.ClientCredentialsGrant.grant_type] = 3600 provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=token_generator) # provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) provider.add_grant(ClientCredentialsGrant()) except Exception as e: result = {"success":0,"return_code":unicode(e),"error_msg":utils.format_error()} self.finish(result)
def run_auth_server(): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"]) token_store = TokenStore() provider = TestProvider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4()) app = OAuthApplication(provider=provider) httpd = make_server('', 8080, app, handler_class=OAuthRequestHandler) print("Starting OAuth2 server on http://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/callback"]) token_store = TokenStore() provider = Provider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=Uuid4(), ) provider.add_grant(AuthorizationCodeGrant(site_adapter=TestSiteAdapter())) app = Application(provider=provider) httpd = make_server("", 8080, app, handler_class=OAuthRequestHandler) print("Starting OAuth2 server on http://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def run_auth_server(): try: client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8081/"]) token_store = TokenStore() auth_server = Provider( access_token_store=token_store, auth_code_store=token_store, client_store=client_store, site_adapter=TestSiteAdapter(), token_generator=Uuid4()) auth_server.add_grant(ImplicitGrant()) app = Wsgi(server=auth_server) httpd = make_server('', 8080, app) print("Starting implicit_grant oauth2 server on http://localhost:8080/...") httpd.serve_forever() except KeyboardInterrupt: httpd.server_close()
def test_fetch_by_client_id_no_client(self): store = ClientStore() with self.assertRaises(ClientNotFoundError): store.fetch_by_client_id("abc")
def __init__(self, dbconnection): self.templates = os.path.join(os.path.dirname(__file__), "../templates") self.static = os.path.join(os.path.dirname(__file__), "../static") # DataBase connection self.dbconnection = dbconnection ## # OAuth authentication service (token provider) # Client Store (will be taken from db) client_store = ClientStore() client_store.add_client(client_id="abc", client_secret="xyz", redirect_uris=["http://localhost:8111"]) ## # OAuth Token Store (in memory) token_store = TokenStore() # Generator of tokens token_generator = Uuid4() #token_generator.expires_in[ClientCredentialsGrant.grant_type] = 3600 ## # OAuth Provider provider = Provider(access_token_store=token_store, auth_code_store=token_store, client_store=client_store, token_generator=token_generator) #provider.token_path = '/oauth/token' # Support for the authorization code grant provider.add_grant( AuthorizationCodeGrant(site_adapter=CodeGrant(self.templates))) # provider.add_grant( # ImplicitGrant(site_adapter=Authentication()) # ) logger.debug(provider.authorize_path) logger.debug(provider.token_path) ## # Auth handlers auth_handlers = [ web.url(provider.authorize_path, OAuth2Handler, dict(provider=provider)), web.url(provider.token_path, OAuth2Handler, dict(provider=provider)) ] ## # Web web_handlers = [ web.url(r"/login", login.Index), web.url(r"/logout", logout.Index), web.url(r"/password/(.*)", password.Index), web.url(r"/forgot_password", password.Forgot), web.url(r"/registration", registration.Index), web.url(r'/', home.Index), web.url(r'/settings', home.User), web.url(r'/projects', projects.Projects), web.url(r'/slices/([a-z0-9\._\-]+)', slices.Slices), web.url(r'/users', users.Users), web.url(r'/users/?(' + self.urn_regex + ')', users.Users), web.url(r'/activity', activity.Index), web.url(r'/confirm/(' + self.uuid_regex + ')?', confirm.Index), web.url(r'/status', status.Index), web.url(r'/static/(.*)', web.StaticFileHandler, {'path': self.static}), web.url(r'/test', test.Index), web.url(r"/addOrganization", addOrganization.Index) ] ## # REST API rest_handlers = [ web.url(r'/api/v1/activity?([A-Za-z0-9-]+)?', ActivityHandler), web.url(r'/api/v1/activity/(' + self.uuid_regex + ')?', ActivityHandler), web.url(r'/api/v1/confirm/(' + self.uuid_regex + ')?', ConfirmHandler), web.url(r'/api/v1/requests?([A-Za-z0-9-]+)?', RequestsHandler), web.url(r'/api/v1/requests/(' + self.uuid_regex + ')?', RequestsHandler), web.url(r'/api/v1/usertoken?', UserTokenHandler), web.url(r'/api/v1/login', LoginHandler), web.url(r'/api/v1/password', PasswordHandler), web.url(r'/api/v1/password/(.*)', PasswordHandler), web.url(r'/api/v1/resources$', ResourcesHandler), web.url(r'/api/v1/resources/(' + self.urn_regex + ')?$', ResourcesHandler), web.url(r'/api/v1/resources/(' + self.urn_regex + ')?/?(leases)?$', ResourcesHandler), web.url(r'/api/v1/resources/(' + self.urn_regex + ')?/?(slices)?$', ResourcesHandler), web.url( r'/api/v1/resources/(' + self.urn_regex + ')?/?(testbeds)?$', ResourcesHandler), # leases web.url(r'/api/v1/leases$', LeasesHandler), web.url(r'/api/v1/leases/([A-Za-z0-9-]+)?', LeasesHandler), web.url(r'/api/v1/profile$', ProfileHandler), # testbeds web.url( r'/api/v1/testbeds/?(' + self.urn_regex + ')?/?(resources)?$', TestbedsHandler), web.url(r'/api/v1/testbeds/?(' + self.urn_regex + ')?/?(leases)?$', TestbedsHandler), # users web.url(r'/api/v1/users$', UsersHandler), web.url(r'/api/v1/users/(' + self.email_regex + ')$', UsersHandler), web.url( r'/api/v1/users/?(' + self.urn_regex + ')?/?(authorities|projects|slices)?$', UsersHandler), web.url(r'/api/v1/users/?(authorities|projects|slices)?$', UsersHandler), # authorities web.url(r'/api/v1/authorities$', AuthoritiesHandler), web.url( r'/api/v1/authorities/?(' + self.urn_regex + ')?/?(users|projects)?$', AuthoritiesHandler), # projects web.url( r'/api/v1/projects/?(' + self.urn_regex + ')?/?(users|slices)?$', ProjectsHandler), # slices web.url( r'/api/v1/slices/?(' + self.hrn_regex + ')?/?(users|resources)?$', SlicesHandler), web.url( r'/api/v1/slices/?(' + self.urn_regex + ')?/?(users|resources)?$', SlicesHandler), # F-Interop sessions # security based on the slice id web.url( r'/api/v1/finterop/sessions/?(' + self.urn_regex + ')?/?(start|stop)?$', FinteropSessionsHandler), web.url( r'/api/v1/finterop/sessions/?(' + self.hrn_regex + ')?/?(start|stop)?$', FinteropSessionsHandler), web.url( r'/api/v1/finterop/sessions/?([a-zA-Z0-9]+)?/?(start|stop)?$', FinteropSessionsHandler), #web.url(r'/api/v1/finterop/sessions/?([a-zA-Z0-9]+)?/resources$', ResourceRepoHandler), ] ## # Websockets API # SockJSRouter: configure Websocket WebsocketRouter = SockJSRouter(WebsocketsHandler, '/api/v1/live') ## # URLs handlers handlers = auth_handlers + web_handlers + rest_handlers + WebsocketRouter.urls settings = dict( cookie_secret=config.web["cookie_secret"], login_url="/login", token_secret=config.web["token_secret"], template_path=self.templates, static_path=self.static, #xsrf_cookies=True, debug=True) web.Application.__init__(self, handlers, **settings)
# -*- coding: utf-8 -*- import cherrypy from . import verify, client_credentials, password from oauth2.tokengenerator import Uuid4 from oauth2.store.memory import ClientStore, TokenStore tokens = TokenStore() clients = ClientStore() clients.add_client(client_id="novareto", client_secret="test", redirect_uris=[]) tickets = Uuid4() tickets.expires_in['client_credentials'] = 7200 def run(): cherrypy.config.update({ 'server.socket_host': '0.0.0.0', 'server.socket_port': 8085, }) cherrypy.tree.graft( client_credentials.make_application(tokens, clients, tickets), '/auth.client') cherrypy.tree.graft( password.make_application(tokens, clients, tickets), '/auth.passwd') cherrypy.tree.graft(