def test_register_compliance_hook(self): sess = OAuth2Session('foo') self.assertRaises( ValueError, sess.register_compliance_hook, 'invalid_hook', lambda o: o, ) def protected_request(url, headers, data): self.assertIn('Authorization', headers) return url, headers, data sess = OAuth2Session('foo', token=self.token) sess.register_compliance_hook( 'protected_request', protected_request, ) sess.send = mock_json_response({'name': 'a'}) sess.get('https://i.b/user')
def google_auth_redirect(request): try: req_state = request.GET.get('state') # print('----------------------') # print('req s_key: ', request.session['s_key']) # print('----------------------') # s_key = request.session['s_key'] # s = SessionStore(session_key=s_key) # # if req_state != s['auth_state']: # response = HttpResponse('no state key', code=401) # return response session = OAuth2Session( CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, # state=s['auth_state'], state=req_state, redirect_uri=AUTH_REDIRECT_URI) oauth2_tokens = session.fetch_access_token( ACCESS_TOKEN_URI, authorization_response=request.get_full_path()) # request.session[AUTH_TOKEN_KEY] = oauth2_tokens s = SessionStore() s['auth_tokens'] = oauth2_tokens s.create() s_key = s.session_key user_info = get_user_info(s_key) print('user info: ', user_info['given_name']) print('session: ', request.session.items()) # crmuserid = request.session["crmuserid"] # print('crmuserid info: ', crmuserid) # crmuserid = request.COOKIES.get('crmuserid') # print('crmuserid cookie: ', crmuserid) with open('crmuserid.txt', 'r') as f: crmuserid = f.read() print('crmuserid in file: ', crmuserid) user = User_tokens.objects.get(crmuserid=crmuserid) user.name = user_info['given_name'] user.refresh_token = oauth2_tokens['refresh_token'] # action_id = user.state_key user.save() # send_action_to_crm(action_id, 'true') except Exception as e: print(e) # with open('crmuserid.txt', 'r') as f: # crmuserid = f.read() # user = User_tokens.objects.get(crmuserid=crmuserid) # action_id = user.state_key # send_action_to_crm(action_id, 'false', e) # return redirect(BASE_URI, code=302) return redirect('privacy_policy')
def google_auth_redirect(): state = request.args.get('state', default=None, type=None) session = OAuth2Session(app.config['GOOGLE_CLIENT_ID'], app.config['GOOGLE_CLIENT_SECRET'], scope=app.config['GOOGLE_AUTHORIZATION_SCOPE'], state=state, redirect_uri=url_for('users.index')) oauth2_tokens = session.fetch_access_token( ACCESS_TOKEN_URI, authorization_response=request.url) flask.session[AUTH_TOKEN_KEY] = oauth2_tokens return redirect(url_for('users.index'))
def login(): auth_session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, redirect_uri=AUTH_REDIRECT_URI) uri, state = auth_session.authorization_url(AUTHORIZATION_URL) session[AUTH_STATE_KEY] = state session.permanent = True return redirect(uri, code=302)
def __fetch_mgmnt_api_token(): __session = OAuth2Session( Auth.AUTH0_CLIENT_ID, Auth.AUTH0_CLIENT_SECRET ) # need a new session to get the token for Mgmnt API token = __session.fetch_access_token( Auth.AUTH0_BASE_URL + "/oauth/token", grant_type="client_credentials", audience=Auth.AUTH0_BASE_URL + "/api/v2/", ) return token["access_token"] # ok to use it without validation
def gscconnect(): session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=GSC_CONNECT_AUTHORIZATION_SCOPE, redirect_uri=GSC_CONNECTAUTH_REDIRECT_URI) uri, state = session.authorization_url(AUTHORIZATION_URL) flask.session[AUTH_STATE_KEY] = state flask.session.permanent = True return flask.redirect(uri, code=302)
def test_revoke_token(self): sess = OAuth2Session('a') answer = {'status': 'ok'} sess.send = mock_json_response(answer) resp = sess.revoke_token('https://i.b/token', 'hi') self.assertEqual(resp.json(), answer) resp = sess.revoke_token( 'https://i.b/token', 'hi', token_type_hint='access_token' ) self.assertEqual(resp.json(), answer)
def test_fetch_token(self): url = 'https://example.com/token' def fake_send(r, **kwargs): self.assertIn('code=v', r.body) resp = mock.MagicMock() resp.json = lambda: self.token return resp sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.send = fake_send self.assertEqual(sess.fetch_access_token(url, code='v'), self.token) self.assertEqual( sess.fetch_access_token( url, authorization_response='https://i.b/?code=v'), self.token) error = {'error': 'invalid_request'} sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.send = mock_json_response(error) self.assertRaises(OAuth2Error, sess.fetch_access_token, url)
def login(): session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, redirect_uri=AUTH_REDIRECT_URI) uri, state = session.authorization_url(AUTHORIZATION_URL) print("CHECK URL 1",uri) flask.session[AUTH_STATE_KEY] = state flask.session.permanent = True return flask.redirect(uri, code=302)
def get_token(): scope = 'api_listings_read' oas = OAuth2Session(current_app.config['DOMAIN_CLIENT_ID'], current_app.config['DOMAIN_CLIENT_SECRET'], scope=scope) token = oas.fetch_access_token( 'https://auth.domain.com.au/v1/connect/token', grant_type='client_credentials') # now = datetime.now() # later = now + timedelta(seconds=token['expires_in']-900) return token
def get_oauth2_tokens(request): session = OAuth2Session(settings.CLIENT_ID, settings.CLIENT_SECRET, scope=settings.AUTHORIZATION_SCOPE, state=request.session[settings.AUTH_STATE_KEY], redirect_uri=settings.AUTH_REDIRECT_URI) oauth2_tokens = session.fetch_access_token( settings.ACCESS_TOKEN_URI, authorization_response=request.build_absolute_uri()) return oauth2_tokens
def get_auth_uri(self): """ [ Generate auth URL for user to login and authorize ] """ # Create session self.session = OAuth2Session(self.client_id, self.client_secret, scope=self.scope, redirect_uri=self.redirect_uri) # Generate auth url for requests return self.session.create_authorization_url(self.authorize_url)
def test_add_token_to_uri(self): def verifier(r, **kwargs): self.assertIn(self.token['access_token'], r.url) resp = mock.MagicMock() return resp sess = OAuth2Session(client_id=self.client_id, token=self.token, token_placement='uri') sess.send = verifier sess.get('https://i.b')
def get_jwt(): token_url = "https://iamsuite.authentication.eu10.hana.ondemand.com/oauth/token" headers = { 'Content-Type': 'application/json' } client_id = "sb-c656110e-a4f3-4d65-ad25-e0cfc2b4f701!b22856|ain_broker_poc!b1537" client_secret = "ticM0qWro6XpjT+wOEvfy0qGj5E=" session = OAuth2Session(client_id, client_secret) token = session.fetch_access_token(token_url) jwt_access_token = token['access_token'] return jwt_access_token
def google_auth_redirect(): state = flask.request.args.get('state', default=None, type=None) session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, state=state, redirect_uri=AUTH_REDIRECT_URI) oauth2_tokens = session.fetch_access_token( ACCESS_TOKEN_URI, authorization_response=flask.request.url) flask.session[AUTH_TOKEN_KEY] = oauth2_tokens return flask.redirect(url_for('page_login'), code=302)
def loginGoogle(): sessionObj = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, redirect_uri=AUTH_REDIRECT_URI) uri, state = sessionObj.create_authorization_url(AUTHORIZATION_URL) print("State before adding=", state) session[AUTH_STATE_KEY] = state print("State after adding=", session[AUTH_STATE_KEY]) session.permanent = True return redirect(uri, code=302)
def auth_url(): oa2_session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope="identify", redirect_uri=url_for("scratch.oauth_complete", _external=True)) uri, state = oa2_session.create_authorization_url(AUTH_URL) session["state"] = state return redirect(uri)
def test_add_token_to_header(self): token = 'Bearer ' + self.token['access_token'] def verifier(r, **kwargs): auth_header = r.headers.get(str('Authorization'), None) self.assertEqual(auth_header, token) resp = mock.MagicMock() return resp sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.send = verifier sess.get('https://i.b')
def __init__(self, settings, logger, scope, discovery_url, idp, HTTP_PROXY=None): self.logger = logger self.settings = settings self.session = OAuth2Session( client_id=settings["client_id"], client_secret=settings["client_secret"], scope=scope, redirect_uri=settings["redirect_url"], ) self.discovery_url = discovery_url self.idp = idp self.HTTP_PROXY = HTTP_PROXY
def test_access_token_response_hook(self): url = 'https://example.com/token' def access_token_response_hook(resp): self.assertEqual(resp.json(), self.token) return resp sess = OAuth2Session(client_id=self.client_id, token=self.token) sess.register_compliance_hook('access_token_response', access_token_response_hook) sess.send = mock_json_response(self.token) self.assertEqual(sess.fetch_access_token(url), self.token)
def fetch_mgmnt_api_token(): __session = OAuth2Session(AUTH0_CLIENT_ID,AUTH0_CLIENT_SECRET) #need a new session to get the token for Mgmnt API token = __session.fetch_access_token(AUTH0_BASE_URL + '/oauth/token', grant_type='client_credentials', audience=auth0.api_base_url +'/api/v2/') #Alternatively, can use the routine below... # conn = http.client.HTTPSConnection("seistech.auth0.com:443") # payload = "grant_type=client_credentials&client_id="+AUTH0_CLIENT_ID+"&client_secret="+AUTH0_CLIENT_SECRET+"&audience="+auth0.api_base_url+"/api/v2/" # headers = { 'content-type': "application/x-www-form-urlencoded" } # conn.request("POST", "https://seistech.auth0.com/oauth/token", payload, headers) # res = conn.getresponse() # token = res.read().decode("utf-8") print(token) return token['access_token'] #ok to use it without validation
async def login(cls, request): auth_session = OAuth2Session(cls.CLIENT_ID, cls.CLIENT_SECRET, scope=cls.AUTHORIZATION_SCOPE, redirect_uri=cls.AUTH_REDIRECT_URI) uri, state = auth_session.create_authorization_url( cls.AUTHORIZATION_URL) session = await get_session(request) session[cls.AUTH_STATE_KEY] = state raise web.HTTPFound(uri)
def login(): session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, redirect_uri=AUTH_REDIRECT_URI) uri, state = session.create_authorization_url(AUTHORIZATION_URL) # State is used to prevent CSRF, keep this for later. flask.session[AUTH_STATE_KEY] = state flask.session.permanent = True return flask.redirect(uri, code=302)
def login(): if current_user.is_authenticated: return flask.redirect(url_for('base.index')) session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, redirect_uri=AUTH_REDIRECT_URI) uri, state = session.authorization_url(AUTHORIZATION_URL) flask.session[AUTH_STATE_KEY] = state flask.session.permanent = True return flask.redirect(uri, code=302)
def test_client_credentials_type(self): url = 'https://example.com/token' def fake_send(r, **kwargs): self.assertIn('grant_type=client_credentials', r.body) resp = mock.MagicMock() resp.json = lambda: self.token return resp sess = OAuth2Session(client_id=self.client_id, client_secret='v') sess.send = fake_send token = sess.fetch_access_token(url) self.assertEqual(token, self.token)
def home(): session = OAuth2Session(k, s, scope="profile email", redirect_uri='http://localhost:5000/second') uri, state = session.authorization_url(AUTHORIZATION_URL) flask.session.permanent = True flask.session["auth_state"] = state print(flask.session) return flask.redirect(uri, code=302)
def login(): session = OAuth2Session(CLIENT_ID, CLIENT_SECRET, scope=AUTHORIZATION_SCOPE, redirect_uri=AUTH_REDIRECT_URI) uri, state = session.create_authorization_url( AUTHORIZATION_URL, access_type='offline', include_granted_scopes='true') flask.session[AUTH_STATE_KEY] = state flask.session.permanent = True return flask.redirect(uri, code=302)
def test_fetch_access_token_with_get(self): url = 'https://example.com/token' def fake_send(r, **kwargs): self.assertIn('code=v', r.url) self.assertIn('grant_type=authorization_code', r.url) resp = mock.MagicMock() resp.json = lambda: self.token return resp sess = OAuth2Session(client_id=self.client_id) sess.send = fake_send token = sess.fetch_access_token(url, code='v', method='GET') self.assertEqual(token, self.token)
def test_password_grant_type(self): url = 'https://example.com/token' def fake_send(r, **kwargs): self.assertIn('username=v', r.body) self.assertIn('grant_type=password', r.body) resp = mock.MagicMock() resp.json = lambda: self.token return resp sess = OAuth2Session(client_id=self.client_id) sess.send = fake_send token = sess.fetch_access_token(url, username='******', password='******') self.assertEqual(token, self.token)
def refresh_tokens(self, refresh_token): # Create new session self.session = OAuth2Session(client_id, client_secret, token=tokens, scope=scope, redirect_uri=redirect_uri, state=self.state) # Refresh tokens tokens = self.session.refresh_token( self.access_token_url, refresh_token=self.tokens['refresh_token']) print('[ OK ] Token refreshed.') return tokens