def test_register_compliance_hook(self):
sess = OAuth2Session('foo')
self.assertRaises(
ValueError,
sess.register_compliance_hook,
'invalid_hook',
lambda o: o,
)
def protected_request(url, headers, data):
self.assertIn('Authorization', headers)
return url, headers, data
sess = OAuth2Session('foo', token=self.token)
sess.register_compliance_hook(
'protected_request',
protected_request,
)
sess.send = mock_json_response({'name': 'a'})
sess.get('https://i.b/user')
def google_auth_redirect(request):
try:
req_state = request.GET.get('state')
# print('----------------------')
# print('req s_key: ', request.session['s_key'])
# print('----------------------')
# s_key = request.session['s_key']
# s = SessionStore(session_key=s_key)
#
# if req_state != s['auth_state']:
# response = HttpResponse('no state key', code=401)
# return response
session = OAuth2Session(
CLIENT_ID,
CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
# state=s['auth_state'],
state=req_state,
redirect_uri=AUTH_REDIRECT_URI)
oauth2_tokens = session.fetch_access_token(
ACCESS_TOKEN_URI, authorization_response=request.get_full_path())
# request.session[AUTH_TOKEN_KEY] = oauth2_tokens
s = SessionStore()
s['auth_tokens'] = oauth2_tokens
s.create()
s_key = s.session_key
user_info = get_user_info(s_key)
print('user info: ', user_info['given_name'])
print('session: ', request.session.items())
# crmuserid = request.session["crmuserid"]
# print('crmuserid info: ', crmuserid)
# crmuserid = request.COOKIES.get('crmuserid')
# print('crmuserid cookie: ', crmuserid)
with open('crmuserid.txt', 'r') as f:
crmuserid = f.read()
print('crmuserid in file: ', crmuserid)
user = User_tokens.objects.get(crmuserid=crmuserid)
user.name = user_info['given_name']
user.refresh_token = oauth2_tokens['refresh_token']
# action_id = user.state_key
user.save()
# send_action_to_crm(action_id, 'true')
except Exception as e:
print(e)
# with open('crmuserid.txt', 'r') as f:
# crmuserid = f.read()
# user = User_tokens.objects.get(crmuserid=crmuserid)
# action_id = user.state_key
# send_action_to_crm(action_id, 'false', e)
# return redirect(BASE_URI, code=302)
return redirect('privacy_policy')
def google_auth_redirect():
state = request.args.get('state', default=None, type=None)
session = OAuth2Session(app.config['GOOGLE_CLIENT_ID'],
app.config['GOOGLE_CLIENT_SECRET'],
scope=app.config['GOOGLE_AUTHORIZATION_SCOPE'],
state=state,
redirect_uri=url_for('users.index'))
oauth2_tokens = session.fetch_access_token(
ACCESS_TOKEN_URI, authorization_response=request.url)
flask.session[AUTH_TOKEN_KEY] = oauth2_tokens
return redirect(url_for('users.index'))
def login():
auth_session = OAuth2Session(CLIENT_ID, CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
redirect_uri=AUTH_REDIRECT_URI)
uri, state = auth_session.authorization_url(AUTHORIZATION_URL)
session[AUTH_STATE_KEY] = state
session.permanent = True
return redirect(uri, code=302)
def __fetch_mgmnt_api_token():
__session = OAuth2Session(
Auth.AUTH0_CLIENT_ID, Auth.AUTH0_CLIENT_SECRET
) # need a new session to get the token for Mgmnt API
token = __session.fetch_access_token(
Auth.AUTH0_BASE_URL + "/oauth/token",
grant_type="client_credentials",
audience=Auth.AUTH0_BASE_URL + "/api/v2/",
)
return token["access_token"] # ok to use it without validation
def gscconnect():
session = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope=GSC_CONNECT_AUTHORIZATION_SCOPE,
redirect_uri=GSC_CONNECTAUTH_REDIRECT_URI)
uri, state = session.authorization_url(AUTHORIZATION_URL)
flask.session[AUTH_STATE_KEY] = state
flask.session.permanent = True
return flask.redirect(uri, code=302)
def test_revoke_token(self):
sess = OAuth2Session('a')
answer = {'status': 'ok'}
sess.send = mock_json_response(answer)
resp = sess.revoke_token('https://i.b/token', 'hi')
self.assertEqual(resp.json(), answer)
resp = sess.revoke_token(
'https://i.b/token', 'hi',
token_type_hint='access_token'
)
self.assertEqual(resp.json(), answer)
def test_fetch_token(self):
url = 'https://example.com/token'
def fake_send(r, **kwargs):
self.assertIn('code=v', r.body)
resp = mock.MagicMock()
resp.json = lambda: self.token
return resp
sess = OAuth2Session(client_id=self.client_id, token=self.token)
sess.send = fake_send
self.assertEqual(sess.fetch_access_token(url, code='v'), self.token)
self.assertEqual(
sess.fetch_access_token(
url, authorization_response='https://i.b/?code=v'), self.token)
error = {'error': 'invalid_request'}
sess = OAuth2Session(client_id=self.client_id, token=self.token)
sess.send = mock_json_response(error)
self.assertRaises(OAuth2Error, sess.fetch_access_token, url)
def login():
session = OAuth2Session(CLIENT_ID, CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
redirect_uri=AUTH_REDIRECT_URI)
uri, state = session.authorization_url(AUTHORIZATION_URL)
print("CHECK URL 1",uri)
flask.session[AUTH_STATE_KEY] = state
flask.session.permanent = True
return flask.redirect(uri, code=302)
def get_token():
scope = 'api_listings_read'
oas = OAuth2Session(current_app.config['DOMAIN_CLIENT_ID'],
current_app.config['DOMAIN_CLIENT_SECRET'],
scope=scope)
token = oas.fetch_access_token(
'https://auth.domain.com.au/v1/connect/token',
grant_type='client_credentials')
# now = datetime.now()
# later = now + timedelta(seconds=token['expires_in']-900)
return token
def get_oauth2_tokens(request):
session = OAuth2Session(settings.CLIENT_ID,
settings.CLIENT_SECRET,
scope=settings.AUTHORIZATION_SCOPE,
state=request.session[settings.AUTH_STATE_KEY],
redirect_uri=settings.AUTH_REDIRECT_URI)
oauth2_tokens = session.fetch_access_token(
settings.ACCESS_TOKEN_URI,
authorization_response=request.build_absolute_uri())
return oauth2_tokens
def get_auth_uri(self):
""" [ Generate auth URL for user to login and authorize ]
"""
# Create session
self.session = OAuth2Session(self.client_id,
self.client_secret,
scope=self.scope,
redirect_uri=self.redirect_uri)
# Generate auth url for requests
return self.session.create_authorization_url(self.authorize_url)
def test_add_token_to_uri(self):
def verifier(r, **kwargs):
self.assertIn(self.token['access_token'], r.url)
resp = mock.MagicMock()
return resp
sess = OAuth2Session(client_id=self.client_id,
token=self.token,
token_placement='uri')
sess.send = verifier
sess.get('https://i.b')
def get_jwt():
token_url = "https://iamsuite.authentication.eu10.hana.ondemand.com/oauth/token"
headers = {
'Content-Type': 'application/json'
}
client_id = "sb-c656110e-a4f3-4d65-ad25-e0cfc2b4f701!b22856|ain_broker_poc!b1537"
client_secret = "ticM0qWro6XpjT+wOEvfy0qGj5E="
session = OAuth2Session(client_id, client_secret)
token = session.fetch_access_token(token_url)
jwt_access_token = token['access_token']
return jwt_access_token
def google_auth_redirect():
state = flask.request.args.get('state', default=None, type=None)
session = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
state=state,
redirect_uri=AUTH_REDIRECT_URI)
oauth2_tokens = session.fetch_access_token(
ACCESS_TOKEN_URI, authorization_response=flask.request.url)
flask.session[AUTH_TOKEN_KEY] = oauth2_tokens
return flask.redirect(url_for('page_login'), code=302)
def loginGoogle():
sessionObj = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
redirect_uri=AUTH_REDIRECT_URI)
uri, state = sessionObj.create_authorization_url(AUTHORIZATION_URL)
print("State before adding=", state)
session[AUTH_STATE_KEY] = state
print("State after adding=", session[AUTH_STATE_KEY])
session.permanent = True
return redirect(uri, code=302)
def auth_url():
oa2_session = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope="identify",
redirect_uri=url_for("scratch.oauth_complete",
_external=True))
uri, state = oa2_session.create_authorization_url(AUTH_URL)
session["state"] = state
return redirect(uri)
def test_add_token_to_header(self):
token = 'Bearer ' + self.token['access_token']
def verifier(r, **kwargs):
auth_header = r.headers.get(str('Authorization'), None)
self.assertEqual(auth_header, token)
resp = mock.MagicMock()
return resp
sess = OAuth2Session(client_id=self.client_id, token=self.token)
sess.send = verifier
sess.get('https://i.b')
def __init__(self, settings, logger, scope, discovery_url, idp, HTTP_PROXY=None):
self.logger = logger
self.settings = settings
self.session = OAuth2Session(
client_id=settings["client_id"],
client_secret=settings["client_secret"],
scope=scope,
redirect_uri=settings["redirect_url"],
)
self.discovery_url = discovery_url
self.idp = idp
self.HTTP_PROXY = HTTP_PROXY
def test_access_token_response_hook(self):
url = 'https://example.com/token'
def access_token_response_hook(resp):
self.assertEqual(resp.json(), self.token)
return resp
sess = OAuth2Session(client_id=self.client_id, token=self.token)
sess.register_compliance_hook('access_token_response',
access_token_response_hook)
sess.send = mock_json_response(self.token)
self.assertEqual(sess.fetch_access_token(url), self.token)
def fetch_mgmnt_api_token():
__session = OAuth2Session(AUTH0_CLIENT_ID,AUTH0_CLIENT_SECRET) #need a new session to get the token for Mgmnt API
token = __session.fetch_access_token(AUTH0_BASE_URL + '/oauth/token', grant_type='client_credentials', audience=auth0.api_base_url +'/api/v2/')
#Alternatively, can use the routine below...
# conn = http.client.HTTPSConnection("seistech.auth0.com:443")
# payload = "grant_type=client_credentials&client_id="+AUTH0_CLIENT_ID+"&client_secret="+AUTH0_CLIENT_SECRET+"&audience="+auth0.api_base_url+"/api/v2/"
# headers = { 'content-type': "application/x-www-form-urlencoded" }
# conn.request("POST", "https://seistech.auth0.com/oauth/token", payload, headers)
# res = conn.getresponse()
# token = res.read().decode("utf-8")
print(token)
return token['access_token'] #ok to use it without validation
async def login(cls, request):
auth_session = OAuth2Session(cls.CLIENT_ID,
cls.CLIENT_SECRET,
scope=cls.AUTHORIZATION_SCOPE,
redirect_uri=cls.AUTH_REDIRECT_URI)
uri, state = auth_session.create_authorization_url(
cls.AUTHORIZATION_URL)
session = await get_session(request)
session[cls.AUTH_STATE_KEY] = state
raise web.HTTPFound(uri)
def login():
session = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
redirect_uri=AUTH_REDIRECT_URI)
uri, state = session.create_authorization_url(AUTHORIZATION_URL)
# State is used to prevent CSRF, keep this for later.
flask.session[AUTH_STATE_KEY] = state
flask.session.permanent = True
return flask.redirect(uri, code=302)
def login():
if current_user.is_authenticated:
return flask.redirect(url_for('base.index'))
session = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
redirect_uri=AUTH_REDIRECT_URI)
uri, state = session.authorization_url(AUTHORIZATION_URL)
flask.session[AUTH_STATE_KEY] = state
flask.session.permanent = True
return flask.redirect(uri, code=302)
def test_client_credentials_type(self):
url = 'https://example.com/token'
def fake_send(r, **kwargs):
self.assertIn('grant_type=client_credentials', r.body)
resp = mock.MagicMock()
resp.json = lambda: self.token
return resp
sess = OAuth2Session(client_id=self.client_id, client_secret='v')
sess.send = fake_send
token = sess.fetch_access_token(url)
self.assertEqual(token, self.token)
def home():
session = OAuth2Session(k,
s,
scope="profile email",
redirect_uri='http://localhost:5000/second')
uri, state = session.authorization_url(AUTHORIZATION_URL)
flask.session.permanent = True
flask.session["auth_state"] = state
print(flask.session)
return flask.redirect(uri, code=302)
def login():
session = OAuth2Session(CLIENT_ID,
CLIENT_SECRET,
scope=AUTHORIZATION_SCOPE,
redirect_uri=AUTH_REDIRECT_URI)
uri, state = session.create_authorization_url(
AUTHORIZATION_URL,
access_type='offline',
include_granted_scopes='true')
flask.session[AUTH_STATE_KEY] = state
flask.session.permanent = True
return flask.redirect(uri, code=302)
def test_fetch_access_token_with_get(self):
url = 'https://example.com/token'
def fake_send(r, **kwargs):
self.assertIn('code=v', r.url)
self.assertIn('grant_type=authorization_code', r.url)
resp = mock.MagicMock()
resp.json = lambda: self.token
return resp
sess = OAuth2Session(client_id=self.client_id)
sess.send = fake_send
token = sess.fetch_access_token(url, code='v', method='GET')
self.assertEqual(token, self.token)
def test_password_grant_type(self):
url = 'https://example.com/token'
def fake_send(r, **kwargs):
self.assertIn('username=v', r.body)
self.assertIn('grant_type=password', r.body)
resp = mock.MagicMock()
resp.json = lambda: self.token
return resp
sess = OAuth2Session(client_id=self.client_id)
sess.send = fake_send
token = sess.fetch_access_token(url, username='******', password='******')
self.assertEqual(token, self.token)
def refresh_tokens(self, refresh_token):
# Create new session
self.session = OAuth2Session(client_id,
client_secret,
token=tokens,
scope=scope,
redirect_uri=redirect_uri,
state=self.state)
# Refresh tokens
tokens = self.session.refresh_token(
self.access_token_url, refresh_token=self.tokens['refresh_token'])
print('[ OK ] Token refreshed.')
return tokens
