def oauth_client_B(app, request, db_session): """ Create a second, different OAuth2 (confidential) client and add it to the database along with a test user for the client. """ url = "https://oauth-test-client-B.net" client_id = "test-client-B" client_secret = fence.utils.random_str(50) hashed_secret = bcrypt.hashpw(client_secret.encode("utf-8"), bcrypt.gensalt()).decode("utf-8") test_user = db_session.query( models.User).filter_by(username="******").first() if not test_user: test_user = models.User(username="******", is_admin=False) db_session.add(test_user) db_session.add( models.Client( client_id=client_id, client_secret=hashed_secret, user=test_user, allowed_scopes=["openid", "user", "fence"], redirect_uris=[url], description="", is_confidential=True, name="testclientb", grant_types=["authorization_code", "refresh_token"], )) db_session.commit() return Dict(client_id=client_id, client_secret=client_secret, url=url)
def oauth_client_B(app, request, db_session): """ Create a second, different OAuth2 client and add it to the database along with a test user for the client. """ url = 'https://oauth-test-client-B.net' client_id = 'test-client-B' client_secret = fence.utils.random_str(50) hashed_secret = bcrypt.hashpw(client_secret, bcrypt.gensalt()) test_user = ( db_session .query(models.User) .filter_by(username='******') .first() ) if not test_user: test_user = models.User(username='******', is_admin=False) db_session.add(test_user) db_session.add(models.Client( client_id=client_id, client_secret=hashed_secret, user=test_user, allowed_scopes=['openid', 'user'], _redirect_uris=url, description='', is_confidential=True, name='testclientb' )) db_session.commit() return Dict(client_id=client_id, client_secret=client_secret, url=url)
def fence_oauth_client(app, db_session, oauth_user, fence_oauth_client_url): """ Register an OAuth client for a new fence instance to use as an oauth client of another fence instance. """ client_id = 'fence_instance' client_secret = fence.utils.random_str(50) hashed_secret = bcrypt.hashpw(client_secret, bcrypt.gensalt()) test_user = ( db_session .query(models.User) .filter_by(id=oauth_user.user_id) .first() ) db_session.add(models.Client( client_id=client_id, client_secret=hashed_secret, user=test_user, allowed_scopes=['openid', 'user'], _redirect_uris=fence_oauth_client_url, description='', is_confidential=True, name='fence_oauth_client' )) db_session.commit() return Dict( client_id=client_id, client_secret=client_secret, url=fence_oauth_client_url )
def oauth_client(app, db_session, oauth_user): """ Create a confidential OAuth2 client and add it to the database along with a test user for the client. """ url = "https://oauth-test-client.net" client_id = "test-client" client_secret = fence.utils.random_str(50) hashed_secret = bcrypt.hashpw(client_secret, bcrypt.gensalt()) test_user = db_session.query( models.User).filter_by(id=oauth_user.user_id).first() db_session.add( models.Client( client_id=client_id, client_secret=hashed_secret, user=test_user, allowed_scopes=["openid", "user", "fence"], redirect_uris=[url], description="", is_confidential=True, name="testclient", grant_types=["authorization_code", "refresh_token"], )) db_session.commit() return Dict(client_id=client_id, client_secret=client_secret, url=url)
def fence_oauth_client(app, db_session, oauth_user, fence_oauth_client_url): """ Register an OAuth client for a new fence instance to use as an oauth client of another fence instance. """ client_id = "fence_instance" client_secret = fence.utils.random_str(50) hashed_secret = bcrypt.hashpw(client_secret, bcrypt.gensalt()) test_user = db_session.query( models.User).filter_by(id=oauth_user.user_id).first() db_session.add( models.Client( client_id=client_id, client_secret=hashed_secret, user=test_user, allowed_scopes=["openid", "user"], redirect_uris=fence_oauth_client_url, description="", is_confidential=True, name="fence_oauth_client", )) # FIXME: If this is added back, # tests/multi_tenant/test_multi_tenant.py::test_redirect_from_oauth # will hang on a postgres command during db migration scripts # (specifically "ALTER TABLE client ALTER COLUMN client_secret DROP NOT NULL") # NOTE: It seems like there's a transaction in postgres that isn't complete by the # time that ALTER comes around. and then that ALTER deadlocks with the # other transaction somehow. :tableflip: # Tests still pass without this code so... :shrug: # db_session.commit() return Dict(client_id=client_id, client_secret=client_secret, url=fence_oauth_client_url)
def oauth_client_public(app, db_session, oauth_user): """ Create a public OAuth2 client. """ url = "https://oauth-test-client-public.net" client_id = "test-client-public" test_user = db_session.query( models.User).filter_by(id=oauth_user.user_id).first() db_session.add( models.Client( client_id=client_id, user=test_user, allowed_scopes=["openid", "user", "fence"], redirect_uris=[url], description="", is_confidential=False, name="testclient-public", grant_types=["authorization_code", "refresh_token"], )) db_session.commit() return Dict(client_id=client_id, url=url)
def oauth_client(app, db_session, oauth_user): """ Create a confidential OAuth2 client and add it to the database along with a test user for the client. """ url = 'https://oauth-test-client.net' client_id = 'test-client' client_secret = fence.utils.random_str(50) hashed_secret = bcrypt.hashpw(client_secret, bcrypt.gensalt()) test_user = ( db_session .query(models.User) .filter_by(id=oauth_user.user_id) .first() ) db_session.add(models.Client( client_id=client_id, client_secret=hashed_secret, user=test_user, allowed_scopes=['openid', 'user'], _redirect_uris=url, description='', is_confidential=True, name='testclient' )) db_session.commit() return Dict(client_id=client_id, client_secret=client_secret, url=url)