def test_load(self): token = Token.generate(self.user.api_key) self.assertIsInstance(token, Token) self.assertIsNone(token.user) """ Before approving """ # Load with token token1 = Token.load(token.token) self.assertIsNone(token1.user) self.assertDictEqual(token1.__dict__, token.__dict__) # Load with token & api_key token2 = Token.load(token.token, token.api_key) self.assertIsNone(token2.user) self.assertDictEqual(token2.__dict__, token.__dict__) token.approve(self.user.name) """ After approving the token """ # Load with token token1 = Token.load(token.token) self.assertIsInstance(token1.user, User) self.assertDictEqual(token1.user.__dict__, token.user.__dict__) token_user = token.user token.user, token1.user = None, None self.assertDictEqual(token1.__dict__, token.__dict__) token.user = token_user # Load with token & api_key token2 = Token.load(token.token, token.api_key) self.assertIsInstance(token2.user, User) self.assertDictEqual(token2.user.__dict__, token.user.__dict__) token.user, token1.user = None, None self.assertDictEqual(token1.__dict__, token.__dict__)
def api_auth_approve(): """ Authenticate the user token provided. """ user = User.load_by_name(current_user.musicbrainz_id) if "token" not in request.form: return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg="Missing required parameters. Please provide correct parameters and try again." ) token = Token.load(request.form['token']) if not token: return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg="Either this token is already used or invalid. Please try again." ) if token.user: return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg="This token is already approved. Please check the token and try again." ) if token.has_expired(): return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg="This token has expired. Please create a new token and try again." ) token.approve(user.name) return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg="Token %s approved for user %s, press continue in client." % (token.token, current_user.musicbrainz_id) )
def get_session(request, data): """ Create new session after validating the API_key and token. """ output_format = data.get('format', 'xml') try: api_key = data['api_key'] token = Token.load(data['token'], api_key) except KeyError: raise InvalidAPIUsage(CompatError.INVALID_PARAMETERS, output_format=output_format) # Missing Required Params if not token: if not Token.is_valid_api_key(api_key): raise InvalidAPIUsage(CompatError.INVALID_API_KEY, output_format=output_format) # Invalid API_key raise InvalidAPIUsage(CompatError.INVALID_TOKEN, output_format=output_format) # Invalid token if token.has_expired(): raise InvalidAPIUsage(CompatError.TOKEN_EXPIRED, output_format=output_format) # Token expired if not token.user: raise InvalidAPIUsage(CompatError.UNAUTHORIZED_TOKEN, output_format=output_format) # Unauthorized token session = Session.create(token) doc, tag, text = Doc().tagtext() with tag('lfm', status='ok'): with tag('session'): with tag('name'): text(session.user.name) with tag('key'): text(session.sid) with tag('subscriber'): text('0') return format_response('<?xml version="1.0" encoding="utf-8"?>\n' + yattag.indent(doc.getvalue()), data.get('format', "xml"))
def test_get_token(self): """ Tests if the token generated by get_token method is valid. """ data = { 'method': 'auth.gettoken', 'api_key': self.lfm_user.api_key, } r = self.client.post(url_for('api_compat.api_methods'), data=data) self.assert200(r) response = xmltodict.parse(r.data) self.assertEqual(response['lfm']['@status'], 'ok') token = Token.load(response['lfm']['token'], api_key=self.lfm_user.api_key) self.assertIsNotNone(token)
def get_session(request, data): """ Create new session after validating the API_key and token. """ output_format = data.get('format', 'xml') try: api_key = data['api_key'] token = Token.load(data['token'], api_key) except KeyError: raise InvalidAPIUsage( CompatError.INVALID_PARAMETERS, output_format=output_format) # Missing Required Params if not token: if not Token.is_valid_api_key(api_key): raise InvalidAPIUsage( CompatError.INVALID_API_KEY, output_format=output_format) # Invalid API_key raise InvalidAPIUsage(CompatError.INVALID_TOKEN, output_format=output_format) # Invalid token if token.has_expired(): raise InvalidAPIUsage(CompatError.TOKEN_EXPIRED, output_format=output_format) # Token expired if not token.user: raise InvalidAPIUsage( CompatError.UNAUTHORIZED_TOKEN, output_format=output_format) # Unauthorized token session = Session.create(token) doc, tag, text = Doc().tagtext() with tag('lfm', status='ok'): with tag('session'): with tag('name'): text(session.user.name) with tag('key'): text(session.sid) with tag('subscriber'): text('0') return format_response( '<?xml version="1.0" encoding="utf-8"?>\n' + yattag.indent(doc.getvalue()), data.get('format', "xml"))
def api_auth_approve(): """ Authenticate the user token provided. """ user = User.load_by_name(current_user.musicbrainz_id) if "token" not in request.form: return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg= "Missing required parameters. Please provide correct parameters and try again." ) token = Token.load(request.form['token']) if not token: return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg= "Either this token is already used or invalid. Please try again.") if token.user: return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg= "This token is already approved. Please check the token and try again." ) if token.has_expired(): return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg= "This token has expired. Please create a new token and try again.") token.approve(user.name) return render_template( "user/auth.html", user_id=current_user.musicbrainz_id, msg="Token %s approved for user %s, press continue in client." % (token.token, current_user.musicbrainz_id))