def test_request_body(self): client = LegacyApplicationClient(self.client_id) # Basic, no extra arguments body = client.prepare_request_body(self.username, self.password, body=self.body) self.assertFormBodyEqual(body, self.body_up) # With extra parameters body = client.prepare_request_body(self.username, self.password, body=self.body, **self.kwargs) self.assertFormBodyEqual(body, self.body_kwargs)
def test_prepare_request_body(self): """ see issue #585 https://github.com/oauthlib/oauthlib/issues/585 """ client = LegacyApplicationClient(self.client_id) # scenario 1, default behavior to not include `client_id` r1 = client.prepare_request_body(username=self.username, password=self.password) self.assertIn(r1, ('grant_type=password&username=%s&password=%s' % (self.username, self.password, ), 'grant_type=password&password=%s&username=%s' % (self.password, self.username, ), )) # scenario 2, include `client_id` in the body r2 = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True) r2_params = dict(urlparse.parse_qsl(r2, keep_blank_values=True)) self.assertEqual(len(r2_params.keys()), 4) self.assertEqual(r2_params['grant_type'], 'password') self.assertEqual(r2_params['username'], self.username) self.assertEqual(r2_params['password'], self.password) self.assertEqual(r2_params['client_id'], self.client_id) # scenario 3, include `client_id` + `client_secret` in the body r3 = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True, client_secret=self.client_secret) r3_params = dict(urlparse.parse_qsl(r3, keep_blank_values=True)) self.assertEqual(len(r3_params.keys()), 5) self.assertEqual(r3_params['grant_type'], 'password') self.assertEqual(r3_params['username'], self.username) self.assertEqual(r3_params['password'], self.password) self.assertEqual(r3_params['client_id'], self.client_id) self.assertEqual(r3_params['client_secret'], self.client_secret) # scenario 4, `client_secret` is an empty string r4 = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True, client_secret='') r4_params = dict(urlparse.parse_qsl(r4, keep_blank_values=True)) self.assertEqual(len(r4_params.keys()), 5) self.assertEqual(r4_params['grant_type'], 'password') self.assertEqual(r4_params['username'], self.username) self.assertEqual(r4_params['password'], self.password) self.assertEqual(r4_params['client_id'], self.client_id) self.assertEqual(r4_params['client_secret'], '') # scenario 4b`,` client_secret is `None` r4b = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True, client_secret=None) r4b_params = dict(urlparse.parse_qsl(r4b, keep_blank_values=True)) self.assertEqual(len(r4b_params.keys()), 4) self.assertEqual(r4b_params['grant_type'], 'password') self.assertEqual(r4b_params['username'], self.username) self.assertEqual(r4b_params['password'], self.password) self.assertEqual(r4b_params['client_id'], self.client_id)
class myOAuth(OAuth): def __init__(self, app=None): super(myOAuth, self).__init__(app) self.app = app self.soovii = None def init_app(self, app): super(myOAuth, self).init_app(app) self.soovii = self.remote_app( 'soovii', consumer_key=get_syscfg_val(1), # 平台ID 企业中心提供 consumer_secret=get_syscfg_val(2), # 平台密码 企业中心提供 request_token_params={}, base_url=get_syscfg_val(15) + ":" + get_syscfg_val(6), # 接口地址 request_token_url=None, access_token_method='POST', access_token_url=get_syscfg_val(15) + ":" + get_syscfg_val(6) + get_syscfg_val(3), # 登录接口url authorize_url=get_syscfg_val(15) + ":" + get_syscfg_val(6) + get_syscfg_val(7) # 刷新token ) self.api_client = LegacyApplicationClient(self.soovii.consumer_key) self.soovii.tokengetter(self.get_access_token) def get_access_token(self): if (not hasattr(current_app, "token")): client_credential = ( "%s:%s" % (self.soovii.consumer_key, self.soovii.consumer_secret)) headers = { "Authorization": "Basic " + to_unicode(base64.encodestring( to_bytes(client_credential))).replace("\n", "") } body = self.api_client.prepare_request_body( get_syscfg_val(8), get_syscfg_val(9)) # 对于网址类型的型的项目用户名密码,随意填写,如"soovii", "soovii" resp, content = self.soovii.http_request( self.soovii.access_token_url, headers, to_bytes(body), method="POST") if resp.code not in (200, 201): logger.info('Invalid response') else: dic = json.loads(to_unicode(content)) current_app.token = dic return dic else: return current_app.token
def test_prepare_request_body(self): """ see issue #585 https://github.com/oauthlib/oauthlib/issues/585 """ client = LegacyApplicationClient(self.client_id) # scenario 1, default behavior to not include `client_id` r1 = client.prepare_request_body(username=self.username, password=self.password) self.assertIn(r1, ( 'grant_type=password&username={}&password={}'.format( self.username, self.password), 'grant_type=password&password={}&username={}'.format( self.password, self.username), )) # scenario 2, include `client_id` in the body r2 = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True) r2_params = dict(urlparse.parse_qsl(r2, keep_blank_values=True)) self.assertEqual(len(r2_params.keys()), 4) self.assertEqual(r2_params['grant_type'], 'password') self.assertEqual(r2_params['username'], self.username) self.assertEqual(r2_params['password'], self.password) self.assertEqual(r2_params['client_id'], self.client_id) # scenario 3, include `client_id` + `client_secret` in the body r3 = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True, client_secret=self.client_secret) r3_params = dict(urlparse.parse_qsl(r3, keep_blank_values=True)) self.assertEqual(len(r3_params.keys()), 5) self.assertEqual(r3_params['grant_type'], 'password') self.assertEqual(r3_params['username'], self.username) self.assertEqual(r3_params['password'], self.password) self.assertEqual(r3_params['client_id'], self.client_id) self.assertEqual(r3_params['client_secret'], self.client_secret) # scenario 4, `client_secret` is an empty string r4 = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True, client_secret='') r4_params = dict(urlparse.parse_qsl(r4, keep_blank_values=True)) self.assertEqual(len(r4_params.keys()), 5) self.assertEqual(r4_params['grant_type'], 'password') self.assertEqual(r4_params['username'], self.username) self.assertEqual(r4_params['password'], self.password) self.assertEqual(r4_params['client_id'], self.client_id) self.assertEqual(r4_params['client_secret'], '') # scenario 4b`,` client_secret is `None` r4b = client.prepare_request_body(username=self.username, password=self.password, include_client_id=True, client_secret=None) r4b_params = dict(urlparse.parse_qsl(r4b, keep_blank_values=True)) self.assertEqual(len(r4b_params.keys()), 4) self.assertEqual(r4b_params['grant_type'], 'password') self.assertEqual(r4b_params['username'], self.username) self.assertEqual(r4b_params['password'], self.password) self.assertEqual(r4b_params['client_id'], self.client_id)
client_id = '*****@*****.**' client_secret = 'password' username = '******' password = '******' app.logger.debug(" *** Variables setup ***") # print Config.DEBUG # print OAuthConfig.RAS_FRONTSTAGE_CLIENT_ID # Create an OAuth session. This will handle the send and response http message, and formatting for us. client = LegacyApplicationClient(client_id=client_id) client.prepare_request_body(username=username, password=password, scope=['ci.write', 'ci.read']) oauth = OAuth2Session(client=client) app.logger.debug( " OAuth2 Session has been created for client: {}".format(client_id)) token = oauth.fetch_token(token_url='http://localhost:8000/api/v1/tokens/', username=username, password=password, client_id=client_id, client_secret=client_secret) app.logger.debug(" *** Access Token Granted *** ") app.logger.debug(" Values are: ") for key in token:
class StoreOnceOauth2Session(Requester): # TODO: In case of an update, the tmpfs will be deleted. This is no problem at first sight as a # new "fetch_token" will be triggered, however we should find better place for such tokens. _token_dir = Path(cmk.utils.paths.tmp_dir, "special_agents/agent_storeonce4x") _token_file_suffix = "%s_oAuthToken.json" _refresh_endpoint = "/pml/login/refresh" _token_endpoint = "/pml/login/authenticate" _dt_fmt = "%Y-%m-%d %H:%M:%S.%f" def __init__(self, host: str, port: str, user: str, secret: str, verify_ssl: bool) -> None: self._host = host self._token_file = "%s/%s" % (str( self._token_dir), self._token_file_suffix % self._host) self._port = port self._user = user self._secret = secret self._verify_ssl = verify_ssl if not verify_ssl: urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) # We need to use LegacyClient due to grant_type==password self._client = LegacyApplicationClient(None) self._client.prepare_request_body(username=self._user, password=self._secret) # Check if token file exists, read it & create OAuthSession with it try: self._json_token = self.load_token_file_and_update_expire_in() LOGGER.debug("Loaded token content: %s", self._json_token) self._oauth_session = OAuth2Session( self._user, client=self._client, auto_refresh_url="https://%s:%s%s" % (self._host, self._port, self._refresh_endpoint), token_updater=lambda x: self. store_token_file_and_update_expires_in_abs(to_token_dict(x)), token={ "access_token": self._json_token["access_token"], "refresh_token": self._json_token["refresh_token"], "expires_in": self._json_token["expires_in"], }, ) except (FileNotFoundError, KeyError): LOGGER.debug( "Token file not found or error in token file. Creating new connection." ) self._oauth_session = OAuth2Session( self._user, client=self._client, auto_refresh_url="https://%s:%s%s" % (self._host, self._port, self._refresh_endpoint), token_updater=lambda x: self. store_token_file_and_update_expires_in_abs(to_token_dict(x)), ) # Fetch token token_dict = to_token_dict( self._oauth_session.fetch_token( token_url="https://%s:%s%s" % (self._host, self._port, self._token_endpoint), username=self._user, password=self._secret, verify=self._verify_ssl, )) # Initially create the token file self.store_token_file_and_update_expires_in_abs(token_dict) self._json_token = token_dict def store_token_file_and_update_expires_in_abs( self, token_dict: TokenDict) -> None: if not self._token_dir.exists(): self._token_dir.mkdir(parents=True) # Update expires_in_abs: # we need this to calculate a current "expires_in" (in seconds) token_dict["expires_in_abs"] = self.get_absolute_expire_time( token_dict["expires_in"]) with open(self._token_file, "w") as token_file: json.dump(token_dict, token_file) def load_token_file_and_update_expire_in(self) -> TokenDict: with open(self._token_file, "r") as token_file: token_json = json.load(token_file) # Update expires_in from expires_in_abs expires_in_abs = token_json["expires_in_abs"] expires_in_updated = (dt.datetime.strptime( expires_in_abs, self._dt_fmt, ) - dt.datetime.now()) token_json["expires_in"] = math.floor( expires_in_updated.total_seconds()) return to_token_dict(token_json) def get_absolute_expire_time(self, expires_in: float, expires_in_earlier: int = 20) -> str: """ :param: expires_in_earlier: Will calculate an earlier absolute expire time about its value in [s]. """ # all expires_in are in seconds according to oAuth2 spec now = dt.datetime.now() dt_expires_in = dt.timedelta(0, expires_in) dt_expires_in_earlier = dt.timedelta(0, expires_in_earlier) return dt.datetime.strftime( now + dt_expires_in - dt_expires_in_earlier, self._dt_fmt) def get(self, path: str, parameters: Optional[StringMap] = None) -> Any: url = "https://%s:%s%s" % (self._host, self._port, path) resp = self._oauth_session.request( method="GET", headers={"Accept": "application/json"}, url=url, verify=self._verify_ssl, ) if resp.status_code != 200: LOGGER.warning("Call to %s returned HTTP %s.", url, resp.status_code) return resp.json()