def test_oauth_token(self): tok = OAuthToken( access_token='double', token_type='Bearer', scope='', expires_in=3600, ) tok.user_id = 1 tok.client_id = 2 db.session.add(tok) db.session.commit() assert OAuthToken.query.get((2, 1)) is not None assert OAuthToken.query.get((1, 2)) is None tok = OAuthToken( access_token='double2', token_type='Bearer', scope='', expires_in=3600, ) tok.user_id = 1 tok.client_id = 2 db.session.add(tok) self.assertRaises(IntegrityError, db.session.commit)
def test_update_current_user(self): # prepare token token = OAuthToken( access_token='current-user-access', refresh_token='current-user-refresh', token_type='Bearer', scope='', expires_in=3600, ) token.user_id = 1 token.client_id = 1 db.session.add(token) db.session.commit() rv = self.client.patch( '/api/users/me', data=json.dumps({'description': 'unique_description'}), headers={ 'Authorization': 'Bearer current-user-access', 'Content-Type': 'application/json', }) assert rv.status_code == 401 token.scope = 'user:write' db.session.add(token) db.session.commit() rv = self.client.patch( '/api/users/me', data=json.dumps({'description': 'unique_description'}), headers={ 'Authorization': 'Bearer current-user-access', 'Content-Type': 'application/json', }) assert b'unique_description' in rv.data
def test_update_current_user(self): # prepare token token = OAuthToken( access_token='current-user-access', refresh_token='current-user-refresh', token_type='Bearer', scope='', expires_in=3600, ) token.user_id = 1 token.client_id = 1 db.session.add(token) db.session.commit() rv = self.client.patch('/api/users/me', data=json.dumps({ 'description': 'unique_description' }), headers={ 'Authorization': 'Bearer current-user-access', 'Content-Type': 'application/json', }) assert rv.status_code == 401 token.scope = 'user:write' db.session.add(token) db.session.commit() rv = self.client.patch('/api/users/me', data=json.dumps({ 'description': 'unique_description' }), headers={ 'Authorization': 'Bearer current-user-access', 'Content-Type': 'application/json', }) assert b'unique_description' in rv.data
def get_authorized_header(self, user_id=1, scope=""): # prepare token token = OAuthToken( access_token=gen_salt(10), refresh_token=gen_salt(10), token_type="Bearer", scope=scope, expires_in=3600 ) token.user_id = user_id token.client_id = 1 db.session.add(token) db.session.commit() return {"Authorization": "Bearer %s" % token.access_token, "Content-Type": "application/json"}
def get_authorized_header(self, user_id=1, scope=''): # prepare token token = OAuthToken( access_token=gen_salt(10), refresh_token=gen_salt(10), token_type='Bearer', scope=scope, expires_in=3600, ) token.user_id = user_id token.client_id = 1 db.session.add(token) db.session.commit() return { 'Authorization': 'Bearer %s' % token.access_token, 'Content-Type': 'application/json', }