diff options
| author | Ib Lundgren <ib.lundgren@gmail.com> | 2013-06-18 21:23:57 +0100 |
|---|---|---|
| committer | Ib Lundgren <ib.lundgren@gmail.com> | 2013-06-18 21:23:57 +0100 |
| commit | 6a634e0fe9abf14058e56749ecfa27db1c6b1732 (patch) | |
| tree | 5b88291c45b288abcd7977b51ca19df349b864a6 | |
| parent | 012deaf43189fb94a5b7a392ccfb6c15acb03d1e (diff) | |
| download | oauthlib-6a634e0fe9abf14058e56749ecfa27db1c6b1732.tar.gz | |
Authorization endpoint. #95
| -rw-r--r-- | oauthlib/oauth1/rfc5849/endpoints/authorization.py | 66 | ||||
| -rw-r--r-- | tests/oauth1/rfc5849/endpoints/test_authorization.py | 45 |
2 files changed, 111 insertions, 0 deletions
diff --git a/oauthlib/oauth1/rfc5849/endpoints/authorization.py b/oauthlib/oauth1/rfc5849/endpoints/authorization.py new file mode 100644 index 0000000..672863b --- /dev/null +++ b/oauthlib/oauth1/rfc5849/endpoints/authorization.py @@ -0,0 +1,66 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import, unicode_literals + +""" +oauthlib.oauth1.rfc5849 +~~~~~~~~~~~~~~ + +This module is an implementation of various logic needed +for signing and checking OAuth 1.0 RFC 5849 requests. +""" + +from oauthlib.common import Request, add_params_to_uri + +from .base import BaseEndpoint +from .. import errors + + +class AuthorizationEndpoint(BaseEndpoint): + + def create_verifier(self, request, credentials): + verifier = { + 'oauth_token': request.oauth_token, + 'oauth_verifier': self.token_generator(), + } + verifier.update(credentials) + self.request_validator.save_verifier( + request.oauth_token, verifier, request) + return verifier + + def create_authorization_response(self, uri, http_method='GET', body=None, + headers=None, realms=None, credentials=None): + request = Request(uri, http_method=http_method, body=body, + headers=headers) + + if not self.request_validator.verify_request_token( + request.oauth_token, request): + raise errors.InvalidClientError() + if not request.oauth_token: + raise NotImplementedError('request.oauth_token must be set after ' + 'request token verification.') + + request.realms = realms + if (request.realms and not self.request_validator.verify_realms( + request.oauth_token, request.realms, request)): + raise errors.InvalidRequestError( + description=('User granted access to realms outside of ' + 'what the client may request.')) + + redirect_uri = self.request_validator.get_redirect_uri( + request.oauth_token, request) + verifier = self.create_verifier(request, credentials or {}) + uri = add_params_to_uri(redirect_uri, verifier.items()) + return uri, {}, None, 301 + + def get_realms_and_credentials(self, uri, http_method='GET', body=None, + headers=None): + request = Request(uri, http_method=http_method, body=body, + headers=headers) + + if not self.request_validator.verify_request_token( + request.oauth_token, request): + raise errors.InvalidClientError() + + realms = self.request_validator.get_realms( + request.oauth_token, request) + return realms, {'resource_owner_key': request.oauth_token} diff --git a/tests/oauth1/rfc5849/endpoints/test_authorization.py b/tests/oauth1/rfc5849/endpoints/test_authorization.py new file mode 100644 index 0000000..1e00434 --- /dev/null +++ b/tests/oauth1/rfc5849/endpoints/test_authorization.py @@ -0,0 +1,45 @@ +from __future__ import unicode_literals, absolute_import + +from mock import MagicMock +from ....unittest import TestCase + +from oauthlib.oauth1 import RequestValidator +from oauthlib.oauth1.rfc5849 import errors +from oauthlib.oauth1.rfc5849.endpoints import AuthorizationEndpoint + + +class ResourceEndpointTest(TestCase): + + def setUp(self): + self.validator = MagicMock(wraps=RequestValidator()) + self.validator.verify_request_token.return_value = True + self.validator.verify_realms.return_value = True + self.validator.get_realms.return_value = ['test'] + self.validator.get_redirect_uri.return_value = 'https://c.b/cb' + self.validator.save_verifier = MagicMock() + self.endpoint = AuthorizationEndpoint(self.validator) + self.uri = 'https://i.b/authorize?oauth_token=foo' + + def test_get_realms_and_credentials(self): + realms, credentials = self.endpoint.get_realms_and_credentials(self.uri) + self.assertEqual(realms, ['test']) + + def test_verify_token(self): + self.validator.verify_request_token.return_value = False + self.assertRaises(errors.InvalidClientError, + self.endpoint.get_realms_and_credentials, self.uri) + self.assertRaises(errors.InvalidClientError, + self.endpoint.create_authorization_response, self.uri) + + def test_verify_realms(self): + self.validator.verify_realms.return_value = False + self.assertRaises(errors.InvalidRequestError, + self.endpoint.create_authorization_response, + self.uri, + realms=['bar']) + + def test_create_authorization_response(self): + u, h, b, s = self.endpoint.create_authorization_response(self.uri) + self.assertEqual(s, 301) + self.assertTrue(u.startswith('https://c.b/cb')) + self.assertIn('oauth_verifier', u) |