当前位置: 首页>>代码示例>>Python>>正文


Python WebApplicationServer.create_token_response方法代码示例

本文整理汇总了Python中oauthlib.oauth2.WebApplicationServer.create_token_response方法的典型用法代码示例。如果您正苦于以下问题:Python WebApplicationServer.create_token_response方法的具体用法?Python WebApplicationServer.create_token_response怎么用?Python WebApplicationServer.create_token_response使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在oauthlib.oauth2.WebApplicationServer的用法示例。


在下文中一共展示了WebApplicationServer.create_token_response方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: ExtraCredentialsTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class ExtraCredentialsTest(TestCase):

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = 'https://i.b/cb'
        self.web = WebApplicationServer(self.validator)
        self.mobile = MobileApplicationServer(self.validator)
        self.legacy = LegacyApplicationServer(self.validator)
        self.backend = BackendApplicationServer(self.validator)

    def test_post_authorization_request(self):
        def save_code(client_id, token, request):
            self.assertEqual('creds', request.extra)

        def save_token(token, request):
            self.assertEqual('creds', request.extra)

        # Authorization code grant
        self.validator.save_authorization_code.side_effect = save_code
        self.web.create_authorization_response(
                'https://i.b/auth?client_id=foo&response_type=code',
                scopes=['foo'],
                credentials={'extra': 'creds'})

        # Implicit grant
        self.validator.save_bearer_token.side_effect = save_token
        self.mobile.create_authorization_response(
                'https://i.b/auth?client_id=foo&response_type=token',
                scopes=['foo'],
                credentials={'extra': 'creds'})

    def test_token_request(self):
        def save_token(token, request):
            self.assertIn('extra', token)

        self.validator.save_bearer_token.side_effect = save_token
        self.validator.authenticate_client.side_effect = self.set_client

        # Authorization code grant
        self.web.create_token_response('https://i.b/token',
                body='grant_type=authorization_code&code=foo',
                credentials={'extra': 'creds'})

        # Password credentials grant
        self.legacy.create_token_response('https://i.b/token',
                body='grant_type=password&username=foo&password=bar',
                credentials={'extra': 'creds'})

        # Client credentials grant
        self.backend.create_token_response('https://i.b/token',
                body='grant_type=client_credentials',
                credentials={'extra': 'creds'})
开发者ID:idan,项目名称:oauthlib,代码行数:59,代码来源:test_extra_credentials.py

示例2: WebRefreshHandler

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class WebRefreshHandler(tornado.web.RequestHandler):
    def initialize(self):
        # 初始化 oauth2 后端服务
        self._refresh_endpoint = WebApplicationServer(WebValidator())
        self._error_uri = self.reverse_url('web-error')

    def post(self, *args, **kwargs):
        uri, http_method, body, headers = extract_params(self.request)

        try:
            headers, body, status = self._refresh_endpoint.create_token_response(
                uri, http_method, body, headers)
        except errors.FatalClientError as e:
            logger.error(e)
            self.redirect(self._error_uri)
        except errors.OAuth2Error as e:
            logger.error(e)
            self.redirect(self._error_uri)
        self.set_header('Content-Type', 'application/json')
        self.finish(body)
开发者ID:xhfeng,项目名称:Tornado-OAuth2,代码行数:22,代码来源:views.py

示例3: PreservationTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class PreservationTest(TestCase):

    DEFAULT_REDIRECT_URI = 'http://i.b./path'

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = self.DEFAULT_REDIRECT_URI
        self.validator.authenticate_client.side_effect = self.set_client
        self.web = WebApplicationServer(self.validator)
        self.mobile = MobileApplicationServer(self.validator)

    def set_state(self, state):
        def set_request_state(client_id, code, client, request):
            request.state = state
            return True
        return set_request_state

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def test_state_preservation(self):
        auth_uri = 'http://example.com/path?state=xyz&client_id=abc&response_type='
        token_uri = 'http://example.com/path'

        # authorization grant
        h, _, s = self.web.create_authorization_response(
                auth_uri + 'code', scopes=['random'])
        self.assertEqual(s, 302)
        self.assertIn('Location', h)
        code = get_query_credentials(h['Location'])['code'][0]
        self.validator.validate_code.side_effect = self.set_state('xyz')
        _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['state'], 'xyz')

        # implicit grant
        h, _, s = self.mobile.create_authorization_response(
                auth_uri + 'token', scopes=['random'])
        self.assertEqual(s, 302)
        self.assertIn('Location', h)
        self.assertEqual(get_fragment_credentials(h['Location'])['state'][0], 'xyz')

    def test_redirect_uri_preservation(self):
        auth_uri = 'http://example.com/path?redirect_uri=http%3A%2F%2Fi.b%2Fpath&client_id=abc'
        redirect_uri = 'http://i.b/path'
        token_uri = 'http://example.com/path'

        # authorization grant
        h, _, s = self.web.create_authorization_response(
                auth_uri + '&response_type=code', scopes=['random'])
        self.assertEqual(s, 302)
        self.assertIn('Location', h)
        self.assertTrue(h['Location'].startswith(redirect_uri))

        # confirm_redirect_uri should return false if the redirect uri
        # was given in the authorization but not in the token request.
        self.validator.confirm_redirect_uri.return_value = False
        code = get_query_credentials(h['Location'])['code'][0]
        _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['error'], 'invalid_request')

        # implicit grant
        h, _, s = self.mobile.create_authorization_response(
                auth_uri + '&response_type=token', scopes=['random'])
        self.assertEqual(s, 302)
        self.assertIn('Location', h)
        self.assertTrue(h['Location'].startswith(redirect_uri))

    def test_invalid_redirect_uri(self):
        auth_uri = 'http://example.com/path?redirect_uri=http%3A%2F%2Fi.b%2Fpath&client_id=abc'
        self.validator.validate_redirect_uri.return_value = False

        # authorization grant
        self.assertRaises(errors.MismatchingRedirectURIError,
                self.web.create_authorization_response,
                auth_uri + '&response_type=code', scopes=['random'])

        # implicit grant
        self.assertRaises(errors.MismatchingRedirectURIError,
                self.mobile.create_authorization_response,
                auth_uri + '&response_type=token', scopes=['random'])

    def test_default_uri(self):
        auth_uri = 'http://example.com/path?state=xyz&client_id=abc'

        self.validator.get_default_redirect_uri.return_value = None

        # authorization grant
        self.assertRaises(errors.MissingRedirectURIError,
                self.web.create_authorization_response,
                auth_uri + '&response_type=code', scopes=['random'])

        # implicit grant
        self.assertRaises(errors.MissingRedirectURIError,
                self.mobile.create_authorization_response,
                auth_uri + '&response_type=token', scopes=['random'])
开发者ID:skion,项目名称:oauthlib-oidc,代码行数:101,代码来源:test_credentials_preservation.py

示例4: ClientAuthenticationTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class ClientAuthenticationTest(TestCase):

    def inspect_client(self, request, refresh_token=False):
        if not request.client or not request.client.client_id:
            raise ValueError()
        return 'abc'

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = 'http://i.b./path'
        self.web = WebApplicationServer(self.validator,
                token_generator=self.inspect_client)
        self.mobile = MobileApplicationServer(self.validator,
                token_generator=self.inspect_client)
        self.legacy = LegacyApplicationServer(self.validator,
                token_generator=self.inspect_client)
        self.backend = BackendApplicationServer(self.validator,
                token_generator=self.inspect_client)

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def set_client_id(self, client_id, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def set_username(self, username, password, client, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def test_client_id_authentication(self):
        token_uri = 'http://example.com/path'

        # authorization code grant
        self.validator.authenticate_client.return_value = False
        self.validator.authenticate_client_id.return_value = False
        _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=mock')
        self.assertEqual(json.loads(body)['error'], 'invalid_client')

        self.validator.authenticate_client_id.return_value = True
        self.validator.authenticate_client.side_effect = self.set_client
        _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=mock')
        self.assertIn('access_token', json.loads(body))

        # implicit grant
        auth_uri = 'http://example.com/path?client_id=abc&response_type=token'
        self.assertRaises(ValueError, self.mobile.create_authorization_response,
                auth_uri, scopes=['random'])

        self.validator.validate_client_id.side_effect = self.set_client_id
        h, _, s = self.mobile.create_authorization_response(auth_uri, scopes=['random'])
        self.assertEqual(302, s)
        self.assertIn('Location', h)
        self.assertIn('access_token', get_fragment_credentials(h['Location']))

    def test_custom_authentication(self):
        token_uri = 'http://example.com/path'

        # authorization code grant
        self.assertRaises(NotImplementedError,
                self.web.create_token_response, token_uri,
                body='grant_type=authorization_code&code=mock')

        # password grant
        self.validator.authenticate_client.return_value = True
        self.assertRaises(NotImplementedError,
                self.legacy.create_token_response, token_uri,
                body='grant_type=password&username=abc&password=secret')

        # client credentials grant
        self.validator.authenticate_client.return_value = True
        self.assertRaises(NotImplementedError,
                self.backend.create_token_response, token_uri,
                body='grant_type=client_credentials')
开发者ID:Bachmann1234,项目名称:oauthlib,代码行数:82,代码来源:test_client_authentication.py

示例5: ResourceOwnerAssociationTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class ResourceOwnerAssociationTest(TestCase):

    auth_uri = 'http://example.com/path?client_id=abc'
    token_uri = 'http://example.com/path'

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def set_user(self, client_id, code, client, request):
        request.user = 'test'
        return True

    def set_user_from_username(self, username, password, client, request):
        request.user = 'test'
        return True

    def set_user_from_credentials(self, request):
        request.user = 'test'
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def inspect_client(self, request, refresh_token=False):
        if not request.user:
            raise ValueError()
        return 'abc'

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = 'http://i.b./path'
        self.validator.authenticate_client.side_effect = self.set_client
        self.web = WebApplicationServer(self.validator,
                token_generator=self.inspect_client)
        self.mobile = MobileApplicationServer(self.validator,
                token_generator=self.inspect_client)
        self.legacy = LegacyApplicationServer(self.validator,
                token_generator=self.inspect_client)
        self.backend = BackendApplicationServer(self.validator,
                token_generator=self.inspect_client)

    def test_web_application(self):
        # TODO: code generator + intercept test
        uri, _, _, _ = self.web.create_authorization_response(
                self.auth_uri + '&response_type=code',
                credentials={'user': 'test'})
        code = get_query_credentials(uri)['code'][0]
        self.assertRaises(ValueError,
                self.web.create_token_response, self.token_uri,
                body='grant_type=authorization_code&code=%s' % code)

        self.validator.validate_code.side_effect = self.set_user
        _, _, body, _ = self.web.create_token_response(self.token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['access_token'], 'abc')

    def test_mobile_application(self):
        self.assertRaises(ValueError,
                self.mobile.create_authorization_response,
                self.auth_uri + '&response_type=token')

        uri, _, _, _ = self.mobile.create_authorization_response(
                self.auth_uri + '&response_type=token',
                credentials={'user': 'test'})
        self.assertEqual(get_fragment_credentials(uri)['access_token'][0], 'abc')

    def test_legacy_application(self):
        body = 'grant_type=password&username=abc&password=secret'
        self.assertRaises(ValueError,
                self.legacy.create_token_response,
                self.token_uri, body=body)

        self.validator.validate_user.side_effect = self.set_user_from_username
        _, _, body, _ = self.legacy.create_token_response(
                self.token_uri, body=body)
        self.assertEqual(json.loads(body)['access_token'], 'abc')

    def test_backend_application(self):
        body = 'grant_type=client_credentials'
        self.assertRaises(ValueError,
                self.backend.create_token_response,
                self.token_uri, body=body)

        self.validator.authenticate_client.side_effect = self.set_user_from_credentials
        _, _, body, _ = self.backend.create_token_response(
                self.token_uri, body=body)
        self.assertEqual(json.loads(body)['access_token'], 'abc')
开发者ID:seatme,项目名称:oauthlib,代码行数:90,代码来源:test_servers.py

示例6: TestScopeHandling

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class TestScopeHandling(TestCase):

    DEFAULT_REDIRECT_URI = 'http://i.b./path'

    def set_scopes(self, scopes):
        def set_request_scopes(client_id, code, client, request):
            request.scopes = scopes
            return True
        return set_request_scopes

    def set_user(self, request):
        request.user = 'foo'
        request.client_id = 'bar'
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = TestScopeHandling.DEFAULT_REDIRECT_URI
        self.validator.authenticate_client.side_effect = self.set_client
        self.web = WebApplicationServer(self.validator)
        self.mobile = MobileApplicationServer(self.validator)
        self.legacy = LegacyApplicationServer(self.validator)
        self.backend = BackendApplicationServer(self.validator)

    def test_scope_extraction(self):
        scopes = (
            ('images', ['images']),
            ('images+videos', ['images', 'videos']),
            ('http%3A%2f%2fa.b%2fvideos', ['http://a.b/videos']),
            ('http%3A%2f%2fa.b%2fvideos+pics', ['http://a.b/videos', 'pics']),
            ('pics+http%3A%2f%2fa.b%2fvideos', ['pics', 'http://a.b/videos']),
            ('http%3A%2f%2fa.b%2fvideos+https%3A%2f%2fc.d%2Fsecret', ['http://a.b/videos', 'https://c.d/secret']),
        )

        uri = 'http://example.com/path?client_id=abc&scope=%s&response_type=%s'
        for scope, correct_scopes in scopes:
            scopes, _ = self.web.validate_authorization_request(
                    uri % (scope, 'code'))
            self.assertItemsEqual(scopes, correct_scopes)
            scopes, _ = self.mobile.validate_authorization_request(
                    uri % (scope, 'token'))
            self.assertItemsEqual(scopes, correct_scopes)

    def test_scope_preservation(self):
        scope = 'pics+http%3A%2f%2fa.b%2fvideos'
        correct_scope = 'pics http%3A%2f%2fa.b%2fvideos'
        decoded_scope = 'pics http://a.b/videos'
        scopes = ['pics', 'http%3A%2f%2fa.b%2fvideos']
        auth_uri = 'http://example.com/path?client_id=abc&scope=%s&%s'
        token_uri = 'http://example.com/path'

        # authorization grant
        uri, _, _, _ = self.web.create_authorization_response(
                auth_uri % (scope, 'response_type=code'))
        self.validator.validate_code.side_effect = self.set_scopes(scopes)
        code = get_query_credentials(uri)['code'][0]
        _, _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['scope'], correct_scope)

        # implicit grant
        uri, _, _, _ = self.mobile.create_authorization_response(
                auth_uri % (scope, 'response_type=token'))
        self.assertEqual(get_fragment_credentials(uri)['scope'][0], decoded_scope)

        # resource owner password credentials grant
        body = 'grant_type=password&username=abc&password=secret&scope=%s'
        _, _, body, _ = self.legacy.create_token_response(token_uri,
                body=body % scope)
        self.assertEqual(json.loads(body)['scope'], decoded_scope)

        # client credentials grant
        body = 'grant_type=client_credentials&scope=%s'
        self.validator.authenticate_client.side_effect = self.set_user
        _, _, body, _ = self.backend.create_token_response(token_uri,
                body=body % scope)
        self.assertEqual(json.loads(body)['scope'], decoded_scope)

    def test_scope_changed(self):
        scope = 'pics+http%3A%2f%2fa.b%2fvideos'
        scopes = ['images', 'http://a.b/videos']
        decoded_scope = 'images http://a.b/videos'
        auth_uri = 'http://example.com/path?client_id=abc&scope=%s&%s'
        token_uri = 'http://example.com/path'

        # authorization grant
        uri, _, _, _ = self.web.create_authorization_response(
                auth_uri % (scope, 'response_type=code'))
        code = get_query_credentials(uri)['code'][0]
        self.validator.validate_code.side_effect = self.set_scopes(scopes)
        _, _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['scope'], decoded_scope)
#.........这里部分代码省略.........
开发者ID:seatme,项目名称:oauthlib,代码行数:103,代码来源:test_servers.py

示例7: ErrorResponseTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]

#.........这里部分代码省略.........
                self.web.validate_authorization_request, uri)
        self.assertRaises(errors.InvalidClientIdError,
                self.web.create_authorization_response, uri, scopes=['foo'])

        # Implicit grant
        self.assertRaises(errors.InvalidClientIdError,
                self.mobile.validate_authorization_request, uri)
        self.assertRaises(errors.InvalidClientIdError,
                self.mobile.create_authorization_response, uri, scopes=['foo'])

    def test_invalid_request(self):
        self.validator.get_default_redirect_uri.return_value = 'https://i.b/cb'
        token_uri = 'https://i.b/token'
        invalid_uris = [
            # Duplicate parameters
            'https://i.b/auth?client_id=foo&client_id=bar&response_type={0}',
            # Missing response type
            'https://i.b/auth?client_id=foo',
        ]

        # Authorization code grant
        for uri in invalid_uris:
            self.assertRaises(errors.InvalidRequestError,
                    self.web.validate_authorization_request,
                    uri.format('code'))
            url, _, _, _ = self.web.create_authorization_response(
                    uri.format('code'), scopes=['foo'])
            self.assertIn('error=invalid_request', url)
        invalid_bodies = [
            # duplicate params
            'grant_type=authorization_code&client_id=nope&client_id=nope&code=foo'
        ]
        for body in invalid_bodies:
            _, _, body, _ = self.web.create_token_response(token_uri,
                    body=body)
            self.assertEqual('invalid_request', json.loads(body)['error'])

        # Implicit grant
        for uri in invalid_uris:
            self.assertRaises(errors.InvalidRequestError,
                    self.mobile.validate_authorization_request,
                    uri.format('token'))
            url, _, _, _ = self.mobile.create_authorization_response(
                    uri.format('token'), scopes=['foo'])
            self.assertIn('error=invalid_request', url)

        # Password credentials grant
        invalid_bodies = [
            # duplicate params
            'grant_type=password&username=foo&username=bar&password=baz'
            # missing username
            'grant_type=password&password=baz'
            # missing password
            'grant_type=password&username=foo'
        ]
        self.validator.authenticate_client.side_effect = self.set_client
        for body in invalid_bodies:
            _, _, body, _ = self.legacy.create_token_response(token_uri,
                    body=body)
            self.assertEqual('invalid_request', json.loads(body)['error'])

        # Client credentials grant
        invalid_bodies = [
            # duplicate params
            'grant_type=client_credentials&scope=foo&scope=bar'
        ]
开发者ID:Ryan-K,项目名称:oauthlib,代码行数:70,代码来源:test_servers.py

示例8: PreservationTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]
class PreservationTest(TestCase):

    DEFAULT_REDIRECT_URI = "http://i.b./path"

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = self.DEFAULT_REDIRECT_URI
        self.validator.authenticate_client.side_effect = self.set_client
        self.web = WebApplicationServer(self.validator)
        self.mobile = MobileApplicationServer(self.validator)

    def set_state(self, state):
        def set_request_state(client_id, code, client, request):
            request.state = state
            return True

        return set_request_state

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = "mocked"
        return True

    def test_state_preservation(self):
        auth_uri = "http://example.com/path?state=xyz&client_id=abc&response_type="
        token_uri = "http://example.com/path"

        # authorization grant
        h, _, s = self.web.create_authorization_response(auth_uri + "code", scopes=["random"])
        self.assertEqual(s, 302)
        self.assertIn("Location", h)
        code = get_query_credentials(h["Location"])["code"][0]
        self.validator.validate_code.side_effect = self.set_state("xyz")
        _, body, _ = self.web.create_token_response(token_uri, body="grant_type=authorization_code&code=%s" % code)
        self.assertEqual(json.loads(body)["state"], "xyz")

        # implicit grant
        h, _, s = self.mobile.create_authorization_response(auth_uri + "token", scopes=["random"])
        self.assertEqual(s, 302)
        self.assertIn("Location", h)
        self.assertEqual(get_fragment_credentials(h["Location"])["state"][0], "xyz")

    def test_redirect_uri_preservation(self):
        auth_uri = "http://example.com/path?redirect_uri=http%3A%2F%2Fi.b%2Fpath&client_id=abc"
        redirect_uri = "http://i.b/path"
        token_uri = "http://example.com/path"

        # authorization grant
        h, _, s = self.web.create_authorization_response(auth_uri + "&response_type=code", scopes=["random"])
        self.assertEqual(s, 302)
        self.assertIn("Location", h)
        self.assertTrue(h["Location"].startswith(redirect_uri))

        # confirm_redirect_uri should return false if the redirect uri
        # was given in the authorization but not in the token request.
        self.validator.confirm_redirect_uri.return_value = False
        code = get_query_credentials(h["Location"])["code"][0]
        _, body, _ = self.web.create_token_response(token_uri, body="grant_type=authorization_code&code=%s" % code)
        self.assertEqual(json.loads(body)["error"], "access_denied")

        # implicit grant
        h, _, s = self.mobile.create_authorization_response(auth_uri + "&response_type=token", scopes=["random"])
        self.assertEqual(s, 302)
        self.assertIn("Location", h)
        self.assertTrue(h["Location"].startswith(redirect_uri))

    def test_invalid_redirect_uri(self):
        auth_uri = "http://example.com/path?redirect_uri=http%3A%2F%2Fi.b%2Fpath&client_id=abc"
        self.validator.validate_redirect_uri.return_value = False

        # authorization grant
        self.assertRaises(
            errors.MismatchingRedirectURIError,
            self.web.create_authorization_response,
            auth_uri + "&response_type=code",
            scopes=["random"],
        )

        # implicit grant
        self.assertRaises(
            errors.MismatchingRedirectURIError,
            self.mobile.create_authorization_response,
            auth_uri + "&response_type=token",
            scopes=["random"],
        )

    def test_default_uri(self):
        auth_uri = "http://example.com/path?state=xyz&client_id=abc"

        self.validator.get_default_redirect_uri.return_value = None

        # authorization grant
        self.assertRaises(
            errors.MissingRedirectURIError,
            self.web.create_authorization_response,
            auth_uri + "&response_type=code",
            scopes=["random"],
        )

        # implicit grant
#.........这里部分代码省略.........
开发者ID:RuslanPopenko,项目名称:oauthlib,代码行数:103,代码来源:test_credentials_preservation.py

示例9: ErrorResponseTest

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import create_token_response [as 别名]

#.........这里部分代码省略.........
        self.assertRaises(errors.InvalidClientIdError, self.mobile.create_authorization_response, uri, scopes=["foo"])

    def test_empty_parameter(self):
        uri = "https://example.com/authorize?client_id=foo&redirect_uri=https%3A%2F%2Fi.b%2Fback&response_type=code&"

        # Authorization code grant
        self.assertRaises(errors.InvalidRequestError, self.web.validate_authorization_request, uri)

        # Implicit grant
        self.assertRaises(errors.InvalidRequestError, self.mobile.validate_authorization_request, uri)

    def test_invalid_request(self):
        self.validator.get_default_redirect_uri.return_value = "https://i.b/cb"
        token_uri = "https://i.b/token"
        invalid_uris = [
            # Duplicate parameters
            "https://i.b/auth?client_id=foo&client_id=bar&response_type={0}",
            # Missing response type
            "https://i.b/auth?client_id=foo",
        ]

        # Authorization code grant
        for uri in invalid_uris:
            self.assertRaises(errors.InvalidRequestError, self.web.validate_authorization_request, uri.format("code"))
            h, _, s = self.web.create_authorization_response(uri.format("code"), scopes=["foo"])
            self.assertEqual(s, 302)
            self.assertIn("Location", h)
            self.assertIn("error=invalid_request", h["Location"])
        invalid_bodies = [
            # duplicate params
            "grant_type=authorization_code&client_id=nope&client_id=nope&code=foo"
        ]
        for body in invalid_bodies:
            _, body, _ = self.web.create_token_response(token_uri, body=body)
            self.assertEqual("invalid_request", json.loads(body)["error"])

        # Implicit grant
        for uri in invalid_uris:
            self.assertRaises(
                errors.InvalidRequestError, self.mobile.validate_authorization_request, uri.format("token")
            )
            h, _, s = self.mobile.create_authorization_response(uri.format("token"), scopes=["foo"])
            self.assertEqual(s, 302)
            self.assertIn("Location", h)
            self.assertIn("error=invalid_request", h["Location"])

        # Password credentials grant
        invalid_bodies = [
            # duplicate params
            "grant_type=password&username=foo&username=bar&password=baz"
            # missing username
            "grant_type=password&password=baz"
            # missing password
            "grant_type=password&username=foo"
        ]
        self.validator.authenticate_client.side_effect = self.set_client
        for body in invalid_bodies:
            _, body, _ = self.legacy.create_token_response(token_uri, body=body)
            self.assertEqual("invalid_request", json.loads(body)["error"])

        # Client credentials grant
        invalid_bodies = [
            # duplicate params
            "grant_type=client_credentials&scope=foo&scope=bar"
        ]
        for body in invalid_bodies:
开发者ID:cheif,项目名称:oauthlib,代码行数:70,代码来源:test_error_responses.py


注:本文中的oauthlib.oauth2.WebApplicationServer.create_token_response方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。