Python WebApplicationServer.validate_authorization_request方法代码示例

本文整理汇总了Python中oauthlib.oauth2.WebApplicationServer.validate_authorization_request方法的典型用法代码示例。如果您正苦于以下问题：Python WebApplicationServer.validate_authorization_request方法的具体用法？Python WebApplicationServer.validate_authorization_request怎么用？Python WebApplicationServer.validate_authorization_request使用的例子？那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oauthlib.oauth2.WebApplicationServer的用法示例。

在下文中一共展示了WebApplicationServer.validate_authorization_request方法的2个代码示例，这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞，您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: WebAuthorizeHandler

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import validate_authorization_request [as 别名]
class WebAuthorizeHandler(tornado.web.RequestHandler):
    """
    oauth 用户授权
    """

    def initialize(self):
        # 初始化 oauth2 后端服务
        self._authorization_endpoint = WebApplicationServer(WebValidator())
        self._error_uri = self.reverse_url('web-error')

    def get(self):
        # 解析 request，包装 oauthlib request
        uri, http_method, body, headers = extract_params(self.request)
        redirect_uri = self.get_query_argument('redirect_uri', None)

        try:
            # 验证client请求，识别client身份
            scopes, credentials = self._authorization_endpoint.validate_authorization_request(
                uri, http_method, body, headers)
        except errors.FatalClientError as e:
            logger.error(e.error)
            self.finish(e.error)
            self.redirect(self._error_uri)
        except errors.OAuth2Error as e:
            e.redirect_uri = redirect_uri
            logger.error(e.error)
            self.finish(e.error)
            self.redirect(e.in_uri(e.redirect_uri))

        # 渲染用户认证授权页面
        self.write('<h1> Authorize access to %s </h1>' % credentials['client_id'])
        self.write('<form method="POST" action="">')
        for scope in scopes or []:
            self.write('<input type="checkbox" checked="checked" name="scopes" value="%s"/> %s' % (scope, scope))

        self.write('<input type="text" name="username" value="username"/>')
        self.write('<input type="password" name="password" value="password"/>')
        self.write('<input type="submit" value="Authorize"/>')


    def post(self, *args, **kwargs):
        uri, http_method, body, headers = extract_params(self.request)

        try:
            headers, body, status = self._token_endpoint.create_token_response(uri, http_method, body, headers)

        except errors.FatalClientError as e:
            logger.error(e)
            print e
            self.redirect(self._error_uri)
        except errors.OAuth2Error as e:
            logger.error(e)
            print e
            self.redirect(self._error_uri)

        self.set_header('Content-Type', 'application/json')
        self.finish(body)

开发者ID:xhfeng，项目名称:Tornado-OAuth2，代码行数:59，代码来源:views.py

示例2: TestScopeHandling

# 需要导入模块: from oauthlib.oauth2 import WebApplicationServer [as 别名]
# 或者: from oauthlib.oauth2.WebApplicationServer import validate_authorization_request [as 别名]
class TestScopeHandling(TestCase):

    DEFAULT_REDIRECT_URI = 'http://i.b./path'

    def set_scopes(self, scopes):
        def set_request_scopes(client_id, code, client, request):
            request.scopes = scopes
            return True
        return set_request_scopes

    def set_user(self, request):
        request.user = 'foo'
        request.client_id = 'bar'
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def set_client(self, request):
        request.client = mock.MagicMock()
        request.client.client_id = 'mocked'
        return True

    def setUp(self):
        self.validator = mock.MagicMock(spec=RequestValidator)
        self.validator.get_default_redirect_uri.return_value = TestScopeHandling.DEFAULT_REDIRECT_URI
        self.validator.authenticate_client.side_effect = self.set_client
        self.web = WebApplicationServer(self.validator)
        self.mobile = MobileApplicationServer(self.validator)
        self.legacy = LegacyApplicationServer(self.validator)
        self.backend = BackendApplicationServer(self.validator)

    def test_scope_extraction(self):
        scopes = (
            ('images', ['images']),
            ('images+videos', ['images', 'videos']),
            ('http%3A%2f%2fa.b%2fvideos', ['http://a.b/videos']),
            ('http%3A%2f%2fa.b%2fvideos+pics', ['http://a.b/videos', 'pics']),
            ('pics+http%3A%2f%2fa.b%2fvideos', ['pics', 'http://a.b/videos']),
            ('http%3A%2f%2fa.b%2fvideos+https%3A%2f%2fc.d%2Fsecret', ['http://a.b/videos', 'https://c.d/secret']),
        )

        uri = 'http://example.com/path?client_id=abc&scope=%s&response_type=%s'
        for scope, correct_scopes in scopes:
            scopes, _ = self.web.validate_authorization_request(
                    uri % (scope, 'code'))
            self.assertItemsEqual(scopes, correct_scopes)
            scopes, _ = self.mobile.validate_authorization_request(
                    uri % (scope, 'token'))
            self.assertItemsEqual(scopes, correct_scopes)

    def test_scope_preservation(self):
        scope = 'pics+http%3A%2f%2fa.b%2fvideos'
        correct_scope = 'pics http%3A%2f%2fa.b%2fvideos'
        decoded_scope = 'pics http://a.b/videos'
        scopes = ['pics', 'http%3A%2f%2fa.b%2fvideos']
        auth_uri = 'http://example.com/path?client_id=abc&scope=%s&%s'
        token_uri = 'http://example.com/path'

        # authorization grant
        uri, _, _, _ = self.web.create_authorization_response(
                auth_uri % (scope, 'response_type=code'))
        self.validator.validate_code.side_effect = self.set_scopes(scopes)
        code = get_query_credentials(uri)['code'][0]
        _, _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['scope'], correct_scope)

        # implicit grant
        uri, _, _, _ = self.mobile.create_authorization_response(
                auth_uri % (scope, 'response_type=token'))
        self.assertEqual(get_fragment_credentials(uri)['scope'][0], decoded_scope)

        # resource owner password credentials grant
        body = 'grant_type=password&username=abc&password=secret&scope=%s'
        _, _, body, _ = self.legacy.create_token_response(token_uri,
                body=body % scope)
        self.assertEqual(json.loads(body)['scope'], decoded_scope)

        # client credentials grant
        body = 'grant_type=client_credentials&scope=%s'
        self.validator.authenticate_client.side_effect = self.set_user
        _, _, body, _ = self.backend.create_token_response(token_uri,
                body=body % scope)
        self.assertEqual(json.loads(body)['scope'], decoded_scope)

    def test_scope_changed(self):
        scope = 'pics+http%3A%2f%2fa.b%2fvideos'
        scopes = ['images', 'http://a.b/videos']
        decoded_scope = 'images http://a.b/videos'
        auth_uri = 'http://example.com/path?client_id=abc&scope=%s&%s'
        token_uri = 'http://example.com/path'

        # authorization grant
        uri, _, _, _ = self.web.create_authorization_response(
                auth_uri % (scope, 'response_type=code'))
        code = get_query_credentials(uri)['code'][0]
        self.validator.validate_code.side_effect = self.set_scopes(scopes)
        _, _, body, _ = self.web.create_token_response(token_uri,
                body='grant_type=authorization_code&code=%s' % code)
        self.assertEqual(json.loads(body)['scope'], decoded_scope)
#.........这里部分代码省略.........

开发者ID:seatme，项目名称:oauthlib，代码行数:103，代码来源:test_servers.py

注：本文中的oauthlib.oauth2.WebApplicationServer.validate_authorization_request方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台，相关代码片段筛选自各路编程大神贡献的开源项目，源码版权归原作者所有，传播和使用请参考对应项目的License；未经允许，请勿转载。