当前位置: 首页>>代码示例>>Python>>正文


Python toggles.ENFORCE_JWT_SCOPES类代码示例

本文整理汇总了Python中openedx.core.djangoapps.oauth_dispatch.toggles.ENFORCE_JWT_SCOPES的典型用法代码示例。如果您正苦于以下问题:Python ENFORCE_JWT_SCOPES类的具体用法?Python ENFORCE_JWT_SCOPES怎么用?Python ENFORCE_JWT_SCOPES使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了ENFORCE_JWT_SCOPES类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_inactive_user

    def test_inactive_user(self, auth_type, scopes_enforced):
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            self.student.is_active = False
            self.student.save()

            resp = self._get_response(self.student, auth_type)
            self.assertEqual(resp.status_code, status.HTTP_200_OK)
开发者ID:cmscom,项目名称:edx-platform,代码行数:7,代码来源:test_views.py

示例2: test_dot_create_jwt_for_token

 def test_dot_create_jwt_for_token(self, scopes_enforced, client_restricted):
     with ENFORCE_JWT_SCOPES.override(scopes_enforced):
         jwt_token = self._create_jwt_for_token(
             DOTAdapter(),
             use_asymmetric_key=None,
             client_restricted=client_restricted,
         )
         self._assert_jwt_is_valid(jwt_token, should_be_asymmetric_key=scopes_enforced and client_restricted)
开发者ID:jolyonb,项目名称:edx-platform,代码行数:8,代码来源:test_jwt.py

示例3: test_another_user

    def test_another_user(self, auth_type, scopes_enforced, mock_log):
        """
        Returns 200 with empty list for OAuth, Session, and JWT auth.
        Returns 200 for jwt_restricted and user:me filter unset.
        """
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            resp = self.get_response(auth_type, requesting_user=self.other_student)

            self.assertEqual(resp.status_code, status.HTTP_200_OK)
            self.assertEqual(len(resp.data), 0)
开发者ID:digitalsatori,项目名称:edx-platform,代码行数:10,代码来源:test_views.py

示例4: test_jwt_no_filter

    def test_jwt_no_filter(self, auth_type, scopes_enforced, mock_log):
        """ Returns 403 when scopes are enforced with JwtHasContentOrgFilterForRequestedCourse. """
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            jwt_token = self._create_jwt_token(self.student, auth_type, include_org_filter=False)
            resp = self.get_response(AuthType.jwt, token=jwt_token)

            is_enforced = scopes_enforced and auth_type == AuthType.jwt_restricted
            self.assertEqual(resp.status_code, status.HTTP_403_FORBIDDEN if is_enforced else status.HTTP_200_OK)

            if is_enforced:
                self._assert_in_log("JwtHasContentOrgFilterForRequestedCourse", mock_log.warning)
开发者ID:edx,项目名称:edx-platform,代码行数:11,代码来源:utils.py

示例5: test_jwt_no_scopes

    def test_jwt_no_scopes(self, auth_type, scopes_enforced, mock_log):
        """ Returns 403 when scopes are enforced with JwtHasScope. """
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            jwt_token = self._create_jwt_token(self.student, auth_type, scopes=[])
            resp = self._get_response(self.student, AuthType.jwt, token=jwt_token)

            is_enforced = scopes_enforced and auth_type == AuthType.jwt_restricted
            self.assertEqual(resp.status_code, status.HTTP_403_FORBIDDEN if is_enforced else status.HTTP_200_OK)

            if is_enforced:
                self._assert_in_log("JwtHasScope", mock_log.warning)
开发者ID:cmscom,项目名称:edx-platform,代码行数:11,代码来源:test_views.py

示例6: test_jwt_on_behalf_of_other_user

    def test_jwt_on_behalf_of_other_user(self, auth_type, scopes_enforced, mock_log):
        """ Returns 403 when scopes are enforced with JwtHasUserFilterForRequestedUser. """
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            jwt_token = self._create_jwt_token(self.other_student, auth_type, include_me_filter=True)
            resp = self.get_response(AuthType.jwt, token=jwt_token)

            if scopes_enforced and auth_type == AuthType.jwt_restricted:
                self.assertEqual(resp.status_code, status.HTTP_403_FORBIDDEN)
                self._assert_in_log("JwtHasUserFilterForRequestedUser", mock_log.warning)
            else:
                self.assertEqual(resp.status_code, status.HTTP_200_OK)
                self.assertEqual(len(resp.data), 0)
开发者ID:digitalsatori,项目名称:edx-platform,代码行数:12,代码来源:test_views.py

示例7: test_jwt_on_behalf_of_user

    def test_jwt_on_behalf_of_user(self, auth_type, scopes_enforced):
        """
        We have to override this super method due to this API
        being restricted to staff users only.
        """
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            jwt_token = self._create_jwt_token(self.student, auth_type, include_me_filter=True)
            # include_me_filter=True means a JWT filter will require the username
            # of the requesting user to be in the requested URL
            url = self.get_url(self.student) + '?username={}'.format(self.student.username)

            resp = self.get_response(AuthType.jwt, token=jwt_token, url=url)
            assert status.HTTP_200_OK == resp.status_code
开发者ID:digitalsatori,项目名称:edx-platform,代码行数:13,代码来源:test_views.py

示例8: test_another_user

    def test_another_user(self, auth_type, scopes_enforced, mock_log):
        """ Returns 403 for OAuth and Session auth with IsUserInUrl. """
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            resp = self._get_response(self.student_no_cert, auth_type)

            # Restricted JWT tokens without the user:me filter have access to other users
            expected_jwt_access_granted = scopes_enforced and auth_type == AuthType.jwt_restricted

            self.assertEqual(
                resp.status_code,
                status.HTTP_200_OK if expected_jwt_access_granted else status.HTTP_403_FORBIDDEN,
            )
            if not expected_jwt_access_granted:
                self._assert_in_log("IsUserInUrl", mock_log.info)
开发者ID:cmscom,项目名称:edx-platform,代码行数:14,代码来源:test_views.py

示例9: _get_use_asymmetric_key_value

def _get_use_asymmetric_key_value(is_restricted, use_asymmetric_key):
    """
    Returns the value to use for use_asymmetric_key.
    """
    # TODO: (ARCH-162)
    # If JWT scope enforcement is enabled, we need to sign tokens
    # given to restricted applications with a key that
    # other IDAs do not have access to. This prevents restricted
    # applications from getting access to API endpoints available
    # on other IDAs which have not yet been protected with the
    # scope-related DRF permission classes. Once all endpoints have
    # been protected, we can enable all IDAs to use the same new
    # (asymmetric) key.
    if use_asymmetric_key is None:
        use_asymmetric_key = ENFORCE_JWT_SCOPES.is_enabled() and is_restricted
    return use_asymmetric_key
开发者ID:mitocw,项目名称:edx-platform,代码行数:16,代码来源:jwt.py

示例10: test_restricted_non_jwt_access_token_fields

    def test_restricted_non_jwt_access_token_fields(self, enforce_jwt_scopes_enabled):
        with ENFORCE_JWT_SCOPES.override(enforce_jwt_scopes_enabled):
            response = self._post_request(self.user, self.restricted_dot_app)
            self.assertEqual(response.status_code, 200)
            data = json.loads(response.content)
            self.assertIn('access_token', data)
            self.assertIn('expires_in', data)
            self.assertIn('scope', data)
            self.assertIn('token_type', data)

            # Verify token expiration.
            self.assertEqual(data['expires_in'] < 0, True)
            access_token = dot_models.AccessToken.objects.get(token=data['access_token'])
            self.assertEqual(
                models.RestrictedApplication.verify_access_token_as_expired(access_token),
                True
            )
开发者ID:mreyk,项目名称:edx-platform,代码行数:17,代码来源:test_views.py

示例11: test_another_user_with_certs_shared_public

    def test_another_user_with_certs_shared_public(self, auth_type, scopes_enforced):
        """
        Returns 200 with cert list for OAuth, Session, and JWT auth.
        Returns 200 for jwt_restricted and user:me filter unset.
        """
        self.student.profile.year_of_birth = 1977
        self.student.profile.save()
        UserPreferenceFactory.build(
            user=self.student,
            key='account_privacy',
            value='all_users',
        ).save()

        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            resp = self.get_response(auth_type, requesting_user=self.other_student)

            self.assertEqual(resp.status_code, status.HTTP_200_OK)
            self.assertEqual(len(resp.data), 1)
开发者ID:digitalsatori,项目名称:edx-platform,代码行数:18,代码来源:test_views.py

示例12: test_restricted_jwt_access_token

    def test_restricted_jwt_access_token(self, enforce_jwt_scopes_enabled, expiration_expected):
        """
        Verify that when requesting a JWT token from a restricted Application
        within the DOT subsystem, that our claims is marked as already expired
        (i.e. expiry set to Jan 1, 1970)
        """
        with ENFORCE_JWT_SCOPES.override(enforce_jwt_scopes_enabled):
            response = self._post_request(self.user, self.restricted_dot_app, token_type='jwt')
            self.assertEqual(response.status_code, 200)
            data = json.loads(response.content)

            self.assertIn('expires_in', data)
            self.assertEqual(data['expires_in'] < 0, expiration_expected)
            self.assertEqual(data['token_type'], 'JWT')
            self.assert_valid_jwt_access_token(
                data['access_token'],
                self.user,
                data['scope'].split(' '),
                should_be_expired=expiration_expected,
                should_be_asymmetric_key=enforce_jwt_scopes_enabled,
                should_be_restricted=True,
            )
开发者ID:digitalsatori,项目名称:edx-platform,代码行数:22,代码来源:test_views.py

示例13: test_jwt_on_behalf_of_user

    def test_jwt_on_behalf_of_user(self, auth_type, scopes_enforced):
        with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
            jwt_token = self._create_jwt_token(self.student, auth_type, include_me_filter=True)

            resp = self.get_response(AuthType.jwt, token=jwt_token)
            self.assertEqual(resp.status_code, status.HTTP_200_OK)
开发者ID:edx,项目名称:edx-platform,代码行数:6,代码来源:utils.py

示例14: test_staff_user

 def test_staff_user(self, auth_type, scopes_enforced):
     with ENFORCE_JWT_SCOPES.override(active=scopes_enforced):
         resp = self.get_response(auth_type, requesting_user=self.global_staff)
         self.assertEqual(resp.status_code, status.HTTP_200_OK)
         self.assert_success_response_for_student(resp)
开发者ID:edx,项目名称:edx-platform,代码行数:5,代码来源:utils.py

示例15: should_expire_access_token

 def should_expire_access_token(cls, application):
     set_token_expired = not ENFORCE_JWT_SCOPES.is_enabled()
     jwt_not_requested = get_request_or_stub().POST.get('token_type', '').lower() != 'jwt'
     restricted_application = cls.objects.filter(application=application).exists()
     return restricted_application and (jwt_not_requested or set_token_expired)
开发者ID:mitocw,项目名称:edx-platform,代码行数:5,代码来源:models.py


注:本文中的openedx.core.djangoapps.oauth_dispatch.toggles.ENFORCE_JWT_SCOPES类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。