当前位置: 首页>>代码示例>>Python>>正文


Python userlist.UserList类代码示例

本文整理汇总了Python中ovs.dal.lists.userlist.UserList的典型用法代码示例。如果您正苦于以下问题:Python UserList类的具体用法?Python UserList怎么用?Python UserList使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了UserList类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_client_credentials

    def test_client_credentials(self):
        """
        Validates the Client Credentials
        """
        from api.oauth2.tokenview import OAuth2TokenView

        time.sleep(180)
        data = {'grant_type': 'client_credentials'}
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1')
        self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'missing_header', HttpBadRequestException)

        time.sleep(180)
        header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format('foo', 'bar')))
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.2', HTTP_AUTHORIZATION=header)
        self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException)

        time.sleep(180)
        admin_na = UserList.get_user_by_username('admin_na')
        admin_na_client = Client()
        admin_na_client.ovs_type = 'USER'
        admin_na_client.grant_type = 'PASSWORD'
        admin_na_client.client_secret = OAuth2Toolbox.create_hash(64)
        admin_na_client.user = admin_na
        admin_na_client.save()
        header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format(admin_na_client.guid, admin_na_client.client_secret)))
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.3', HTTP_AUTHORIZATION=header)
        self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_grant', HttpBadRequestException)

        time.sleep(180)
        admin_na_client.grant_type = 'CLIENT_CREDENTIALS'
        admin_na_client.save()
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.4', HTTP_AUTHORIZATION=header)
        self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'inactive_user', HttpBadRequestException)

        time.sleep(180)
        admin = UserList.get_user_by_username('admin')
        admin_client = Client()
        admin_client.ovs_type = 'USER'
        admin_client.grant_type = 'CLIENT_CREDENTIALS'
        admin_client.client_secret = OAuth2Toolbox.create_hash(64)
        admin_client.user = admin
        admin_client.save()
        header = 'Basic {0}'.format(base64.encodestring('{0}:foobar'.format(admin_client.guid)))
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.5', HTTP_AUTHORIZATION=header)
        self._assert_failure(OAuth2TokenView.as_view(), request, 400, 'invalid_client', HttpBadRequestException)

        time.sleep(180)
        header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format(admin_client.guid, admin_client.client_secret)))
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.6', HTTP_AUTHORIZATION=header)
        response = OAuth2TokenView.as_view()(request)
        self.assertEqual(response.status_code, 200)
        response_content = json.loads(response.content)
        self.assertIn('access_token', response_content)
        result = {'access_token': response_content['access_token'],
                  'token_type': 'bearer',
                  'expires_in': 3600}
        self.assertDictEqual(response_content, result)
开发者ID:grimpy,项目名称:openvstorage,代码行数:57,代码来源:test_authentication.py

示例2: test_client_credentials

    def test_client_credentials(self):
        """
        Validates the Client Credentials
        """
        from oauth2.tokenview import OAuth2TokenView

        data = {'grant_type': 'client_credentials'}
        request = Authentication.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1')
        response = OAuth2TokenView.as_view()(request)
        # Fails because the HTTP_AUTHORIZATION header is missing
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.content, json.dumps({'error': 'missing_header'}))
        header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format('foo', 'bar')))
        request = Authentication.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = OAuth2TokenView.as_view()(request)
        # Fails because there is no such client
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.content, json.dumps({'error': 'invalid_client'}))
        admin_na = UserList.get_user_by_username('admin_na')
        admin_na_client = Client()
        admin_na_client.ovs_type = 'USER'
        admin_na_client.grant_type = 'PASSWORD'
        admin_na_client.client_secret = OAuth2Toolbox.create_hash(64)
        admin_na_client.user = admin_na
        admin_na_client.save()
        header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format(admin_na_client.guid, admin_na_client.client_secret)))
        request = Authentication.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = OAuth2TokenView.as_view()(request)
        # Fails because the grant is of type Resource Owner Password Credentials
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.content, json.dumps({'error': 'invalid_grant'}))
        admin_na_client.grant_type = 'CLIENT_CREDENTIALS'
        admin_na_client.save()
        request = Authentication.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = OAuth2TokenView.as_view()(request)
        # Fails because the grant is of type Resource Owner Password Credentials
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.content, json.dumps({'error': 'inactive_user'}))
        admin = UserList.get_user_by_username('admin')
        admin_client = Client()
        admin_client.ovs_type = 'USER'
        admin_client.grant_type = 'CLIENT_CREDENTIALS'
        admin_client.client_secret = OAuth2Toolbox.create_hash(64)
        admin_client.user = admin
        admin_client.save()
        header = 'Basic {0}'.format(base64.encodestring('{0}:{1}'.format(admin_client.guid, admin_client.client_secret)))
        request = Authentication.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = OAuth2TokenView.as_view()(request)
        # Succeeds
        self.assertEqual(response.status_code, 200)
        response_content = json.loads(response.content)
        self.assertIn('access_token', response_content)
        result = {'access_token': response_content['access_token'],
                  'token_type': 'bearer',
                  'expires_in': 3600}
        self.assertDictEqual(response_content, result)
开发者ID:mflu,项目名称:openvstorage_centos,代码行数:56,代码来源:test_authentication.py

示例3: test_required_roles

    def test_required_roles(self):
        """
        Validates whether the required_roles decorator works
        """
        from api.backend.decorators import required_roles

        @required_roles(['read', 'write', 'manage'])
        def the_function_rr(input_value, *args, **kwargs):
            """
            Decorated function
            """
            _ = args, kwargs
            output['value'] = input_value
            return HttpResponse(json.dumps(input_value))

        time.sleep(180)
        output = {'value': None}
        request = self.factory.get('/')
        with self.assertRaises(HttpUnauthorizedException) as context:
            the_function_rr(1, request)
        self.assertEqual(context.exception.status_code, 401)

        time.sleep(180)
        request.client = type('Client', (), {})
        request.user = type('User', (), {})
        request.user.username = 'foobar'
        with self.assertRaises(HttpUnauthorizedException) as context:
            the_function_rr(2, request)
        self.assertEqual(context.exception.status_code, 401)

        time.sleep(180)
        user = UserList.get_user_by_username('user')
        access_token, _ = OAuth2Toolbox.generate_tokens(user.clients[0], generate_access=True, scopes=RoleList.get_roles_by_codes(['read']))
        access_token.expiration = int(time.time() + 86400)
        access_token.save()
        request.user.username = 'user'
        request.token = access_token
        with self.assertRaises(HttpForbiddenException) as context:
            the_function_rr(3, request)
        self.assertEqual(context.exception.status_code, 403)
        self.assertEqual(context.exception.error, 'invalid_roles')
        self.assertEqual(context.exception.error_description, 'This call requires roles: read, write, manage')

        time.sleep(180)
        user = UserList.get_user_by_username('admin')
        access_token, _ = OAuth2Toolbox.generate_tokens(user.clients[0], generate_access=True, scopes=RoleList.get_roles_by_codes(['read', 'write', 'manage']))
        access_token.expiration = int(time.time() + 86400)
        access_token.save()
        request.username = 'admin'
        request.token = access_token
        response = the_function_rr(4, request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.content, '4')
开发者ID:grimpy,项目名称:openvstorage,代码行数:53,代码来源:test_decorators.py

示例4: test_required_roles

    def test_required_roles(self):
        """
        Validates whether the required_roles decorator works
        """
        from backend.decorators import required_roles
        from rest_framework.exceptions import NotAuthenticated, PermissionDenied

        @required_roles(["read", "write", "manage"])
        def the_function(input_value, *args, **kwargs):
            """
            Decorated function
            """
            _ = args, kwargs
            output["value"] = input_value
            return HttpResponse(json.dumps(input_value))

        output = {"value": None}
        user = UserList.get_user_by_username("user")
        request = Decorators.factory.get("/")
        with self.assertRaises(NotAuthenticated) as context:
            the_function(1, request)
        self.assertEqual(context.exception.status_code, 401)
        request.client = type("Client", (), {})
        request.user = type("User", (), {})
        request.user.username = "foobar"
        with self.assertRaises(NotAuthenticated) as context:
            the_function(2, request)
        self.assertEqual(context.exception.status_code, 401)
        access_token, _ = OAuth2Toolbox.generate_tokens(
            user.clients[0], generate_access=True, scopes=RoleList.get_roles_by_codes(["read"])
        )
        access_token.expiration = int(time.time() + 86400)
        access_token.save()
        request.user.username = "user"
        request.token = access_token
        with self.assertRaises(PermissionDenied) as context:
            the_function(3, request)
        self.assertEqual(context.exception.status_code, 403)
        self.assertEqual(context.exception.detail, "This call requires roles: read, write, manage")
        user = UserList.get_user_by_username("admin")
        access_token, _ = OAuth2Toolbox.generate_tokens(
            user.clients[0], generate_access=True, scopes=RoleList.get_roles_by_codes(["read", "write", "manage"])
        )
        access_token.expiration = int(time.time() + 86400)
        access_token.save()
        request.username = "admin"
        request.token = access_token
        response = the_function(4, request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.content, "4")
开发者ID:jianyongchen,项目名称:openvstorage,代码行数:50,代码来源:test_decorators.py

示例5: create

 def create(self, request):
     """
     Creates a User
     """
     serializer = FullSerializer(User, instance=User(), data=request.DATA, allow_passwords=True)
     if serializer.is_valid():
         user = serializer.object
         if UserList.get_user_by_username(user.username) is not None:
             return Response('User already exists', status=status.HTTP_303_SEE_OTHER)
         user.save()
         pw_client = Client()
         pw_client.ovs_type = 'INTERNAL'
         pw_client.grant_type = 'PASSWORD'
         pw_client.user = user
         pw_client.save()
         cc_client = Client()
         cc_client.ovs_type = 'INTERNAL'
         cc_client.grant_type = 'CLIENT_CREDENTIALS'
         cc_client.client_secret = ''.join(random.choice(string.ascii_letters +
                                                         string.digits +
                                                         '|_=+*#@!/-[]{}<>.?,\'";:~')
                                           for _ in range(128))
         cc_client.user = user
         cc_client.save()
         for junction in user.group.roles:
             for client in [cc_client, pw_client]:
                 roleclient = RoleClient()
                 roleclient.client = client
                 roleclient.role = junction.role
                 roleclient.save()
         serializer = FullSerializer(User, instance=user)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     else:
         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
开发者ID:dawnpower,项目名称:framework,代码行数:34,代码来源:users.py

示例6: create

 def create(self, request):
     """
     Creates a User
     :param request: The raw request
     :type request: Request
     """
     serializer = FullSerializer(User, instance=User(), data=request.DATA, allow_passwords=True)
     user = serializer.deserialize()
     if UserList.get_user_by_username(user.username) is not None:
         raise HttpNotAcceptableException(error_description='User with this username already exists',
                                          error='duplicate')
     user.save()
     pw_client = Client()
     pw_client.ovs_type = 'INTERNAL'
     pw_client.grant_type = 'PASSWORD'
     pw_client.user = user
     pw_client.save()
     cc_client = Client()
     cc_client.ovs_type = 'INTERNAL'
     cc_client.grant_type = 'CLIENT_CREDENTIALS'
     cc_client.client_secret = ''.join(random.choice(string.ascii_letters +
                                                     string.digits +
                                                     '|_=+*#@!/-[]{}<>.?,\'";:~')
                                       for _ in range(128))
     cc_client.user = user
     cc_client.save()
     for junction in user.group.roles:
         for client in [cc_client, pw_client]:
             roleclient = RoleClient()
             roleclient.client = client
             roleclient.role = junction.role
             roleclient.save()
     return user
开发者ID:grimpy,项目名称:openvstorage,代码行数:33,代码来源:users.py

示例7: post

 def post(self, request, *args, **kwargs):
     """
     Handles token post
     """
     _ = args, kwargs
     if 'grant_type' not in request.POST:
         return HttpResponseBadRequest, {'error': 'invalid_request'}
     grant_type = request.POST['grant_type']
     scopes = None
     if 'scope' in request.POST:
         scopes = RoleList.get_roles_by_codes(request.POST['scope'].split(' '))
     if grant_type == 'password':
         # Resource Owner Password Credentials Grant
         if 'username' not in request.POST or 'password' not in request.POST:
             return HttpResponseBadRequest, {'error': 'invalid_request'}
         username = request.POST['username']
         password = request.POST['password']
         user = UserList.get_user_by_username(username)
         if user is None or user.password != hashlib.sha256(password).hexdigest():
             return HttpResponseBadRequest, {'error': 'invalid_client'}
         if user.is_active is False:
             return HttpResponseBadRequest, {'error': 'inactive_user'}
         clients = [client for client in user.clients if client.ovs_type == 'FRONTEND' and client.grant_type == 'PASSWORD']
         if len(clients) != 1:
             return HttpResponseBadRequest, {'error': 'unauthorized_client'}
         client = clients[0]
         try:
             access_token, _ = Toolbox.generate_tokens(client, generate_access=True, scopes=scopes)
             access_token.expiration = int(time.time() + 86400)
             access_token.save()
         except ValueError as error:
             return HttpResponseBadRequest, {'error': str(error)}
         Toolbox.clean_tokens(client)
         return HttpResponse, {'access_token': access_token.access_token,
                               'token_type': 'bearer',
                               'expires_in': 86400}
     elif grant_type == 'client_credentials':
         # Client Credentials
         if 'HTTP_AUTHORIZATION' not in request.META:
             return HttpResponseBadRequest, {'error': 'missing_header'}
         _, password_hash = request.META['HTTP_AUTHORIZATION'].split(' ')
         client_id, client_secret = base64.decodestring(password_hash).split(':', 1)
         try:
             client = Client(client_id)
             if client.grant_type != 'CLIENT_CREDENTIALS':
                 return HttpResponseBadRequest, {'error': 'invalid_grant'}
             if not client.user.is_active:
                 return HttpResponseBadRequest, {'error': 'inactive_user'}
             try:
                 access_token, _ = Toolbox.generate_tokens(client, generate_access=True, scopes=scopes)
             except ValueError as error:
                 return HttpResponseBadRequest, {'error': str(error)}
             Toolbox.clean_tokens(client)
             return HttpResponse, {'access_token': access_token.access_token,
                                   'token_type': 'bearer',
                                   'expires_in': 3600}
         except:
             return HttpResponseBadRequest, {'error': 'invalid_client'}
     else:
         return HttpResponseBadRequest, {'error': 'unsupported_grant_type'}
开发者ID:mflu,项目名称:openvstorage_centos,代码行数:60,代码来源:tokenview.py

示例8: test_required_roles

    def test_required_roles(self):
        """
        Validates whether the required_roles decorator works
        """
        from backend.decorators import required_roles
        from rest_framework.exceptions import NotAuthenticated, PermissionDenied

        @required_roles(['read', 'write', 'manage'])
        def the_function(input_value, *args, **kwargs):
            """
            Decorated function
            """
            _ = args, kwargs
            output['value'] = input_value
            return HttpResponse(json.dumps(input_value))

        output = {'value': None}
        user = UserList.get_user_by_username('user')
        request = self.factory.get('/')
        with self.assertRaises(NotAuthenticated) as context:
            the_function(1, request)
        self.assertEqual(context.exception.status_code, 401)
        request.client = type('Client', (), {})
        request.user = type('User', (), {})
        request.user.username = 'foobar'
        with self.assertRaises(NotAuthenticated) as context:
            the_function(2, request)
        self.assertEqual(context.exception.status_code, 401)
        access_token, _ = OAuth2Toolbox.generate_tokens(user.clients[0], generate_access=True, scopes=RoleList.get_roles_by_codes(['read']))
        access_token.expiration = int(time.time() + 86400)
        access_token.save()
        request.user.username = 'user'
        request.token = access_token
        with self.assertRaises(PermissionDenied) as context:
            the_function(3, request)
        self.assertEqual(context.exception.status_code, 403)
        self.assertEqual(context.exception.detail, 'This call requires roles: read, write, manage')
        user = UserList.get_user_by_username('admin')
        access_token, _ = OAuth2Toolbox.generate_tokens(user.clients[0], generate_access=True, scopes=RoleList.get_roles_by_codes(['read', 'write', 'manage']))
        access_token.expiration = int(time.time() + 86400)
        access_token.save()
        request.username = 'admin'
        request.token = access_token
        response = the_function(4, request)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.content, '4')
开发者ID:DarumasLegs,项目名称:framework,代码行数:46,代码来源:test_decorators.py

示例9: list

 def list(self, request):
     """
     Lists all available Users where the logged in user has access to
     """
     if Toolbox.is_client_in_roles(request.client, ['manage']):
         return UserList.get_users()
     else:
         return [request.client.user]
开发者ID:mflu,项目名称:openvstorage_centos,代码行数:8,代码来源:users.py

示例10: test_authentication_backend

    def test_authentication_backend(self):
        """
        Validates the Authentication backend
        """
        from django.contrib.auth.models import User as DUser
        from api.oauth2.tokenview import OAuth2TokenView
        from api.oauth2.backend import OAuth2Backend

        time.sleep(180)
        backend = OAuth2Backend()
        data = {'grant_type': 'password',
                'username': 'admin',
                'password': 'admin'}
        request = self.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1')
        response = OAuth2TokenView.as_view()(request)
        response_content = json.loads(response.content)
        access_token = response_content['access_token']
        request = self.factory.get('/')
        response = backend.authenticate(request)
        self.assertIsNone(response)

        time.sleep(180)
        header = 'Bearer foobar'
        request = self.factory.get('/', HTTP_AUTHORIZATION=header)
        with self.assertRaises(HttpUnauthorizedException) as context:
            backend.authenticate(request)
        self.assertEqual(context.exception.status_code, 401)
        self.assertEqual(str(context.exception.error), 'invalid_token')

        time.sleep(180)
        header = 'Bearer {0}'.format(access_token)
        request = self.factory.get('/', HTTP_AUTHORIZATION=header)
        user, extra = backend.authenticate(request)
        self.assertIsInstance(user, DUser)
        self.assertIsNone(extra)
        self.assertEqual(request.token.access_token, access_token)
        self.assertEqual(request.client.user.username, 'admin')

        time.sleep(180)
        user = UserList.get_user_by_username('admin')
        user.is_active = False
        user.save()
        request = self.factory.get('/', HTTP_AUTHORIZATION=header)
        with self.assertRaises(HttpUnauthorizedException) as context:
            backend.authenticate(request)
        self.assertEqual(context.exception.status_code, 401)
        self.assertEqual(str(context.exception.error), 'inactive_user')
        user.is_active = True
        user.save()

        time.sleep(int(response_content['expires_in']))
        request = self.factory.get('/', HTTP_AUTHORIZATION=header)
        with self.assertRaises(HttpUnauthorizedException) as context:
            backend.authenticate(request)
        self.assertEqual(context.exception.status_code, 401)
        self.assertEqual(str(context.exception.error), 'token_expired')
开发者ID:grimpy,项目名称:openvstorage,代码行数:56,代码来源:test_authentication.py

示例11: new_function

 def new_function(*args, **kw):
     """
     Wrapped function
     """
     request = _find_request(args)
     if not hasattr(request, 'user') or not hasattr(request, 'client'):
         raise NotAuthenticated()
     user = UserList.get_user_by_username(request.user.username)
     if user is None:
         raise NotAuthenticated()
     if not Toolbox.is_token_in_roles(request.token, roles):
         raise PermissionDenied('This call requires roles: %s' % (', '.join(roles)))
     return f(*args, **kw)
开发者ID:dawnpower,项目名称:framework,代码行数:13,代码来源:decorators.py

示例12: new_function

 def new_function(*args, **kw):
     """
     Wrapped function
     """
     request = _find_request(args)
     if not hasattr(request, 'user') or not hasattr(request, 'client'):
         raise HttpUnauthorizedException(error_description='Not authenticated',
                                         error='not_authenticated')
     user = UserList.get_user_by_username(request.user.username)
     if user is None:
         raise HttpUnauthorizedException(error_description='Not authenticated',
                                         error='not_authenticated')
     if not Toolbox.is_token_in_roles(request.token, roles):
         raise HttpForbiddenException(error_description='This call requires roles: {0}'.format(', '.join(roles)),
                                      error='invalid_roles')
     return f(*args, **kw)
开发者ID:grimpy,项目名称:openvstorage,代码行数:16,代码来源:decorators.py

示例13: create

 def create(self, request):
     """
     Creates a User
     """
     serializer = FullSerializer(User, instance=User(), data=request.DATA, allow_passwords=True)
     if serializer.is_valid():
         user = serializer.object
         if UserList.get_user_by_username(user.username) is not None:
             return Response('User already exists', status=status.HTTP_303_SEE_OTHER)
         user.save()
         client = Client()
         client.ovs_type = 'FRONTEND'
         client.grant_type = 'PASSWORD'
         client.user = user
         client.save()
         for junction in user.group.roles:
             roleclient = RoleClient()
             roleclient.client = client
             roleclient.role = junction.role
             roleclient.save()
         serializer = FullSerializer(User, instance=user)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     else:
         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
开发者ID:mflu,项目名称:openvstorage_centos,代码行数:24,代码来源:users.py

示例14: test_metadata

    def test_metadata(self):
        """
        Validates the authentication related information at the API root's metadata.
        - The 'roles' key is already checked in the Scope-related tests
        """
        from ovs.dal.lists.bearertokenlist import BearerTokenList
        from oauth2.tokenview import OAuth2TokenView
        from view import MetadataView

        def raise_exception(argument):
            _ = argument
            raise RuntimeError('foobar')

        result_data = {'authenticated': False,
                       'authentication_state': None,
                       'username': None,
                       'userguid': None}
        data = {'grant_type': 'password',
                'username': 'admin',
                'password': 'admin'}
        request = Authentication.factory.post('/', data=data, HTTP_X_REAL_IP='127.0.0.1')
        response = OAuth2TokenView.as_view()(request)
        response_content = json.loads(response.content)
        expiry = int(response_content['expires_in'])
        access_token = response_content['access_token']
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1')
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'unauthenticated'}.items()), response_content)
        header = 'Basic foobar'
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'invalid_authorization_type'}.items()), response_content)
        header = 'Bearer foobar'
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'invalid_token'}.items()), response_content)
        user = UserList.get_user_by_username('admin')
        header = 'Bearer {0}'.format(access_token)
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authenticated': True,
                                                                  'username': user.username,
                                                                  'userguid': user.guid}.items()), response_content)
        time.sleep(180)  # Make sure to not hit the rate limit
        user.is_active = False
        user.save()
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'inactive_user'}.items()), response_content)
        original_method = BearerTokenList.get_by_access_token
        BearerTokenList.get_by_access_token = staticmethod(raise_exception)
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'unexpected_exception'}.items()), response_content)
        BearerTokenList.get_by_access_token = staticmethod(original_method)
        time.sleep(expiry)
        request = Authentication.factory.get('/', HTTP_X_REAL_IP='127.0.0.1', HTTP_AUTHORIZATION=header)
        response = MetadataView.as_view()(request)
        response_content = json.loads(response.content)
        self.assertDictContainsSubset(dict(result_data.items() + {'authentication_state': 'token_expired'}.items()), response_content)
开发者ID:mflu,项目名称:openvstorage_centos,代码行数:66,代码来源:test_authentication.py

示例15: post

 def post(self, request, *args, **kwargs):
     """
     Handles token post
     """
     logger = LogHandler.get('api', 'oauth2')
     _ = args, kwargs
     if 'grant_type' not in request.POST:
         raise HttpBadRequestException(error='invalid_request',
                                       error_description='No grant type specified')
     grant_type = request.POST['grant_type']
     scopes = None
     if 'scope' in request.POST:
         scopes = RoleList.get_roles_by_codes(request.POST['scope'].split(' '))
     if grant_type == 'password':
         # Resource Owner Password Credentials Grant
         if 'username' not in request.POST or 'password' not in request.POST:
             raise HttpBadRequestException(error='invalid_request',
                                           error_description='Invalid request')
         username = request.POST['username']
         password = request.POST['password']
         user = UserList.get_user_by_username(username)
         if user is None or user.password != hashlib.sha256(password).hexdigest():
             raise HttpBadRequestException(error='invalid_client',
                                           error_description='Invalid client')
         if user.is_active is False:
             raise HttpBadRequestException(error='inactive_user',
                                           error_description='User is inactive')
         clients = [client for client in user.clients if client.ovs_type == 'INTERNAL' and client.grant_type == 'PASSWORD']
         if len(clients) != 1:
             raise HttpBadRequestException(error='unauthorized_client',
                                           error_description='Client is unautorized')
         client = clients[0]
         try:
             access_token, _ = Toolbox.generate_tokens(client, generate_access=True, scopes=scopes)
             access_token.expiration = int(time.time() + 86400)
             access_token.save()
         except ValueError as error:
             if error.message == 'invalid_scope':
                 raise HttpBadRequestException(error='invalid_scope',
                                               error_description='Invalid scope requested')
             raise
         Toolbox.clean_tokens(client)
         return HttpResponse(json.dumps({'access_token': access_token.access_token,
                                         'token_type': 'bearer',
                                         'expires_in': 86400}),
                             content_type='application/json')
     elif grant_type == 'client_credentials':
         # Client Credentials
         if 'HTTP_AUTHORIZATION' not in request.META:
             raise HttpBadRequestException(error='missing_header',
                                           error_description='Authorization header missing')
         _, password_hash = request.META['HTTP_AUTHORIZATION'].split(' ')
         client_id, client_secret = base64.b64decode(password_hash).split(':', 1)
         try:
             client = Client(client_id)
             if client.grant_type != 'CLIENT_CREDENTIALS':
                 raise HttpBadRequestException(error='invalid_grant',
                                               error_description='The given grant type is not supported')
             if client.client_secret != client_secret:
                 raise HttpBadRequestException(error='invalid_client',
                                               error_description='Invalid client')
             if not client.user.is_active:
                 raise HttpBadRequestException(error='inactive_user',
                                               error_description='User is inactive')
             try:
                 access_token, _ = Toolbox.generate_tokens(client, generate_access=True, scopes=scopes)
             except ValueError as error:
                 if error.message == 'invalid_scope':
                     raise HttpBadRequestException(error='invalid_scope',
                                                   error_description='Invalid scope requested')
                 raise
             try:
                 Toolbox.clean_tokens(client)
             except Exception as error:
                 logger.error('Error during session cleanup: {0}'.format(error))
             return HttpResponse(json.dumps({'access_token': access_token.access_token,
                                             'token_type': 'bearer',
                                             'expires_in': 3600}),
                                 content_type='application/json')
         except HttpBadRequestException:
             raise
         except ObjectNotFoundException as ex:
             logger.warning('Error matching client: {0}'.format(ex))
             raise HttpBadRequestException(error='invalid_client',
                                           error_description='Client could not be found')
         except Exception as ex:
             logger.exception('Error matching client: {0}'.format(ex))
             raise HttpBadRequestException(error='invalid_client',
                                           error_description='Error loading client')
     else:
         raise HttpBadRequestException(error='unsupported_grant_type',
                                       error_description='Unsupported grant type')
开发者ID:grimpy,项目名称:openvstorage,代码行数:92,代码来源:tokenview.py


注:本文中的ovs.dal.lists.userlist.UserList类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。