Adds some tests for the OAuth and some docs
This commit is contained in:
parent
1c694fbec5
commit
86ba416883
36
docs/source/api/oauth.rst
Normal file
36
docs/source/api/oauth.rst
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
.. MediaGoblin Documentation
|
||||||
|
|
||||||
|
Written in 2011, 2012 by MediaGoblin contributors
|
||||||
|
|
||||||
|
To the extent possible under law, the author(s) have dedicated all
|
||||||
|
copyright and related and neighboring rights to this software to
|
||||||
|
the public domain worldwide. This software is distributed without
|
||||||
|
any warranty.
|
||||||
|
|
||||||
|
You should have received a copy of the CC0 Public Domain
|
||||||
|
Dedication along with this software. If not, see
|
||||||
|
<http://creativecommons.org/publicdomain/zero/1.0/>.
|
||||||
|
|
||||||
|
==============
|
||||||
|
Authentication
|
||||||
|
==============
|
||||||
|
|
||||||
|
GNU MediaGoblin uses OAuth1 to authenticate requests to the API. There are many
|
||||||
|
libraries out there for OAuth1, you're likely not going to have to do much. There
|
||||||
|
is a library for the GNU MediaGoblin called `PyPump <https://github.com/xray7224/PyPump>`_.
|
||||||
|
We are not using OAuth2 as we want to stay completely compatable with GNU MediaGoblin.
|
||||||
|
|
||||||
|
|
||||||
|
We use :doc:`client_register` to get the client ID and secret.
|
||||||
|
|
||||||
|
Endpoints
|
||||||
|
---------
|
||||||
|
|
||||||
|
These are the endpoints you need to use for the oauth requests:
|
||||||
|
|
||||||
|
`/oauth/request_token` is for getting the request token.
|
||||||
|
|
||||||
|
`/oauth/authorize` is to send the user to to authorize your application.
|
||||||
|
|
||||||
|
`/oauth/access_token` is for getting the access token to use in requests.
|
||||||
|
|
@ -108,13 +108,14 @@ def client_register(request):
|
|||||||
client_secret = random_string(43) # again, seems to be what pump uses
|
client_secret = random_string(43) # again, seems to be what pump uses
|
||||||
expirey = 0 # for now, lets not have it expire
|
expirey = 0 # for now, lets not have it expire
|
||||||
expirey_db = None if expirey == 0 else expirey
|
expirey_db = None if expirey == 0 else expirey
|
||||||
|
application_type = data["application_type"]
|
||||||
|
|
||||||
# save it
|
# save it
|
||||||
client = Client(
|
client = Client(
|
||||||
id=client_id,
|
id=client_id,
|
||||||
secret=client_secret,
|
secret=client_secret,
|
||||||
expirey=expirey_db,
|
expirey=expirey_db,
|
||||||
application_type=data["application_type"],
|
application_type=application_type,
|
||||||
)
|
)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
@ -133,7 +134,7 @@ def client_register(request):
|
|||||||
|
|
||||||
client.application_name = data.get("application_name", None)
|
client.application_name = data.get("application_name", None)
|
||||||
|
|
||||||
contacts = data.get("contact", None)
|
contacts = data.get("contacts", None)
|
||||||
if contacts is not None:
|
if contacts is not None:
|
||||||
if type(contacts) is not unicode:
|
if type(contacts) is not unicode:
|
||||||
error = "Contacts must be a string of space-seporated email addresses."
|
error = "Contacts must be a string of space-seporated email addresses."
|
||||||
@ -149,21 +150,21 @@ def client_register(request):
|
|||||||
|
|
||||||
client.contacts = contacts
|
client.contacts = contacts
|
||||||
|
|
||||||
request_uri = data.get("request_uris", None)
|
redirect_uris = data.get("redirect_uris", None)
|
||||||
if request_uri is not None:
|
if redirect_uris is not None:
|
||||||
if type(request_uri) is not unicode:
|
if type(redirect_uris) is not unicode:
|
||||||
error = "redirect_uris must be space-seporated URLs."
|
error = "redirect_uris must be space-seporated URLs."
|
||||||
return json_respinse({"error": error}, status=400)
|
return json_respinse({"error": error}, status=400)
|
||||||
|
|
||||||
request_uri = request_uri.split()
|
redirect_uris = redirect_uris.split()
|
||||||
|
|
||||||
for uri in request_uri:
|
for uri in redirect_uris:
|
||||||
if not validate_url(uri):
|
if not validate_url(uri):
|
||||||
# not a valid uri
|
# not a valid uri
|
||||||
error = "URI {0} is not a valid URI".format(uri)
|
error = "URI {0} is not a valid URI".format(uri)
|
||||||
return json_response({"error": error}, status=400)
|
return json_response({"error": error}, status=400)
|
||||||
|
|
||||||
client.request_uri = request_uri
|
client.redirect_uri = redirect_uris
|
||||||
|
|
||||||
|
|
||||||
client.save()
|
client.save()
|
||||||
|
122
mediagoblin/tests/test_oauth1.py
Normal file
122
mediagoblin/tests/test_oauth1.py
Normal file
@ -0,0 +1,122 @@
|
|||||||
|
# GNU MediaGoblin -- federated, autonomous media hosting
|
||||||
|
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
|
||||||
|
#
|
||||||
|
# This program is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU Affero General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU Affero General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU Affero General Public License
|
||||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
import json
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
from urlparse import parse_qs, urlparse
|
||||||
|
|
||||||
|
from mediagoblin import mg_globals
|
||||||
|
from mediagoblin.tools import template, pluginapi
|
||||||
|
from mediagoblin.tests.tools import fixture_add_user
|
||||||
|
|
||||||
|
|
||||||
|
class TestOAuth(object):
|
||||||
|
@pytest.fixture(autouse=True)
|
||||||
|
def setup(self, test_app):
|
||||||
|
self.test_app = test_app
|
||||||
|
|
||||||
|
self.db = mg_globals.database
|
||||||
|
|
||||||
|
self.pman = pluginapi.PluginManager()
|
||||||
|
|
||||||
|
self.user_password = "AUserPassword123"
|
||||||
|
self.user = fixture_add_user("OAuthy", self.user_password)
|
||||||
|
|
||||||
|
self.login()
|
||||||
|
|
||||||
|
def login(self):
|
||||||
|
self.test_app.post(
|
||||||
|
"/auth/login/", {
|
||||||
|
"username": self.user.username,
|
||||||
|
"password": self.user_password})
|
||||||
|
|
||||||
|
def register_client(self, **kwargs):
|
||||||
|
""" Regiters a client with the API """
|
||||||
|
|
||||||
|
kwargs["type"] = "client_associate"
|
||||||
|
kwargs["application_type"] = kwargs.get("application_type", "native")
|
||||||
|
return self.test_app.post("/api/client/register", kwargs)
|
||||||
|
|
||||||
|
def test_client_client_register_limited_info(self):
|
||||||
|
""" Tests that a client can be registered with limited information """
|
||||||
|
response = self.register_client()
|
||||||
|
client_info = json.loads(response.body)
|
||||||
|
|
||||||
|
client = self.db.Client.query.filter_by(id=client_info["client_id"]).first()
|
||||||
|
|
||||||
|
assert response.status_int == 200
|
||||||
|
assert client is not None
|
||||||
|
|
||||||
|
def test_client_register_full_info(self):
|
||||||
|
""" Provides every piece of information possible to register client """
|
||||||
|
query = {
|
||||||
|
"application_name": "Testificate MD",
|
||||||
|
"application_type": "web",
|
||||||
|
"contacts": "someone@someplace.com tuteo@tsengeo.lu",
|
||||||
|
"logo_url": "http://ayrel.com/utral.png",
|
||||||
|
"redirect_uris": "http://navi-kosman.lu http://gmg-yawne-oeru.lu",
|
||||||
|
}
|
||||||
|
|
||||||
|
response = self.register_client(**query)
|
||||||
|
client_info = json.loads(response.body)
|
||||||
|
|
||||||
|
client = self.db.Client.query.filter_by(id=client_info["client_id"]).first()
|
||||||
|
|
||||||
|
assert client is not None
|
||||||
|
assert client.secret == client_info["client_secret"]
|
||||||
|
assert client.application_type == query["application_type"]
|
||||||
|
assert client.redirect_uri == query["redirect_uris"].split()
|
||||||
|
assert client.logo_url == query["logo_url"]
|
||||||
|
assert client.contacts == query["contacts"].split()
|
||||||
|
|
||||||
|
|
||||||
|
def test_client_update(self):
|
||||||
|
""" Tests that you can update a client """
|
||||||
|
# first we need to register a client
|
||||||
|
response = self.register_client()
|
||||||
|
|
||||||
|
client_info = json.loads(response.body)
|
||||||
|
client = self.db.Client.query.filter_by(id=client_info["client_id"]).first()
|
||||||
|
|
||||||
|
# Now update
|
||||||
|
update_query = {
|
||||||
|
"type": "client_update",
|
||||||
|
"application_name": "neytiri",
|
||||||
|
"contacts": "someone@someplace.com abc@cba.com",
|
||||||
|
"logo_url": "http://place.com/picture.png",
|
||||||
|
"application_type": "web",
|
||||||
|
"redirect_uris": "http://blah.gmg/whatever https://inboxen.org/",
|
||||||
|
}
|
||||||
|
|
||||||
|
update_response = self.register_client(**update_query)
|
||||||
|
|
||||||
|
assert update_response.status_int == 200
|
||||||
|
client_info = json.loads(update_response.body)
|
||||||
|
client = self.Client.query.filter_by(id=client_info["client_id"]).first()
|
||||||
|
|
||||||
|
assert client.secret == client_info["client_secret"]
|
||||||
|
assert client.application_type == update_query["application_type"]
|
||||||
|
assert client.application_name == update_query["application_name"]
|
||||||
|
assert client.contacts == update_query["contacts"].split()
|
||||||
|
assert client.logo_url == update_query["logo_url"]
|
||||||
|
assert client.redirect_uri == update_query["redirect_uris"].split()
|
||||||
|
|
||||||
|
def request_token(self):
|
||||||
|
""" Test a request for a request token """
|
||||||
|
response = self.register_client()
|
||||||
|
|
||||||
|
|
Loading…
x
Reference in New Issue
Block a user