Skip to content
This repository was archived by the owner on Mar 3, 2020. It is now read-only.

Commit d672deb

Browse files
committed
Merge pull request #27 from edx/clintonb/cleanup
Code Cleanup
2 parents 1c60a14 + ccd3e21 commit d672deb

File tree

4 files changed

+14
-26
lines changed

4 files changed

+14
-26
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,3 +9,4 @@ venv
99
*.sqlite
1010
.coverage
1111
.idea/
12+
htmlcov/

provider/oauth2/tests.py

Lines changed: 8 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
from django.http import QueryDict
1010
from django.test import TestCase
1111
from django.utils.html import escape
12+
from mock import patch
1213

1314
from provider import constants, scope
1415
from provider.oauth2.backends import AccessTokenBackend, BasicClientBackend, RequestParamsClientBackend
@@ -166,8 +167,8 @@ def test_token_authorization_redirects_to_correct_uri(self):
166167
self.assertEqual(url, self.get_client().redirect_uri)
167168
self.assertTrue('access_token' in urlparse.parse_qs(fragment))
168169

170+
@patch('provider.constants.SINGLE_ACCESS_TOKEN', True)
169171
def test_token_ignores_expired_tokens(self):
170-
constants.SINGLE_ACCESS_TOKEN = True
171172
AccessToken.objects.create(
172173
user=self.get_user(),
173174
client=self.get_client(),
@@ -179,11 +180,9 @@ def test_token_ignores_expired_tokens(self):
179180
self.client.post(self.auth_url2(), data={'authorize': 'Authorize'})
180181

181182
self.assertEqual(AccessToken.objects.count(), 2)
182-
constants.SINGLE_ACCESS_TOKEN = False
183183

184+
@patch('provider.constants.SINGLE_ACCESS_TOKEN', True)
184185
def test_token_doesnt_return_tokens_from_another_client(self):
185-
constants.SINGLE_ACCESS_TOKEN = True
186-
187186
# Different client than we'll be submitting an RPC for.
188187
AccessToken.objects.create(
189188
user=self.get_user(),
@@ -195,10 +194,9 @@ def test_token_doesnt_return_tokens_from_another_client(self):
195194
self.client.post(self.auth_url2(), data={'authorize': 'Authorize'})
196195

197196
self.assertEqual(AccessToken.objects.count(), 2)
198-
constants.SINGLE_ACCESS_TOKEN = False
199197

198+
@patch('provider.constants.SINGLE_ACCESS_TOKEN', True)
200199
def test_token_authorization_respects_single_access_token_constant(self):
201-
constants.SINGLE_ACCESS_TOKEN = True
202200
self.login()
203201
self.client.get(self.auth_url(), data=self.get_auth_params(response_type="token"))
204202
self.client.post(self.auth_url2(), data={'authorize': 'Authorize'})
@@ -210,10 +208,9 @@ def test_token_authorization_respects_single_access_token_constant(self):
210208
self.client.post(self.auth_url2(), data={'authorize': 'Authorize'})
211209

212210
self.assertEqual(AccessToken.objects.count(), 1)
213-
constants.SINGLE_ACCESS_TOKEN = False
214211

212+
@patch('provider.constants.SINGLE_ACCESS_TOKEN', False)
215213
def test_token_authorization_can_do_multi_access_tokens(self):
216-
constants.SINGLE_ACCESS_TOKEN = False
217214
self.login()
218215
self.client.get(self.auth_url(), data=self.get_auth_params(response_type="token"))
219216
self.client.post(self.auth_url2(), data={'authorize': 'Authorize'})
@@ -226,8 +223,8 @@ def test_token_authorization_can_do_multi_access_tokens(self):
226223

227224
self.assertEqual(AccessToken.objects.count(), 2)
228225

226+
@patch('provider.constants.SINGLE_ACCESS_TOKEN', False)
229227
def test_token_authorization_cancellation(self):
230-
constants.SINGLE_ACCESS_TOKEN = False
231228
self.login()
232229
self.client.get(self.auth_url(), data=self.get_auth_params(response_type="token"))
233230
self.client.post(self.auth_url2())
@@ -436,19 +433,14 @@ def test_fetching_access_token_with_invalid_grant_type(self):
436433
self.assertEqual(400, response.status_code)
437434
self.assertEqual('unsupported_grant_type', json.loads(response.content)['error'], response.content)
438435

436+
@patch('provider.constants.SINGLE_ACCESS_TOKEN', True)
439437
def test_fetching_single_access_token(self):
440-
constants.SINGLE_ACCESS_TOKEN = True
441-
442438
result1 = self._login_authorize_get_token()
443439
result2 = self._login_authorize_get_token()
444440

445441
self.assertEqual(result1['access_token'], result2['access_token'])
446442

447-
constants.SINGLE_ACCESS_TOKEN = False
448-
449443
def test_fetching_single_access_token_after_refresh(self):
450-
constants.SINGLE_ACCESS_TOKEN = True
451-
452444
token = self._login_authorize_get_token()
453445

454446
self.client.post(self.access_token_url(), {
@@ -461,8 +453,6 @@ def test_fetching_single_access_token_after_refresh(self):
461453
new_token = self._login_authorize_get_token()
462454
self.assertNotEqual(token['access_token'], new_token['access_token'])
463455

464-
constants.SINGLE_ACCESS_TOKEN = False
465-
466456
def test_fetching_access_token_multiple_times(self):
467457
self._login_authorize_get_token()
468458
code = self.get_grant().code
@@ -534,7 +524,7 @@ def test_password_grant_public(self):
534524

535525
def test_password_grant_confidential(self):
536526
c = self.get_client()
537-
c.client_type = 0 # confidential
527+
c.client_type = constants.CONFIDENTIAL
538528
c.save()
539529

540530
response = self.client.post(self.access_token_url(), {

provider/oauth2/views.py

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -8,22 +8,19 @@
88

99
from provider import constants
1010
from provider.oauth2.backends import BasicClientBackend, RequestParamsClientBackend, PublicPasswordBackend
11-
from provider.oauth2.forms import AuthorizationCodeGrantForm
12-
from provider.oauth2.forms import AuthorizationRequestForm, AuthorizationForm
13-
from provider.oauth2.forms import PasswordGrantForm, RefreshTokenGrantForm
11+
from provider.oauth2.forms import (AuthorizationCodeGrantForm, AuthorizationRequestForm, AuthorizationForm,
12+
PasswordGrantForm, RefreshTokenGrantForm)
1413
from provider.oauth2.models import Client, RefreshToken, AccessToken
1514
from provider.utils import now
16-
from provider.views import AccessToken as AccessTokenView, OAuthError, AccessTokenMixin
17-
from provider.views import Capture, Authorize, Redirect
15+
from provider.views import AccessToken as AccessTokenView, OAuthError, AccessTokenMixin, Capture, Authorize, Redirect
1816

1917

2018
class OAuth2AccessTokenMixin(AccessTokenMixin):
2119

2220
def get_access_token(self, request, user, scope, client):
2321
try:
2422
# Attempt to fetch an existing access token.
25-
at = AccessToken.objects.get(user=user, client=client,
26-
scope=scope, expires__gt=now())
23+
at = AccessToken.objects.get(user=user, client=client, scope=scope, expires__gt=now())
2724
except AccessToken.DoesNotExist:
2825
# None found... make a new one!
2926
at = self.create_access_token(request, user, scope, client)

provider/views.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -605,7 +605,7 @@ def password(self, request, data, client):
605605
else:
606606
at = self.create_access_token(request, user, scope, client)
607607
# Public clients don't get refresh tokens
608-
if client.client_type != 1:
608+
if client.client_type == constants.CONFIDENTIAL:
609609
rt = self.create_refresh_token(request, user, scope, at, client)
610610

611611
return self.access_token_response(at)

0 commit comments

Comments
 (0)