You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by je...@apache.org on 2014/12/09 15:17:08 UTC
[1/3] allura git commit: [#7805] ticket:696 Add convenient way to
perform custom actions after token is fetched
Repository: allura
Updated Branches:
refs/heads/ib/7805 [created] 9688bb55e
[#7805] ticket:696 Add convenient way to perform custom actions after token is fetched
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/9688bb55
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/9688bb55
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/9688bb55
Branch: refs/heads/ib/7805
Commit: 9688bb55ebbd3975e700381321ad5139042004cb
Parents: 5cb3cdc
Author: Igor Bondarenko <je...@gmail.com>
Authored: Thu Dec 4 16:59:44 2014 +0000
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Tue Dec 9 09:36:49 2014 +0000
----------------------------------------------------------------------
ForgeImporters/forgeimporters/github/__init__.py | 6 ++++++
ForgeImporters/forgeimporters/github/tests/test_oauth.py | 6 ++++++
2 files changed, 12 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/9688bb55/ForgeImporters/forgeimporters/github/__init__.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/github/__init__.py b/ForgeImporters/forgeimporters/github/__init__.py
index e0a3dd5..fe501dd 100644
--- a/ForgeImporters/forgeimporters/github/__init__.py
+++ b/ForgeImporters/forgeimporters/github/__init__.py
@@ -214,8 +214,14 @@ class GitHubOAuthMixin(object):
)
c.user.set_tool_data('GitHubProjectImport',
token=token['access_token'])
+ self.oauth_callback_complete()
redirect(session.get('github.oauth.redirect', '/'))
+ def oauth_callback_complete(self):
+ """Subclasses can implement this to perform additional actions when
+ token is retrieved"""
+ pass
+
def oauth_has_access(self, scope):
if not scope:
return False
http://git-wip-us.apache.org/repos/asf/allura/blob/9688bb55/ForgeImporters/forgeimporters/github/tests/test_oauth.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/github/tests/test_oauth.py b/ForgeImporters/forgeimporters/github/tests/test_oauth.py
index c6fb8f3..584b403 100644
--- a/ForgeImporters/forgeimporters/github/tests/test_oauth.py
+++ b/ForgeImporters/forgeimporters/github/tests/test_oauth.py
@@ -52,3 +52,9 @@ class TestGitHubOAuthMixin(TestController, TestCase):
self.assertFalse(self.mix.oauth_has_access('write:repo_hook'))
req.head.return_value.headers = {'X-OAuth-Scopes': 'write:repo_hook, user'}
self.assertTrue(self.mix.oauth_has_access('write:repo_hook'))
+
+ @patch('forgeimporters.github.OAuth2Session')
+ def test_oauth_callback_complete(self, oauth):
+ with patch.object(self.mix, 'oauth_callback_complete') as _mock:
+ self.mix.oauth_callback()
+ _mock.assert_called_once()
[3/3] allura git commit: [#7805] ticket:696 Add ability to request
scopes
Posted by je...@apache.org.
[#7805] ticket:696 Add ability to request scopes
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/a650ad5c
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/a650ad5c
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/a650ad5c
Branch: refs/heads/ib/7805
Commit: a650ad5caea40ff0a1488b7a8f5aad959d57edf5
Parents: 5407aa9
Author: Igor Bondarenko <je...@gmail.com>
Authored: Thu Dec 4 15:45:32 2014 +0000
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Tue Dec 9 09:36:49 2014 +0000
----------------------------------------------------------------------
ForgeImporters/forgeimporters/github/__init__.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/a650ad5c/ForgeImporters/forgeimporters/github/__init__.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/github/__init__.py b/ForgeImporters/forgeimporters/github/__init__.py
index 46a9706..6dae509 100644
--- a/ForgeImporters/forgeimporters/github/__init__.py
+++ b/ForgeImporters/forgeimporters/github/__init__.py
@@ -181,7 +181,7 @@ class GitHubOAuthMixin(object):
'''Support for github oauth web application flow.'''
- def oauth_begin(self):
+ def oauth_begin(self, scope=None):
client_id = config.get('github_importer.client_id')
secret = config.get('github_importer.client_secret')
if not client_id or not secret:
@@ -189,7 +189,7 @@ class GitHubOAuthMixin(object):
if c.user.get_tool_data('GitHubProjectImport', 'token'):
return # token already exists, nothing to do
redirect_uri = request.url.rstrip('/') + '/oauth_callback'
- oauth = OAuth2Session(client_id, redirect_uri=redirect_uri)
+ oauth = OAuth2Session(client_id, redirect_uri=redirect_uri, scope=scope)
auth_url, state = oauth.authorization_url(
'https://github.com/login/oauth/authorize')
# Used in callback to prevent CSRF
[2/3] allura git commit: [#7805] ticket:696 Implement scopes access
check
Posted by je...@apache.org.
[#7805] ticket:696 Implement scopes access check
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/5cb3cdc8
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/5cb3cdc8
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/5cb3cdc8
Branch: refs/heads/ib/7805
Commit: 5cb3cdc893c925b3dcff0b9a644b4cae31fb2a54
Parents: a650ad5
Author: Igor Bondarenko <je...@gmail.com>
Authored: Thu Dec 4 16:48:25 2014 +0000
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Tue Dec 9 09:36:49 2014 +0000
----------------------------------------------------------------------
.../forgeimporters/github/__init__.py | 12 +++++
.../forgeimporters/github/tests/test_oauth.py | 54 ++++++++++++++++++++
2 files changed, 66 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/5cb3cdc8/ForgeImporters/forgeimporters/github/__init__.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/github/__init__.py b/ForgeImporters/forgeimporters/github/__init__.py
index 6dae509..e0a3dd5 100644
--- a/ForgeImporters/forgeimporters/github/__init__.py
+++ b/ForgeImporters/forgeimporters/github/__init__.py
@@ -215,3 +215,15 @@ class GitHubOAuthMixin(object):
c.user.set_tool_data('GitHubProjectImport',
token=token['access_token'])
redirect(session.get('github.oauth.redirect', '/'))
+
+ def oauth_has_access(self, scope):
+ if not scope:
+ return False
+ token = c.user.get_tool_data('GitHubProjectImport', 'token')
+ if not token:
+ return False
+ url = 'https://api.github.com/?access_token={}'.format(token)
+ r = requests.head(url)
+ scopes = r.headers.get('X-OAuth-Scopes', '')
+ scopes = [s.strip() for s in scopes.split(',')]
+ return scope in scopes
http://git-wip-us.apache.org/repos/asf/allura/blob/5cb3cdc8/ForgeImporters/forgeimporters/github/tests/test_oauth.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/github/tests/test_oauth.py b/ForgeImporters/forgeimporters/github/tests/test_oauth.py
new file mode 100644
index 0000000..c6fb8f3
--- /dev/null
+++ b/ForgeImporters/forgeimporters/github/tests/test_oauth.py
@@ -0,0 +1,54 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from unittest import TestCase
+from mock import Mock, patch
+from pylons import tmpl_context as c
+from allura.tests import TestController
+from forgeimporters.github import GitHubOAuthMixin
+
+
+class TestGitHubOAuthMixin(TestController, TestCase):
+
+ def setUp(self):
+ super(TestGitHubOAuthMixin, self).setUp()
+ c.user = Mock()
+ self.mix = GitHubOAuthMixin()
+
+ def test_oauth_has_access_no_scope(self):
+ self.assertFalse(self.mix.oauth_has_access(None))
+ self.assertFalse(self.mix.oauth_has_access(''))
+
+ def test_oauth_has_access_no_token(self):
+ c.user.get_tool_data.return_value = None
+ self.assertFalse(self.mix.oauth_has_access('write:repo_hook'))
+
+ @patch('forgeimporters.github.requests')
+ def test_oauth_has_access_no_headers(self, req):
+ c.user.get_tool_data.return_value = 'token'
+ self.assertFalse(self.mix.oauth_has_access('write:repo_hook'))
+ req.head.assert_called_once_with('https://api.github.com/?access_token=token')
+
+ @patch('forgeimporters.github.requests')
+ def test_oauth_has_access_with_headers(self, req):
+ c.user.get_tool_data.return_value = 'token'
+ req.head.return_value.headers = {'X-OAuth-Scopes': ''}
+ self.assertFalse(self.mix.oauth_has_access('write:repo_hook'))
+ req.head.return_value.headers = {'X-OAuth-Scopes': 'some, other:scopes'}
+ self.assertFalse(self.mix.oauth_has_access('write:repo_hook'))
+ req.head.return_value.headers = {'X-OAuth-Scopes': 'write:repo_hook, user'}
+ self.assertTrue(self.mix.oauth_has_access('write:repo_hook'))