Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Top 10 Examples of "oauthlib in functional component" in Python

Dive into secure and efficient coding practices with our curated list of the top 10 examples showcasing 'oauthlib' in functional components in Python. Our advanced machine learning engine meticulously scans each line of code, cross-referencing millions of open source libraries to ensure your implementation is not just functional, but also robust and secure. Elevate your React applications to new heights by mastering the art of handling side effects, API calls, and asynchronous operations with confidence and precision.

uri.format('code'), scopes=['foo'])
            self.assertEqual(s, 302)
            self.assertIn('Location', h)
            self.assertIn('error=invalid_request', h['Location'])
        invalid_bodies = [
            # duplicate params
            'grant_type=authorization_code&client_id=nope&client_id=nope&code=foo'
        ]
        for body in invalid_bodies:
            _, body, _ = self.web.create_token_response(token_uri,
                    body=body)
            self.assertEqual('invalid_request', json.loads(body)['error'])

        # Implicit grant
        for uri in invalid_uris:
            self.assertRaises(errors.InvalidRequestError,
                    self.mobile.validate_authorization_request,
                    uri.format('token'))
            h, _, s = self.mobile.create_authorization_response(
                    uri.format('token'), scopes=['foo'])
            self.assertEqual(s, 302)
            self.assertIn('Location', h)
            self.assertIn('error=invalid_request', h['Location'])

        # Password credentials grant
        invalid_bodies = [
            # duplicate params
            'grant_type=password&username=foo&username=bar&password=baz'
            # missing username
            'grant_type=password&password=baz'
            # missing password
            'grant_type=password&username=foo'
def test_pkce_required_verifier_missing_challenge_valid(self):
        self.mock_validator.is_pkce_required.return_value = True
        self.request.code_verifier = None
        self.mock_validator.get_code_challenge.return_value = "foo"
        self.assertRaises(errors.MissingCodeVerifierError,
                          self.auth.validate_token_request, self.request)
def test_invalid_grant_type(self):
        self.request.grant_type = 'foo'
        self.assertRaises(errors.UnsupportedGrantTypeError,
                          self.auth.validate_token_request, self.request)
def test_sanitized_request_non_debug_mode(self):
        """make sure requests are sanitized when in non debug mode.
        For the debug mode, the other tests checking sanitization should prove
        that debug mode is working.
        """
        try:
            oauthlib.set_debug(False)
            r = Request(URI, headers={'token': 'foobar'}, body='token=banana')
            self.assertNotIn('token', repr(r))
            self.assertIn('SANITIZED', repr(r))
        finally:
            # set flag back for other tests
            oauthlib.set_debug(True)
def test_get_oauth_params():
    """Verifies oauth_token is added to the list of params when an empty string."""

    client = MKMClient(
        client_key="app_token",
        client_secret="app_secret",
        resource_owner_key="",
        resource_owner_secret="",
        realm="https://sandbox.cardmarket.com",
        nonce="0987654321",
        timestamp="1234567890",
    )

    params = client.get_oauth_params(Request(uri="https://sandbox.cardmarket.com"))

    assert params[0][0] == "oauth_nonce"
    assert params[0][1] == "0987654321"
    assert params[1][0] == "oauth_timestamp"
    assert params[1][1] == "1234567890"
    assert params[2][0] == "oauth_version"
    assert params[2][1] == "1.0"
    assert params[3][0] == "oauth_signature_method"
    assert params[3][1] == "HMAC-SHA1"
    assert params[4][0] == "oauth_consumer_key"
    assert params[4][1] == "app_token"
    assert params[5][0] == "oauth_token"
    assert params[5][1] == ""
def oauth_sign_params(cls, url, params):
        params.update(
            {
                "oauth_consumer_key": cls.OAUTH_CONSUMER_KEY,
                "oauth_nonce": cls.OAUTH_NONCE,
                "oauth_timestamp": str(int(time.time())),
            }
        )
        params["oauth_signature"] = cls.OAUTH_CLIENT.get_oauth_signature(
            oauthlib.common.Request(f"http://localhost{url}", "POST", body=params)
        )

        return params
def generate_launch_request(
        url,
        body=None,
        http_method="GET",
        base_url="http://localhost",
        roles="Instructor",
        headers=None,
    ):
        params = {}

        if roles is not None:
            params["roles"] = roles

        urlparams = urlencode(params)

        client = oauthlib.oauth1.Client(
            "key",
            client_secret="secret",
            signature_method=oauthlib.oauth1.SIGNATURE_HMAC,
            signature_type=oauthlib.oauth1.SIGNATURE_TYPE_QUERY,
        )
        signature = client.sign(
            "{}{}?{}".format(base_url, url, urlparams),
            body=body,
            http_method=http_method,
            headers=headers,
        )
        signed_url = signature[0]
        new_url = signed_url[len(base_url) :]
        return new_url
def test_invalid_oauth_and_XML(self):
        # OAuth credentials are invalid and the body XML causes ParseError
        req_xml = '''
'''
        
        # OAuth1 signature and body hash for the HTTP request Authorization header
        oauth_client = oauthlib.oauth1.Client(
            client_key=self.lti_service.consumer_key,
            client_secret='thewrongsecret',
            signature_method=oauthlib.oauth1.SIGNATURE_HMAC,
            signature_type=oauthlib.oauth1.SIGNATURE_TYPE_AUTH_HEADER,
        )
        oa_uri, oa_headers, oa_body = oauth_client.sign('http://aplus.local/api/v2/lti-outcomes',
            http_method='POST',
            body=req_xml,
            headers={
                'Content-Type': 'application/xml',
            },
        )
        
        # make the test request
        response = self.client.post(self.OUTCOMES_API_URL, data=req_xml, content_type='application/xml',
                         HTTP_AUTHORIZATION=oa_headers['Authorization'],
def test_request_body(self):
        client = WebApplicationClient(self.client_id, code=self.code)

        # Basic, no extra arguments
        body = client.prepare_request_body(body=self.body)
        self.assertFormBodyEqual(body, self.body_code)

        rclient = WebApplicationClient(self.client_id)
        body = rclient.prepare_request_body(code=self.code, body=self.body)
        self.assertFormBodyEqual(body, self.body_code)

        # With redirection uri
        body = client.prepare_request_body(body=self.body, redirect_uri=self.redirect_uri)
        self.assertFormBodyEqual(body, self.body_redirect)

        # With extra parameters
        body = client.prepare_request_body(body=self.body, **self.kwargs)
        self.assertFormBodyEqual(body, self.body_kwargs)
def test_populate_attributes(self):

        client = WebApplicationClient(self.client_id)

        response_uri = (self.response_uri +
                        "&access_token=EVIL-TOKEN"
                        "&refresh_token=EVIL-TOKEN"
                        "&mac_key=EVIL-KEY")

        client.parse_request_uri_response(response_uri, self.state)

        self.assertEqual(client.code, self.code)

        # We must not accidentally pick up any further security
        # credentials at this point.
        self.assertIsNone(client.access_token)
        self.assertIsNone(client.refresh_token)
        self.assertIsNone(client.mac_key)

Is your System Free of Underlying Vulnerabilities?
Find Out Now