Merge pull request #1584 from josenavas/artifact-oauth

Plugins oauth2

Author: squirrelo

qiita_db/handlers/tests/oauthbase.py

@@ -9,5 +9,5 @@ def setUp(self):
         self.header = {'Authorization': 'Bearer ' + self.token}
         r_client.hset(self.token, 'timestamp', '12/12/12 12:12:00')
         r_client.hset(self.token, 'grant_type', 'client')
-        r_client.expire(self.token, 2)
+        r_client.expire(self.token, 20)
         super(OauthTestingBase, self).setUp()

qiita_db/handlers/tests/test_oauth2.py

@@ -95,7 +95,7 @@ def test_authenticate_client_header(self):
         obs_body = loads(obs.body)
         exp = {'access_token': 'token',
                'token_type': 'Bearer',
-               'expires_in': '3600'}
+               'expires_in': 3600}
         self.assertItemsEqual(obs_body.keys(), exp.keys())
         self.assertEqual(obs_body['token_type'], exp['token_type'])
         self.assertEqual(obs_body['expires_in'], exp['expires_in'])
@@ -122,7 +122,7 @@ def test_authenticate_client_post(self):
         obs_body = loads(obs.body)
         exp = {'access_token': 'placeholder',
                'token_type': 'Bearer',
-               'expires_in': '3600'}
+               'expires_in': 3600}
         self.assertItemsEqual(obs_body.keys(), exp.keys())
         self.assertEqual(obs_body['token_type'], exp['token_type'])
         self.assertEqual(obs_body['expires_in'], exp['expires_in'])
@@ -215,7 +215,7 @@ def test_authenticate_password(self):
         obs_body = loads(obs.body)
         exp = {'access_token': 'placeholder',
                'token_type': 'Bearer',
-               'expires_in': '3600'}
+               'expires_in': 3600}
         self.assertItemsEqual(obs_body.keys(), exp.keys())
         self.assertEqual(obs_body['token_type'], exp['token_type'])
         self.assertEqual(obs_body['expires_in'], exp['expires_in'])

qiita_db/support_files/patches/34.sql

@@ -1,8 +1,18 @@
 -- Dec 5, 2015
 -- Adds table needed for oauth2 authentication
 
-CREATE TABLE qiita.oauth_identifiers ( 
+CREATE TABLE qiita.oauth_identifiers (
 	client_id            varchar(50)  NOT NULL,
 	client_secret        varchar(255),
 	CONSTRAINT pk_oauth2 PRIMARY KEY ( client_id )
- );
+ );
+
+ CREATE TABLE qiita.oauth_software (
+	software_id          bigint  NOT NULL,
+	client_id            varchar  NOT NULL,
+	CONSTRAINT idx_oauth_software PRIMARY KEY ( software_id, client_id )
+ ) ;
+CREATE INDEX idx_oauth_software_software ON qiita.oauth_software ( software_id ) ;
+CREATE INDEX idx_oauth_software_client ON qiita.oauth_software ( client_id ) ;
+ALTER TABLE qiita.oauth_software ADD CONSTRAINT fk_oauth_software_software FOREIGN KEY ( software_id ) REFERENCES qiita.software( software_id )    ;
+ALTER TABLE qiita.oauth_software ADD CONSTRAINT fk_oauth_software FOREIGN KEY ( client_id ) REFERENCES qiita.oauth_identifiers( client_id )    ;

qiita_db/support_files/patches/python_patches/34.py

@@ -0,0 +1,18 @@
+from random import SystemRandom
+from string import ascii_letters, digits
+
+from qiita_db.sql_connection import TRN
+
+pool = ascii_letters + digits
+client_id = ''.join([SystemRandom().choice(pool) for _ in range(50)])
+client_secret = ''.join([SystemRandom().choice(pool) for _ in range(255)])
+
+with TRN:
+    sql = """INSERT INTO qiita.oauth_identifiers (client_id, client_secret)
+             VALUES (%s, %s)"""
+    TRN.add(sql, [client_id, client_secret])
+
+    sql = """INSERT INTO qiita.oauth_software (software_id, client_id)
+             VALUES (%s, %s)"""
+    TRN.add(sql, [1, client_id])
+    TRN.execute()

qiita_db/support_files/qiita-db.dbs

@@ -21,7 +21,14 @@
 
 
 class UtilTests(TestCase):
+    @httpretty.activate
     def setUp(self):
+        httpretty.register_uri(
+            httpretty.POST,
+            "https://test_server.com/qiita_db/authenticate/",
+            body='{"access_token": "token", "token_type": "Bearer", '
+                 '"expires_in": "3600"}')
+
         self.qclient = QiitaClient("https://test_server.com")
         self._clean_up_files = []
 

qiita_db/support_files/qiita-db.html

@@ -14,3 +14,7 @@
 # If the Qiita server certificate is not a valid certificate,
 # put here the path to the certificate so it can be verified
 SERVER_CERT =
+
+# Oauth2 plugin configuration
+CLIENT_ID =
+CLIENT_SECRET =

qiita_plugins/target_gene/tgp/split_libraries/tests/test_util.py

@@ -17,7 +17,13 @@
 
 
 class QiitaClientTests(TestCase):
+    @httpretty.activate
     def setUp(self):
+        httpretty.register_uri(
+            httpretty.POST,
+            "https://test_server.com/qiita_db/authenticate/",
+            body='{"access_token": "token", "token_type": "Bearer", '
+                 '"expires_in": "3600"}')
         self.tester = QiitaClient("https://test_server.com")
         self._clean_up_files = []
         self._old_fp = environ.get('QP_TARGET_GENE_CONFIG_FP')
@@ -31,24 +37,40 @@ def tearDown(self):
         else:
             del environ['QP_TARGET_GENE_CONFIG_FP']
 
+    @httpretty.activate
     def test_init(self):
+        httpretty.register_uri(
+            httpretty.POST,
+            "https://test_server.com/qiita_db/authenticate/",
+            body='{"access_token": "token", "token_type": "Bearer", '
+                 '"expires_in": "3600"}')
         obs = QiitaClient("https://test_server.com")
         self.assertEqual(obs._server_url, "https://test_server.com")
         self.assertTrue(obs._verify)
 
+    @httpretty.activate
     def test_init_cert(self):
+        httpretty.register_uri(
+            httpretty.POST,
+            "https://test_server.com/qiita_db/authenticate/",
+            body='{"access_token": "token", "token_type": "Bearer", '
+                 '"expires_in": "3600"}')
+        fd, cert_fp = mkstemp()
+        close(fd)
+        with open(cert_fp, 'w') as f:
+            f.write(CERT_FP)
         fd, conf_fp = mkstemp()
         close(fd)
         with open(conf_fp, 'w') as f:
-            f.write(CONF_FP)
+            f.write(CONF_FP % cert_fp)
 
         self._clean_up_files.append(conf_fp)
 
         environ['QP_TARGET_GENE_CONFIG_FP'] = conf_fp
         obs = QiitaClient("https://test_server.com")
 
         self.assertEqual(obs._server_url, "https://test_server.com")
-        self.assertEqual(obs._verify, "/path/to/test_certificate.crt")
+        self.assertEqual(obs._verify, cert_fp)
 
     @httpretty.activate
     def test_get(self):
@@ -100,8 +122,33 @@ def test_post_error(self):
 [main]
 # If the Qiita server certificate is not a valid certificate,
 # put here the path to the certificate so it can be verified
-SERVER_CERT = /path/to/test_certificate.crt
+SERVER_CERT = %s
+
+# Oauth2 plugin configuration
+CLIENT_ID = client_id
+CLIENT_SECRET = client_secret
 """
 
+CERT_FP = """-----BEGIN CERTIFICATE-----
+MIIDVjCCAj4CCQCP4XnDqToF2zANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJV
+UzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJU2FuIERpZWdvMQ0wCwYD
+VQQKEwRVQ1NEMRIwEAYDVQQLEwlLbmlnaHRMYWIxEjAQBgNVBAMTCWxvY2FsaG9z
+dDAeFw0xNTEyMTgyMjE3MzBaFw0xNjEyMTcyMjE3MzBaMG0xCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTYW4gRGllZ28xDTALBgNV
+BAoTBFVDU0QxEjAQBgNVBAsTCUtuaWdodExhYjESMBAGA1UEAxMJbG9jYWxob3N0
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1ggW4M/l3Wpru4+2Cro
+nnqaUWD0ImLnkdAbmDjhGiCdKqdb8yzLeKipGaRY383gd5vMWHsKB1I3t+EzFWiY
+fxd12Evx6MUIXVZSkdConk+8xlmJ5ba1Hgy7qzErY7+HOtgqm1ylyqTuOZyv3Umv
+0W6ETLVz/alfzxTlqAkvuJn7I7RrbY81I3b5SOUxJTtj9pPwkZtVOD0ha3FH0LBu
+lE4oi6rQQhzIbUDWLITZRCteplV5ikbC3JqaJ7pDiYnOIPnRR0UF+xdyTiOvSNH8
+WrKuAdGGN+90PDt8fgQOwptE5l/RGyoJ2on7nlSj5crDtYzXXDYw0DCzuFG12nZV
+FwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBTQJ8WYpSfsXsgmDa2uIYX5E+8ECGn
+patQJuxYfOEp9knnBBe+QcaBMY6E7uH6EZz2QwS/gdhfY8e8QXw9sh9ZrQKQlIAK
+Q5l5qxAtek0C90qdseYWoomBhpmqMUicF0OgecbdZ4X6Tfc4hvN5IXUTMn9ZJEaV
+fduah3c7xEkSbHQl6iHnJswNKTc7Amm+BIwuYJjCZxVgKxAgvYzzg/TFU03gqzfE
+h7ARs1p4WdHH+WTMqCZq8+sju3Lum4uwjYaiLaFE7psDkWWAYOu6Jv/o0V1zER/S
+LzNaDfkm5kq4VURhPMQzdAiVdiTNKDFnLB3erg6wG95q5OiGNO1WYSw2
+-----END CERTIFICATE-----"""
+
 if __name__ == '__main__':
     main()

qiita_plugins/target_gene/tgp/support_files/config_file.cfg

@@ -17,7 +17,13 @@
 
 
 class UtilTests(TestCase):
+    @httpretty.activate
     def setUp(self):
+        httpretty.register_uri(
+            httpretty.POST,
+            "https://test_server.com/qiita_db/authenticate/",
+            body='{"access_token": "token", "token_type": "Bearer", '
+                 '"expires_in": "3600"}')
         self.qclient = QiitaClient("https://test_server.com")
 
     def test_system_call(self):