From fa7647f828db07213331940cb0db96e0b03d9b75 Mon Sep 17 00:00:00 2001 From: adamscmRH Date: Thu, 1 Mar 2018 11:03:16 -0500 Subject: [PATCH] fix token creation --- awx/api/serializers.py | 6 ++--- ...330_add_oauth_activity_stream_registrar.py | 15 ----------- awx/main/models/__init__.py | 2 +- awx/main/models/oauth.py | 18 ++----------- awx/main/tests/functional/api/test_oauth.py | 26 ++++++++++++++++--- awx/main/tests/functional/conftest.py | 2 +- awx/settings/defaults.py | 1 - 7 files changed, 29 insertions(+), 41 deletions(-) diff --git a/awx/api/serializers.py b/awx/api/serializers.py index 76399faebd..0057c69bd9 100644 --- a/awx/api/serializers.py +++ b/awx/api/serializers.py @@ -970,7 +970,7 @@ class UserAuthorizedTokenSerializer(BaseSerializer): obj = super(OAuth2TokenSerializer, self).create(validated_data) obj.save() if obj.application is not None: - OAuth2RefreshToken.objects.create( + RefreshToken.objects.create( user=self.context['request'].user, token=generate_token(), application=obj.application, @@ -1097,7 +1097,7 @@ class OAuth2TokenSerializer(BaseSerializer): obj.user = obj.application.user obj.save() if obj.application is not None: - OAuth2RefreshToken.objects.create( + RefreshToken.objects.create( user=obj.application.user if obj.application.user else None, token=generate_token(), application=obj.application, @@ -1151,7 +1151,7 @@ class OAuth2AuthorizedTokenSerializer(BaseSerializer): obj.user = obj.application.user obj.save() if obj.application is not None: - OAuth2RefreshToken.objects.create( + RefreshToken.objects.create( user=obj.application.user if obj.application.user else None, token=generate_token(), application=obj.application, diff --git a/awx/main/migrations/0024_v330_add_oauth_activity_stream_registrar.py b/awx/main/migrations/0024_v330_add_oauth_activity_stream_registrar.py index 5099b7c02e..e7d2ef49b9 100644 --- a/awx/main/migrations/0024_v330_add_oauth_activity_stream_registrar.py +++ b/awx/main/migrations/0024_v330_add_oauth_activity_stream_registrar.py @@ -55,21 +55,6 @@ class Migration(migrations.Migration): 'verbose_name': 'access token', }, ), - migrations.CreateModel( - name='OAuth2RefreshToken', - fields=[ - ('id', models.BigAutoField(primary_key=True, serialize=False)), - ('token', models.CharField(max_length=255, unique=True)), - ('created', models.DateTimeField(auto_now_add=True)), - ('updated', models.DateTimeField(auto_now=True)), - ('access_token', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='refresh_token', to=settings.OAUTH2_PROVIDER_ACCESS_TOKEN_MODEL)), - ('application', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL)), - ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='main_oauth2refreshtoken', to=settings.AUTH_USER_MODEL)), - ], - options={ - 'verbose_name': 'refresh token', - }, - ), migrations.AddField( model_name='activitystream', name='o_auth2_access_token', diff --git a/awx/main/models/__init__.py b/awx/main/models/__init__.py index 6a4bec8a9a..d5f2fb7af0 100644 --- a/awx/main/models/__init__.py +++ b/awx/main/models/__init__.py @@ -26,8 +26,8 @@ from awx.main.models.workflow import * # noqa from awx.main.models.channels import * # noqa from awx.api.versioning import reverse from awx.main.models.oauth import * # noqa +from oauth2_provider.models import Grant, RefreshToken # noqa -- needed django-oauth-toolkit model migrations -from oauth2_provider.models import Grant # noqa # Monkeypatch Django serializer to ignore django-taggit fields (which break diff --git a/awx/main/models/oauth.py b/awx/main/models/oauth.py index 8ce98c2077..a1c13a23cd 100644 --- a/awx/main/models/oauth.py +++ b/awx/main/models/oauth.py @@ -8,12 +8,12 @@ from django.utils.timezone import now from django.utils.translation import ugettext_lazy as _ # Django OAuth Toolkit -from oauth2_provider.models import AbstractApplication, AbstractAccessToken, AbstractRefreshToken +from oauth2_provider.models import AbstractApplication, AbstractAccessToken DATA_URI_RE = re.compile(r'.*') # FIXME -__all__ = ['OAuth2AccessToken', 'OAuth2Application', 'OAuth2RefreshToken'] +__all__ = ['OAuth2AccessToken', 'OAuth2Application'] class OAuth2Application(AbstractApplication): @@ -57,17 +57,3 @@ class OAuth2AccessToken(AbstractAccessToken): self.save(update_fields=['last_used']) return valid - -class OAuth2RefreshToken(AbstractRefreshToken): - - class Meta: - app_label = 'main' - verbose_name = _('refresh token') - - application = models.ForeignKey( - OAuth2Application, - on_delete=models.CASCADE, - blank=True, - null=True, - ) - diff --git a/awx/main/tests/functional/api/test_oauth.py b/awx/main/tests/functional/api/test_oauth.py index 4352049579..15362e71be 100644 --- a/awx/main/tests/functional/api/test_oauth.py +++ b/awx/main/tests/functional/api/test_oauth.py @@ -1,12 +1,31 @@ import pytest +import base64 -from awx.api.versioning import reverse +from awx.api.versioning import reverse, drf_reverse from awx.main.models.oauth import (OAuth2Application as Application, OAuth2AccessToken as AccessToken, - OAuth2RefreshToken as RefreshToken ) +from oauth2_provider.models import RefreshToken +@pytest.mark.django_db +def test_personal_access_token_creation(oauth_application, post, alice): + url = drf_reverse('api:oauth_authorization_root_view') + 'token/' + resp = post( + url, + data='grant_type=password&username=alice&password=alice&scope=read', + content_type='application/x-www-form-urlencoded', + HTTP_AUTHORIZATION='Basic ' + base64.b64encode(':'.join([ + oauth_application.client_id, oauth_application.client_secret + ])) + ) + + resp_json = resp._container[0] + assert 'access_token' in resp_json + assert 'scope' in resp_json + assert 'refresh_token' in resp_json + + @pytest.mark.django_db def test_oauth_application_create(admin, post): response = post( @@ -48,7 +67,6 @@ def test_oauth_application_update(oauth_application, patch, admin, alice): assert updated_app.user == admin -@pytest.mark.skip(reason="Needs Update - CA") @pytest.mark.django_db def test_oauth_token_create(oauth_application, get, post, admin): response = post( @@ -76,7 +94,7 @@ def test_oauth_token_create(oauth_application, get, post, admin): ) assert response.data['summary_fields']['tokens']['count'] == 1 assert response.data['summary_fields']['tokens']['results'][0] == { - 'id': token.pk, 'token': token.token + 'id': token.pk, 'scope': token.scope, 'token': '**************' } diff --git a/awx/main/tests/functional/conftest.py b/awx/main/tests/functional/conftest.py index 22e675246b..d5b45cf728 100644 --- a/awx/main/tests/functional/conftest.py +++ b/awx/main/tests/functional/conftest.py @@ -531,7 +531,7 @@ def _request(verb): user = data_or_user elif 'data' not in kwargs: kwargs['data'] = data_or_user - if 'format' not in kwargs: + if 'format' not in kwargs and 'content_type' not in kwargs: kwargs['format'] = 'json' view, view_args, view_kwargs = resolve(urlparse(url)[2]) diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py index 7d23eba0d4..b53f96f00b 100644 --- a/awx/settings/defaults.py +++ b/awx/settings/defaults.py @@ -338,7 +338,6 @@ AUTHENTICATION_BACKENDS = ( # Django OAuth Toolkit settings OAUTH2_PROVIDER_APPLICATION_MODEL = 'main.OAuth2Application' OAUTH2_PROVIDER_ACCESS_TOKEN_MODEL = 'main.OAuth2AccessToken' -OAUTH2_PROVIDER_REFRESH_TOKEN_MODEL = 'main.OAuth2RefreshToken' OAUTH2_PROVIDER = {}