diff --git a/backdrop/write/admin_ui.py b/backdrop/write/admin_ui.py index 66f38c98..5bfb05dc 100644 --- a/backdrop/write/admin_ui.py +++ b/backdrop/write/admin_ui.py @@ -17,12 +17,14 @@ def setup(app, db, bucket_repository, user_repository): ADMIN_UI_HOST = app.config["BACKDROP_ADMIN_UI_HOST"] MAX_UPLOAD_SIZE = 1000000 - app.oauth_service = Signonotron2( - client_id=app.config['OAUTH_CLIENT_ID'], - client_secret=app.config['OAUTH_CLIENT_SECRET'], - base_url=app.config['OAUTH_BASE_URL'], - backdrop_admin_ui_host=ADMIN_UI_HOST - ) + @app.before_first_request + def setup_oauth_redirect_uri(): + app.oauth_service = Signonotron2( + client_id=app.config['OAUTH_CLIENT_ID'], + client_secret=app.config['OAUTH_CLIENT_SECRET'], + base_url=app.config['OAUTH_BASE_URL'], + redirect_url=url_for(ADMIN_UI_HOST, "oauth_authorized") + ) @app.after_request def prevent_clickjacking(response): @@ -63,7 +65,7 @@ def oauth_sign_in(): This returns a redirect to the OAuth provider, so we shouldn't allow this response to be cached. """ - return app.oauth_service.authorize() + return redirect(app.oauth_service.authorize()) @app.route(USER_SCOPE + "/sign_out") @cache_control.set("private, must-revalidate") diff --git a/backdrop/write/signonotron2.py b/backdrop/write/signonotron2.py index b8064149..802705ce 100644 --- a/backdrop/write/signonotron2.py +++ b/backdrop/write/signonotron2.py @@ -1,6 +1,5 @@ from logging import getLogger -from flask import redirect, json -from admin_ui_helper import url_for +import json from rauth import OAuth2Service, service log = getLogger(__name__) @@ -8,7 +7,7 @@ class Signonotron2(object): def __init__(self, client_id, client_secret, base_url, - backdrop_admin_ui_host): + redirect_url): self.signon = OAuth2Service( client_id=client_id, client_secret=client_secret, @@ -17,25 +16,23 @@ def __init__(self, client_id, client_secret, base_url, access_token_url="%s/oauth/token" % base_url, base_url=base_url ) - self.backdrop_admin_ui_host = backdrop_admin_ui_host - - def __redirect_uri(self): - return url_for(self.backdrop_admin_ui_host, "oauth_authorized") + self.redirect_url = redirect_url def __json_access_token(self, something): + # TODO: use python json package return json.loads(something) def authorize(self): params = { "response_type": "code", - "redirect_uri": self.__redirect_uri() + "redirect_uri": self.redirect_url } - return redirect(self.signon.get_authorize_url(**params)) + return self.signon.get_authorize_url(**params) def exchange(self, code): data = dict( grant_type='authorization_code', - redirect_uri=self.__redirect_uri(), + redirect_uri=self.redirect_url, code=code ) response = self.signon.get_raw_access_token('POST', data=data) diff --git a/tests/write/test_file_upload_integration.py b/tests/write/test_file_upload_integration.py index 5f2f27ec..1a6f6b61 100644 --- a/tests/write/test_file_upload_integration.py +++ b/tests/write/test_file_upload_integration.py @@ -137,7 +137,6 @@ def test_upload_auto_generate_ids(self): assert_that(response, has_status(200)) db = MongoClient('localhost', 27017).backdrop_test results = list(db.bucket_with_timestamp_auto_id.find()) - print(results[0]) assert_that(len(results), is_(18)) assert_that(results[0], has_entries({ diff --git a/tests/write/test_signonotron2.py b/tests/write/test_signonotron2.py index 409c4207..40f8eec8 100644 --- a/tests/write/test_signonotron2.py +++ b/tests/write/test_signonotron2.py @@ -16,14 +16,14 @@ def setUp(self): def tearDown(self): self.ctx.pop() - def test_authorize_returns_a_redirect_to_signon_service(self): + def test_authorize_returns_a_url_to_signon_service(self): oauth_service = Signonotron2(None, None, None, "") oauth_service.signon = Mock() - oauth_service.signon.get_authorize_url.return_value = "" + oauth_service.signon.get_authorize_url.return_value = "http://example.com" - response = oauth_service.authorize() + url = oauth_service.authorize() - assert_that(response, has_status(302)) + assert_that(url, equal_to("http://example.com")) def test_exchange_returns_none_when_code_is_none(self): oauth_service = Signonotron2(None, None, None, "")