Skip to content

Commit

Permalink
Merge pull request #381 from jvanasco/feature-validator_log
Browse files Browse the repository at this point in the history 
adding validator_log to store what the endpoint computed
  • Loading branch information
@thedrow
thedrow committed Aug 16, 2015
2 parents db40f99 + 58a2a73 commit ac17bd9
Show file tree
Hide file tree
Showing 6 changed files with 49 additions and 0 deletions.
1 change: 1 addition & 0 deletions oauthlib/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -381,6 +381,7 @@ def __init__(self, uri, http_method='GET', body=None, headers=None,
self.body = encode(body)
self.decoded_body = extract_params(self.body)
self.oauth_params = []
self.validator_log = {}

self._params = {
"access_token": None,
Expand Down
7 changes: 7 additions & 0 deletions oauthlib/oauth1/rfc5849/endpoints/access_token.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,13 @@ def validate_access_token_request(self, request):

valid_signature = self._check_signature(request, is_token_request=True)

# log the results to the validator_log
# this lets us handle internal reporting and analysis
request.validator_log['client'] = valid_client
request.validator_log['resource_owner'] = valid_resource_owner
request.validator_log['verifier'] = valid_verifier
request.validator_log['signature'] = valid_signature

# We delay checking validity until the very end, using dummy values for
# calculations and fetching secrets/keys to ensure the flow of every
# request remains almost identical regardless of whether valid values
Expand Down
7 changes: 7 additions & 0 deletions oauthlib/oauth1/rfc5849/endpoints/request_token.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,13 @@ def validate_request_token_request(self, request):

valid_signature = self._check_signature(request)

# log the results to the validator_log
# this lets us handle internal reporting and analysis
request.validator_log['client'] = valid_client
request.validator_log['realm'] = valid_realm
request.validator_log['callback'] = valid_redirect
request.validator_log['signature'] = valid_signature

# We delay checking validity until the very end, using dummy values for
# calculations and fetching secrets/keys to ensure the flow of every
# request remains almost identical regardless of whether valid values
Expand Down
7 changes: 7 additions & 0 deletions oauthlib/oauth1/rfc5849/endpoints/resource.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,13 @@ def validate_protected_resource_request(self, uri, http_method='GET',

valid_signature = self._check_signature(request)

# log the results to the validator_log
# this lets us handle internal reporting and analysis
request.validator_log['client'] = valid_client
request.validator_log['resource_owner'] = valid_resource_owner
request.validator_log['realm'] = valid_realm
request.validator_log['signature'] = valid_signature

# We delay checking validity until the very end, using dummy values for
# calculations and fetching secrets/keys to ensure the flow of every
# request remains almost identical regardless of whether valid values
Expand Down
5 changes: 5 additions & 0 deletions oauthlib/oauth1/rfc5849/endpoints/signature_only.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,11 @@ def validate_request(self, uri, http_method='GET',

valid_signature = self._check_signature(request)

# log the results to the validator_log
# this lets us handle internal reporting and analysis
request.validator_log['client'] = valid_client
request.validator_log['signature'] = valid_signature

# We delay checking validity until the very end, using dummy values for
# calculations and fetching secrets/keys to ensure the flow of every
# request remains almost identical regardless of whether valid values
Expand Down
22 changes: 22 additions & 0 deletions tests/oauth1/rfc5849/endpoints/test_resource.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,18 +50,33 @@ def test_validate_client_key(self):
v, r = self.endpoint.validate_protected_resource_request(
self.uri, headers=self.headers)
self.assertFalse(v)
# the validator log should have `False` values
self.assertFalse(r.validator_log['client'])
self.assertTrue(r.validator_log['realm'])
self.assertTrue(r.validator_log['resource_owner'])
self.assertTrue(r.validator_log['signature'])

def test_validate_access_token(self):
self.validator.validate_access_token.return_value = False
v, r = self.endpoint.validate_protected_resource_request(
self.uri, headers=self.headers)
self.assertFalse(v)
# the validator log should have `False` values
self.assertTrue(r.validator_log['client'])
self.assertTrue(r.validator_log['realm'])
self.assertFalse(r.validator_log['resource_owner'])
self.assertTrue(r.validator_log['signature'])

def test_validate_realms(self):
self.validator.validate_realms.return_value = False
v, r = self.endpoint.validate_protected_resource_request(
self.uri, headers=self.headers)
self.assertFalse(v)
# the validator log should have `False` values
self.assertTrue(r.validator_log['client'])
self.assertFalse(r.validator_log['realm'])
self.assertTrue(r.validator_log['resource_owner'])
self.assertTrue(r.validator_log['signature'])

def test_validate_signature(self):
client = Client('foo',
Expand All @@ -71,6 +86,11 @@ def test_validate_signature(self):
v, r = self.endpoint.validate_protected_resource_request(
self.uri, headers=headers)
self.assertFalse(v)
# the validator log should have `False` values
self.assertTrue(r.validator_log['client'])
self.assertTrue(r.validator_log['realm'])
self.assertTrue(r.validator_log['resource_owner'])
self.assertFalse(r.validator_log['signature'])

def test_valid_request(self):
v, r = self.endpoint.validate_protected_resource_request(
Expand All @@ -79,3 +99,5 @@ def test_valid_request(self):
self.validator.validate_timestamp_and_nonce.assert_called_once_with(
self.client.client_key, ANY, ANY, ANY,
access_token=self.client.resource_owner_key)
# everything in the validator_log should be `True`
self.assertTrue(all(r.validator_log.items()))

0 comments on commit ac17bd9

Please sign in to comment.