API - refacto

This commit is contained in:
Sam 2022-06-19 20:04:42 +02:00
parent 6b497bd72f
commit 63af0b70d9
19 changed files with 119 additions and 116 deletions

View File

@ -21,7 +21,7 @@ from werkzeug.middleware.proxy_fix import ProxyFix
from fittrackee.emails.email import EmailService from fittrackee.emails.email import EmailService
from fittrackee.request import CustomRequest from fittrackee.request import CustomRequest
VERSION = __version__ = '0.6.7' VERSION = __version__ = '0.7.0'
db = SQLAlchemy() db = SQLAlchemy()
bcrypt = Bcrypt() bcrypt = Bcrypt()
migrate = Migrate() migrate = Migrate()
@ -101,7 +101,7 @@ def create_app(init_email: bool = True) -> Flask:
pass pass
from .application.app_config import config_blueprint # noqa from .application.app_config import config_blueprint # noqa
from .oauth2.routes import oauth_blueprint # noqa from .oauth2.routes import oauth2_blueprint # noqa
from .users.auth import auth_blueprint # noqa from .users.auth import auth_blueprint # noqa
from .users.users import users_blueprint # noqa from .users.users import users_blueprint # noqa
from .workouts.records import records_blueprint # noqa from .workouts.records import records_blueprint # noqa
@ -110,7 +110,7 @@ def create_app(init_email: bool = True) -> Flask:
from .workouts.workouts import workouts_blueprint # noqa from .workouts.workouts import workouts_blueprint # noqa
app.register_blueprint(auth_blueprint, url_prefix='/api') app.register_blueprint(auth_blueprint, url_prefix='/api')
app.register_blueprint(oauth_blueprint, url_prefix='/api') app.register_blueprint(oauth2_blueprint, url_prefix='/api')
app.register_blueprint(config_blueprint, url_prefix='/api') app.register_blueprint(config_blueprint, url_prefix='/api')
app.register_blueprint(records_blueprint, url_prefix='/api') app.register_blueprint(records_blueprint, url_prefix='/api')
app.register_blueprint(sports_blueprint, url_prefix='/api') app.register_blueprint(sports_blueprint, url_prefix='/api')

View File

@ -38,12 +38,13 @@ def check_scope(scope: str) -> str:
return ' '.join(valid_scopes) return ' '.join(valid_scopes)
def create_oauth_client(metadata: Dict, user: User) -> OAuth2Client: def create_oauth2_client(metadata: Dict, user: User) -> OAuth2Client:
""" """
Create oauth client for 3rd-party applications. Create OAuth2 client for 3rd-party applications.
Only Authorization Code Grant with 'client_secret_post' as method Only Authorization Code Grant with 'client_secret_post' as method
is supported. is supported.
Code challenge can be used if provided on authorization.
""" """
client_metadata = { client_metadata = {
'client_name': metadata['client_name'], 'client_name': metadata['client_name'],

View File

@ -12,12 +12,12 @@ from fittrackee.responses import (
) )
from fittrackee.users.models import User from fittrackee.users.models import User
from .client import create_oauth_client from .client import create_oauth2_client
from .exceptions import InvalidOAuth2Scopes from .exceptions import InvalidOAuth2Scopes
from .models import OAuth2Client, OAuth2Token from .models import OAuth2Client, OAuth2Token
from .server import authorization_server, require_auth from .server import authorization_server, require_auth
oauth_blueprint = Blueprint('oauth', __name__) oauth2_blueprint = Blueprint('oauth2', __name__)
EXPECTED_METADATA_KEYS = [ EXPECTED_METADATA_KEYS = [
'client_name', 'client_name',
@ -35,7 +35,7 @@ def is_errored(url: str) -> Optional[str]:
return None return None
@oauth_blueprint.route('/oauth/apps', methods=['GET']) @oauth2_blueprint.route('/oauth/apps', methods=['GET'])
@require_auth() @require_auth()
def get_clients(auth_user: User) -> Dict: def get_clients(auth_user: User) -> Dict:
params = request.args.copy() params = request.args.copy()
@ -64,13 +64,13 @@ def get_clients(auth_user: User) -> Dict:
} }
@oauth_blueprint.route('/oauth/apps', methods=['POST']) @oauth2_blueprint.route('/oauth/apps', methods=['POST'])
@require_auth() @require_auth()
def create_client(auth_user: User) -> Union[HttpResponse, Tuple[Dict, int]]: def create_client(auth_user: User) -> Union[HttpResponse, Tuple[Dict, int]]:
client_metadata = request.get_json() client_metadata = request.get_json()
if not client_metadata: if not client_metadata:
return InvalidPayloadErrorResponse( return InvalidPayloadErrorResponse(
message='OAuth client metadata missing' message='OAuth2 client metadata missing'
) )
missing_keys = [ missing_keys = [
@ -81,16 +81,16 @@ def create_client(auth_user: User) -> Union[HttpResponse, Tuple[Dict, int]]:
if missing_keys: if missing_keys:
return InvalidPayloadErrorResponse( return InvalidPayloadErrorResponse(
message=( message=(
'OAuth client metadata missing keys: ' 'OAuth2 client metadata missing keys: '
f'{", ".join(missing_keys)}' f'{", ".join(missing_keys)}'
) )
) )
try: try:
new_client = create_oauth_client(client_metadata, auth_user) new_client = create_oauth2_client(client_metadata, auth_user)
except InvalidOAuth2Scopes: except InvalidOAuth2Scopes:
return InvalidPayloadErrorResponse( return InvalidPayloadErrorResponse(
message=('OAuth client invalid scopes') message='OAuth2 client invalid scopes'
) )
db.session.add(new_client) db.session.add(new_client)
@ -116,7 +116,7 @@ def get_client(
).first() ).first()
if not client: if not client:
return NotFoundErrorResponse('OAuth client not found') return NotFoundErrorResponse('OAuth2 client not found')
return { return {
'status': 'success', 'status': 'success',
@ -124,7 +124,7 @@ def get_client(
} }
@oauth_blueprint.route('/oauth/apps/<string:client_id>', methods=['GET']) @oauth2_blueprint.route('/oauth/apps/<string:client_id>', methods=['GET'])
@require_auth() @require_auth()
def get_client_by_client_id( def get_client_by_client_id(
auth_user: User, client_id: str auth_user: User, client_id: str
@ -132,7 +132,7 @@ def get_client_by_client_id(
return get_client(auth_user, client_id=None, client_client_id=client_id) return get_client(auth_user, client_id=None, client_client_id=client_id)
@oauth_blueprint.route('/oauth/apps/<int:client_id>/by_id', methods=['GET']) @oauth2_blueprint.route('/oauth/apps/<int:client_id>/by_id', methods=['GET'])
@require_auth() @require_auth()
def get_client_by_id( def get_client_by_id(
auth_user: User, client_id: int auth_user: User, client_id: int
@ -140,7 +140,7 @@ def get_client_by_id(
return get_client(auth_user, client_id=client_id, client_client_id=None) return get_client(auth_user, client_id=client_id, client_client_id=None)
@oauth_blueprint.route('/oauth/apps/<int:client_id>', methods=['DELETE']) @oauth2_blueprint.route('/oauth/apps/<int:client_id>', methods=['DELETE'])
@require_auth() @require_auth()
def delete_client( def delete_client(
auth_user: User, client_id: int auth_user: User, client_id: int
@ -151,14 +151,14 @@ def delete_client(
).first() ).first()
if not client: if not client:
return NotFoundErrorResponse('OAuth client not found') return NotFoundErrorResponse('OAuth2 client not found')
db.session.delete(client) db.session.delete(client)
db.session.commit() db.session.commit()
return {'status': 'no content'}, 204 return {'status': 'no content'}, 204
@oauth_blueprint.route('/oauth/apps/<int:client_id>/revoke', methods=['POST']) @oauth2_blueprint.route('/oauth/apps/<int:client_id>/revoke', methods=['POST'])
@require_auth() @require_auth()
def revoke_client_tokens( def revoke_client_tokens(
auth_user: User, client_id: int auth_user: User, client_id: int
@ -166,13 +166,13 @@ def revoke_client_tokens(
client = OAuth2Client.query.filter_by(id=client_id).first() client = OAuth2Client.query.filter_by(id=client_id).first()
if not client: if not client:
return NotFoundErrorResponse('OAuth client not found') return NotFoundErrorResponse('OAuth2 client not found')
OAuth2Token.revoke_client_tokens(client.client_id) OAuth2Token.revoke_client_tokens(client.client_id)
return {'status': 'success'} return {'status': 'success'}
@oauth_blueprint.route('/oauth/authorize', methods=['POST']) @oauth2_blueprint.route('/oauth/authorize', methods=['POST'])
@require_auth() @require_auth()
def authorize(auth_user: User) -> Union[HttpResponse, Dict]: def authorize(auth_user: User) -> Union[HttpResponse, Dict]:
data = request.form data = request.form
@ -190,11 +190,11 @@ def authorize(auth_user: User) -> Union[HttpResponse, Dict]:
return {'redirect_url': response.location} return {'redirect_url': response.location}
@oauth_blueprint.route('/oauth/token', methods=['POST']) @oauth2_blueprint.route('/oauth/token', methods=['POST'])
def issue_token() -> Response: def issue_token() -> Response:
return authorization_server.create_token_response() return authorization_server.create_token_response()
@oauth_blueprint.route('/oauth/revoke', methods=['POST']) @oauth2_blueprint.route('/oauth/revoke', methods=['POST'])
def revoke_token() -> Response: def revoke_token() -> Response:
return authorization_server.create_endpoint_response('revocation') return authorization_server.create_endpoint_response('revocation')

View File

@ -349,7 +349,7 @@ class TestUpdateConfig(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )

View File

@ -10,7 +10,7 @@ from urllib3.util import parse_url
from werkzeug.test import TestResponse from werkzeug.test import TestResponse
from fittrackee import db from fittrackee import db
from fittrackee.oauth2.client import create_oauth_client from fittrackee.oauth2.client import create_oauth2_client
from fittrackee.oauth2.models import OAuth2Client, OAuth2Token from fittrackee.oauth2.models import OAuth2Client, OAuth2Token
from fittrackee.users.models import User from fittrackee.users.models import User
@ -45,7 +45,7 @@ class RandomMixin:
class OAuth2Mixin(RandomMixin): class OAuth2Mixin(RandomMixin):
@staticmethod @staticmethod
def create_oauth_client( def create_oauth2_client(
user: User, user: User,
metadata: Optional[Dict] = None, metadata: Optional[Dict] = None,
scope: Optional[str] = None, scope: Optional[str] = None,
@ -55,7 +55,7 @@ class OAuth2Mixin(RandomMixin):
) )
if scope is not None: if scope is not None:
client_metadata['scope'] = scope client_metadata['scope'] = scope
oauth_client = create_oauth_client(client_metadata, user) oauth_client = create_oauth2_client(client_metadata, user)
db.session.add(oauth_client) db.session.add(oauth_client)
db.session.commit() db.session.commit()
return oauth_client return oauth_client
@ -129,13 +129,13 @@ class ApiTestCaseMixin(OAuth2Mixin, RandomMixin):
code = parse_qs(parsed_url.query).get('code', '') code = parse_qs(parsed_url.query).get('code', '')
return code return code
def create_oauth_client_and_issue_token( def create_oauth2_client_and_issue_token(
self, app: Flask, user: User, scope: Optional[str] = None self, app: Flask, user: User, scope: Optional[str] = None
) -> Tuple[FlaskClient, OAuth2Client, str, str]: ) -> Tuple[FlaskClient, OAuth2Client, str, str]:
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user.email app, user.email
) )
oauth_client = self.create_oauth_client(user, scope=scope) oauth_client = self.create_oauth2_client(user, scope=scope)
code = self.authorize_client( code = self.authorize_client(
client, oauth_client, auth_token, scope=scope client, oauth_client, auth_token, scope=scope
) )

View File

@ -13,7 +13,7 @@ class TestOAuth2CleanTokens(OAuth2Mixin):
def test_it_does_not_delete_not_expired_token( def test_it_does_not_delete_not_expired_token(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
self.create_oauth2_token(oauth_client) self.create_oauth2_token(oauth_client)
clean_tokens(days=1) clean_tokens(days=1)
@ -21,7 +21,7 @@ class TestOAuth2CleanTokens(OAuth2Mixin):
assert OAuth2Token.query.count() == 1 assert OAuth2Token.query.count() == 1
def test_it_deletes_expired_token(self, app: Flask, user_1: User) -> None: def test_it_deletes_expired_token(self, app: Flask, user_1: User) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
expires_in = 864000 # 10 days expires_in = 864000 # 10 days
days = 5 days = 5
self.create_oauth2_token( self.create_oauth2_token(
@ -37,7 +37,7 @@ class TestOAuth2CleanTokens(OAuth2Mixin):
def test_it_returns_deleted_rows_count( def test_it_returns_deleted_rows_count(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
expires_in = 86400 # 10 days expires_in = 86400 # 10 days
days = 5 days = 5
expected_deleted_rows = 3 expected_deleted_rows = 3

View File

@ -5,7 +5,7 @@ from unittest.mock import patch
import pytest import pytest
from flask import Flask from flask import Flask
from fittrackee.oauth2.client import check_scope, create_oauth_client from fittrackee.oauth2.client import check_scope, create_oauth2_client
from fittrackee.oauth2.exceptions import InvalidOAuth2Scopes from fittrackee.oauth2.exceptions import InvalidOAuth2Scopes
from fittrackee.oauth2.models import OAuth2Client from fittrackee.oauth2.models import OAuth2Client
from fittrackee.users.models import User from fittrackee.users.models import User
@ -22,7 +22,7 @@ TEST_METADATA = {
class TestCreateOAuth2Client: class TestCreateOAuth2Client:
def test_it_creates_oauth_client(self, app: Flask, user_1: User) -> None: def test_it_creates_oauth_client(self, app: Flask, user_1: User) -> None:
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert isinstance(oauth_client, OAuth2Client) assert isinstance(oauth_client, OAuth2Client)
@ -34,7 +34,7 @@ class TestCreateOAuth2Client:
'fittrackee.oauth2.client.gen_salt', return_value=client_id 'fittrackee.oauth2.client.gen_salt', return_value=client_id
): ):
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.client_id == client_id assert oauth_client.client_id == client_id
@ -45,7 +45,7 @@ class TestCreateOAuth2Client:
with patch( with patch(
'fittrackee.oauth2.client.time', return_value=client_id_issued_at 'fittrackee.oauth2.client.time', return_value=client_id_issued_at
): ):
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.client_id_issued_at == client_id_issued_at assert oauth_client.client_id_issued_at == client_id_issued_at
@ -55,14 +55,14 @@ class TestCreateOAuth2Client:
client_name = random_string() client_name = random_string()
client_metadata: Dict = {**TEST_METADATA, 'client_name': client_name} client_metadata: Dict = {**TEST_METADATA, 'client_name': client_name}
oauth_client = create_oauth_client(client_metadata, user_1) oauth_client = create_oauth2_client(client_metadata, user_1)
assert oauth_client.client_name == client_name assert oauth_client.client_name == client_name
def test_oauth_client_has_no_description_when_not_provided_in_metadata( def test_oauth_client_has_no_description_when_not_provided_in_metadata(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.client_description is None assert oauth_client.client_description is None
@ -75,7 +75,7 @@ class TestCreateOAuth2Client:
'client_description': client_description, 'client_description': client_description,
} }
oauth_client = create_oauth_client(client_metadata, user_1) oauth_client = create_oauth2_client(client_metadata, user_1)
assert oauth_client.client_description == client_description assert oauth_client.client_description == client_description
@ -85,14 +85,14 @@ class TestCreateOAuth2Client:
client_uri = random_domain() client_uri = random_domain()
client_metadata: Dict = {**TEST_METADATA, 'client_uri': client_uri} client_metadata: Dict = {**TEST_METADATA, 'client_uri': client_uri}
oauth_client = create_oauth_client(client_metadata, user_1) oauth_client = create_oauth2_client(client_metadata, user_1)
assert oauth_client.client_uri == client_uri assert oauth_client.client_uri == client_uri
def test_oauth_client_has_expected_grant_types( def test_oauth_client_has_expected_grant_types(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.grant_types == [ assert oauth_client.grant_types == [
'authorization_code', 'authorization_code',
@ -108,7 +108,7 @@ class TestCreateOAuth2Client:
'redirect_uris': redirect_uris, 'redirect_uris': redirect_uris,
} }
oauth_client = create_oauth_client(client_metadata, user_1) oauth_client = create_oauth2_client(client_metadata, user_1)
assert oauth_client.redirect_uris == redirect_uris assert oauth_client.redirect_uris == redirect_uris
@ -121,7 +121,7 @@ class TestCreateOAuth2Client:
'response_types': response_types, 'response_types': response_types,
} }
oauth_client = create_oauth_client(client_metadata, user_1) oauth_client = create_oauth2_client(client_metadata, user_1)
assert oauth_client.response_types == ['code'] assert oauth_client.response_types == ['code']
@ -131,7 +131,7 @@ class TestCreateOAuth2Client:
scope = 'workouts:write' scope = 'workouts:write'
client_metadata: Dict = {**TEST_METADATA, 'scope': scope} client_metadata: Dict = {**TEST_METADATA, 'scope': scope}
oauth_client = create_oauth_client(client_metadata, user_1) oauth_client = create_oauth2_client(client_metadata, user_1)
assert oauth_client.scope == scope assert oauth_client.scope == scope
@ -141,12 +141,12 @@ class TestCreateOAuth2Client:
client_metadata: Dict = {**TEST_METADATA, 'scope': random_string()} client_metadata: Dict = {**TEST_METADATA, 'scope': random_string()}
with pytest.raises(InvalidOAuth2Scopes): with pytest.raises(InvalidOAuth2Scopes):
create_oauth_client(client_metadata, user_1) create_oauth2_client(client_metadata, user_1)
def test_oauth_client_has_expected_token_endpoint_auth_method( def test_oauth_client_has_expected_token_endpoint_auth_method(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.token_endpoint_auth_method == 'client_secret_post' assert oauth_client.token_endpoint_auth_method == 'client_secret_post'
@ -158,14 +158,14 @@ class TestCreateOAuth2Client:
'fittrackee.oauth2.client.gen_salt', return_value=client_secret 'fittrackee.oauth2.client.gen_salt', return_value=client_secret
): ):
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.client_secret == client_secret assert oauth_client.client_secret == client_secret
def test_it_creates_oauth_client_for_given_user( def test_it_creates_oauth_client_for_given_user(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = create_oauth_client(TEST_METADATA, user_1) oauth_client = create_oauth2_client(TEST_METADATA, user_1)
assert oauth_client.user_id == user_1.id assert oauth_client.user_id == user_1.id

View File

@ -12,7 +12,7 @@ from ..mixins import OAuth2Mixin
class TestOAuth2ClientSerialize(OAuth2Mixin): class TestOAuth2ClientSerialize(OAuth2Mixin):
def test_it_returns_oauth_client(self, app: Flask, user_1: User) -> None: def test_it_returns_oauth_client(self, app: Flask, user_1: User) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
oauth_client.client_id_issued_at = 1653738796 oauth_client.client_id_issued_at = 1653738796
serialized_oauth_client = oauth_client.serialize() serialized_oauth_client = oauth_client.serialize()
@ -71,7 +71,7 @@ class TestOAuth2Token(OAuth2Mixin):
input_expiration: int, input_expiration: int,
expected_status: bool, expected_status: bool,
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
token = OAuth2Token( token = OAuth2Token(
client_id=oauth_client.client_id, client_id=oauth_client.client_id,
access_token=self.random_string(), access_token=self.random_string(),
@ -85,7 +85,7 @@ class TestOAuth2Token(OAuth2Mixin):
def test_it_returns_refresh_token_active_when_below_twice_expiration( def test_it_returns_refresh_token_active_when_below_twice_expiration(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
issued_at = int(time.time()) issued_at = int(time.time())
expires_in = self.random_int() expires_in = self.random_int()
token = OAuth2Token( token = OAuth2Token(
@ -105,7 +105,7 @@ class TestOAuth2Token(OAuth2Mixin):
def test_it_returns_refresh_token_inactive_when_token_revoked( def test_it_returns_refresh_token_inactive_when_token_revoked(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
token = OAuth2Token( token = OAuth2Token(
client_id=oauth_client.client_id, client_id=oauth_client.client_id,
access_token=self.random_string(), access_token=self.random_string(),

View File

@ -52,7 +52,7 @@ class TestOAuthClientCreation(ApiTestCaseMixin):
) )
self.assert_400( self.assert_400(
response, error_message='OAuth client metadata missing' response, error_message='OAuth2 client metadata missing'
) )
@pytest.mark.parametrize( @pytest.mark.parametrize(
@ -82,7 +82,9 @@ class TestOAuthClientCreation(ApiTestCaseMixin):
self.assert_400( self.assert_400(
response, response,
error_message=f'OAuth client metadata missing keys: {missing_key}', error_message=(
f'OAuth2 client metadata missing keys: {missing_key}'
),
) )
def test_it_returns_error_when_scope_is_invalid( def test_it_returns_error_when_scope_is_invalid(
@ -106,7 +108,7 @@ class TestOAuthClientCreation(ApiTestCaseMixin):
self.assert_400( self.assert_400(
response, response,
error_message=('OAuth client invalid scopes'), error_message=('OAuth2 client invalid scopes'),
) )
def test_it_creates_oauth_client(self, app: Flask, user_1: User) -> None: def test_it_creates_oauth_client(self, app: Flask, user_1: User) -> None:
@ -200,7 +202,7 @@ class TestOAuthClientAuthorization(ApiTestCaseMixin):
def test_it_returns_error_not_authenticated( def test_it_returns_error_not_authenticated(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
client = app.test_client() client = app.test_client()
response = client.post( response = client.post(
@ -239,7 +241,7 @@ class TestOAuthClientAuthorization(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
response = client.post( response = client.post(
self.route, self.route,
@ -261,7 +263,7 @@ class TestOAuthClientAuthorization(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
client.post( client.post(
self.route, self.route,
@ -288,7 +290,7 @@ class TestOAuthClientAuthorization(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
client.post( client.post(
self.route, self.route,
@ -314,7 +316,7 @@ class TestOAuthClientAuthorization(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
response = client.post( response = client.post(
self.route, self.route,
@ -346,7 +348,7 @@ class TestOAuthClientAuthorization(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
response = client.post( response = client.post(
self.route, self.route,
@ -378,7 +380,7 @@ class TestOAuthClientAuthorizationWithCodeChallenge(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
code_verifier = generate_token(48) code_verifier = generate_token(48)
code_challenge = create_s256_code_challenge(code_verifier) code_challenge = create_s256_code_challenge(code_verifier)
@ -405,7 +407,7 @@ class TestOAuthClientAuthorizationWithCodeChallenge(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
code_verifier = generate_token(48) code_verifier = generate_token(48)
code_challenge = create_s256_code_challenge(code_verifier) code_challenge = create_s256_code_challenge(code_verifier)
@ -441,7 +443,7 @@ class OAuthIssueTokenTestCase(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
code = self.authorize_client( code = self.authorize_client(
client, oauth_client, auth_token, code_challenge=code_challenge client, oauth_client, auth_token, code_challenge=code_challenge
) )
@ -513,7 +515,7 @@ class TestOAuthIssueAccessToken(OAuthIssueTokenTestCase):
def test_it_returns_error_when_client_not_authorized( def test_it_returns_error_when_client_not_authorized(
self, app: Flask, user_1: User self, app: Flask, user_1: User
) -> None: ) -> None:
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
client = app.test_client() client = app.test_client()
response = client.post( response = client.post(
@ -697,7 +699,7 @@ class TestOAuthTokenRevocation(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token(app, user_1) ) = self.create_oauth2_client_and_issue_token(app, user_1)
response = client.post( response = client.post(
self.route, self.route,
@ -750,7 +752,7 @@ class TestOAuthGetClients(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
[self.create_oauth_client(user_1) for _ in range(7)] [self.create_oauth2_client(user_1) for _ in range(7)]
response = client.get( response = client.get(
self.route, self.route,
@ -773,7 +775,7 @@ class TestOAuthGetClients(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
[self.create_oauth_client(user_1) for _ in range(6)] [self.create_oauth2_client(user_1) for _ in range(6)]
response = client.get( response = client.get(
f'{self.route}?page=2', f'{self.route}?page=2',
@ -798,7 +800,7 @@ class TestOAuthGetClients(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
clients = [self.create_oauth_client(user_1) for _ in range(7)] clients = [self.create_oauth2_client(user_1) for _ in range(7)]
response = client.get( response = client.get(
self.route, self.route,
@ -817,7 +819,7 @@ class TestOAuthGetClients(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
self.create_oauth_client(user_2) self.create_oauth2_client(user_2)
response = client.get( response = client.get(
self.route, self.route,
@ -859,7 +861,7 @@ class TestOAuthGetClientById(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
def test_it_returns_user_oauth_client( def test_it_returns_user_oauth_client(
self, app: Flask, user_1: User self, app: Flask, user_1: User
@ -868,7 +870,7 @@ class TestOAuthGetClientById(ApiTestCaseMixin):
app, user_1.email app, user_1.email
) )
client_description = self.random_string() client_description = self.random_string()
oauth_client = self.create_oauth_client( oauth_client = self.create_oauth2_client(
user_1, user_1,
metadata={ metadata={
**TEST_OAUTH_CLIENT_METADATA, **TEST_OAUTH_CLIENT_METADATA,
@ -911,7 +913,7 @@ class TestOAuthGetClientById(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_2) oauth_client = self.create_oauth2_client(user_2)
response = client.get( response = client.get(
self.route.format(client_id=oauth_client.id), self.route.format(client_id=oauth_client.id),
@ -919,7 +921,7 @@ class TestOAuthGetClientById(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
class TestOAuthGetClientByClientId(ApiTestCaseMixin): class TestOAuthGetClientByClientId(ApiTestCaseMixin):
@ -950,7 +952,7 @@ class TestOAuthGetClientByClientId(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
def test_it_returns_user_oauth_client( def test_it_returns_user_oauth_client(
self, app: Flask, user_1: User self, app: Flask, user_1: User
@ -959,7 +961,7 @@ class TestOAuthGetClientByClientId(ApiTestCaseMixin):
app, user_1.email app, user_1.email
) )
client_description = self.random_string() client_description = self.random_string()
oauth_client = self.create_oauth_client( oauth_client = self.create_oauth2_client(
user_1, user_1,
metadata={ metadata={
**TEST_OAUTH_CLIENT_METADATA, **TEST_OAUTH_CLIENT_METADATA,
@ -1002,7 +1004,7 @@ class TestOAuthGetClientByClientId(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_2) oauth_client = self.create_oauth2_client(user_2)
response = client.get( response = client.get(
self.route.format(client_id=oauth_client.client_id), self.route.format(client_id=oauth_client.client_id),
@ -1010,7 +1012,7 @@ class TestOAuthGetClientByClientId(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
class TestOAuthDeleteClient(ApiTestCaseMixin): class TestOAuthDeleteClient(ApiTestCaseMixin):
@ -1041,7 +1043,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
def test_it_deletes_user_oauth_client( def test_it_deletes_user_oauth_client(
self, app: Flask, user_1: User self, app: Flask, user_1: User
@ -1049,7 +1051,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
client_id = oauth_client.id client_id = oauth_client.id
response = client.delete( response = client.delete(
@ -1068,7 +1070,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
self.authorize_client(client, oauth_client, auth_token) self.authorize_client(client, oauth_client, auth_token)
client_id = oauth_client.id client_id = oauth_client.id
@ -1088,7 +1090,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
code = self.authorize_client(client, oauth_client, auth_token) code = self.authorize_client(client, oauth_client, auth_token)
client_id = oauth_client.id client_id = oauth_client.id
@ -1112,7 +1114,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
auth_token, auth_token,
) = self.create_oauth_client_and_issue_token(app, user_1) ) = self.create_oauth2_client_and_issue_token(app, user_1)
client_id = oauth_client.id client_id = oauth_client.id
response = client.delete( response = client.delete(
@ -1131,7 +1133,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_2) oauth_client = self.create_oauth2_client(user_2)
client_id = oauth_client.id client_id = oauth_client.id
response = client.delete( response = client.delete(
@ -1140,7 +1142,7 @@ class TestOAuthDeleteClient(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
client = OAuth2Client.query.filter_by(id=client_id).first() client = OAuth2Client.query.filter_by(id=client_id).first()
assert client is not None assert client is not None
@ -1173,7 +1175,7 @@ class TestOAuthRevokeClientToken(ApiTestCaseMixin):
headers=dict(Authorization=f'Bearer {auth_token}'), headers=dict(Authorization=f'Bearer {auth_token}'),
) )
self.assert_404_with_message(response, 'OAuth client not found') self.assert_404_with_message(response, 'OAuth2 client not found')
def test_it_revokes_all_client_tokens( def test_it_revokes_all_client_tokens(
self, app: Flask, user_1: User self, app: Flask, user_1: User
@ -1181,7 +1183,7 @@ class TestOAuthRevokeClientToken(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
tokens = [self.create_oauth2_token(oauth_client) for _ in range(3)] tokens = [self.create_oauth2_token(oauth_client) for _ in range(3)]
response = client.post( response = client.post(
@ -1202,9 +1204,9 @@ class TestOAuthRevokeClientToken(ApiTestCaseMixin):
client, auth_token = self.get_test_client_and_auth_token( client, auth_token = self.get_test_client_and_auth_token(
app, user_1.email app, user_1.email
) )
oauth_client = self.create_oauth_client(user_1) oauth_client = self.create_oauth2_client(user_1)
client_id = oauth_client.id client_id = oauth_client.id
another_client = self.create_oauth_client(user_1) another_client = self.create_oauth2_client(user_1)
another_client_token = self.create_oauth2_token(another_client) another_client_token = self.create_oauth2_token(another_client)
response = client.post( response = client.post(

View File

@ -22,7 +22,7 @@ class TestOAuth2Scopes(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token(app, user_1, scope=scope) ) = self.create_oauth2_client_and_issue_token(app, user_1, scope=scope)
response = client.get( response = client.get(
endpoint_url, endpoint_url,
@ -47,7 +47,7 @@ class TestOAuth2Scopes(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token(app, user_1, scope=scope) ) = self.create_oauth2_client_and_issue_token(app, user_1, scope=scope)
response = client.get( response = client.get(
endpoint_url, endpoint_url,

View File

@ -514,7 +514,7 @@ class TestUserProfile(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -615,7 +615,7 @@ class TestUserProfileUpdate(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1285,7 +1285,7 @@ class TestUserAccountUpdate(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1382,7 +1382,7 @@ class TestUserPreferencesUpdate(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1600,7 +1600,7 @@ class TestUserSportPreferencesUpdate(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1693,7 +1693,7 @@ class TestUserSportPreferencesReset(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1858,7 +1858,7 @@ class TestUserPicture(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )

View File

@ -156,7 +156,7 @@ class TestGetUser(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )
@ -946,7 +946,7 @@ class TestGetUsers(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )
@ -1458,7 +1458,7 @@ class TestUpdateUser(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )
@ -1709,7 +1709,7 @@ class TestDeleteUser(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )

View File

@ -924,7 +924,7 @@ class TestGetRecords(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )

View File

@ -164,7 +164,7 @@ class TestGetSports(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -304,7 +304,7 @@ class TestGetSport(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -544,7 +544,7 @@ class TestUpdateSport(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )

View File

@ -887,7 +887,7 @@ class TestGetStatsByTime(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1068,7 +1068,7 @@ class TestGetStatsBySport(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1187,7 +1187,7 @@ class TestGetAllStats(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1_admin, scope=client_scope app, user_1_admin, scope=client_scope
) )

View File

@ -126,7 +126,7 @@ class TestGetWorkouts(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1232,7 +1232,7 @@ class TestGetWorkout(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -1355,7 +1355,7 @@ class TestDownloadWorkoutGpx(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )

View File

@ -645,7 +645,7 @@ class TestPostWorkoutWithGpx(ApiTestCaseMixin, CallArgsMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )
@ -826,7 +826,7 @@ class TestPostWorkoutWithoutGpx(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )

View File

@ -247,7 +247,7 @@ class TestEditWorkoutWithGpx(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )

View File

@ -107,7 +107,7 @@ class TestDeleteWorkoutWithGpx(ApiTestCaseMixin):
oauth_client, oauth_client,
access_token, access_token,
_, _,
) = self.create_oauth_client_and_issue_token( ) = self.create_oauth2_client_and_issue_token(
app, user_1, scope=client_scope app, user_1, scope=client_scope
) )