Merge pull request #2 from chinoio/consent-tracking

Added support for `public` Applications

Author: esseti

chino/api.py

@@ -199,8 +199,9 @@ def login(self, username, password):
         auth = self.auth
         # self.auth = None
         url = "auth/token/"
-        pars = dict(username=username, password=password,
+        pars = dict(username=username, password=password, client_id=self.auth.client_id, client_secret=self.auth.client_secret,
                     grant_type='password')
+
         try:
             self.auth.set_auth_application()
             result = self.apicall('POST', url, form=pars)
@@ -222,6 +223,7 @@ def refresh(self):
         url = "auth/token/"
         pars = dict(grant_type='refresh_token', client_id=self.auth.client_id, client_secret=self.auth.client_secret,
                     refresh_token=self.auth.refresh_token)
+
         try:
             self.auth.set_auth_null()
             result = self.apicall('POST', url, form=pars)
@@ -708,13 +710,14 @@ def __init__(self, customer_id, customer_key=None, bearer_token=None, client_id=
         self.client_secret = client_secret
         self.refresh_token = refresh_token
         self.bearer_exp = bearer_exp
+
         if customer_key:
             # if customer_key is set, then set auth as that
             self.set_auth_admin()
         elif bearer_token:
             # if access_token is set, then use it as customer
             self.set_auth_user()
-        elif client_id and client_secret:
+        elif client_id:
             self.set_auth_application()
 
     def set_auth_admin(self):
@@ -727,7 +730,10 @@ def set_auth_null(self):
         self.__auth = None
 
     def set_auth_application(self):
-        self.__auth = HTTPBasicAuth(self.client_id, self.client_secret)
+        if self.client_secret:
+            self.__auth = HTTPBasicAuth(self.client_id, self.client_secret)
+        else:
+            self.set_auth_null()
 
     def get_auth(self):
         return self.__auth
@@ -878,15 +884,17 @@ def list(self, **pars):
         url = "auth/applications"
         return ListResult(Application, self.apicall('GET', url, params=pars))
 
-    def create(self, name, grant_type='password', redirect_url=''):
+    def create(self, name, grant_type='password', redirect_url='', client_type='confidential'):
         """
-        Creates a Application
+        Creates a Application.
+        Note: optional parameter client_type can be either 'public' or 'confidential'.
+        "confidential" is the default value.
 
         :param name: (str) the name of the Application
         :return: (dict) the Application.
         """
         data = dict(name=name, grant_type=grant_type,
-                    redirect_url=redirect_url)
+                    redirect_url=redirect_url, client_type=client_type)
         url = "auth/applications"
         return Application(**self.apicall('POST', url, data=data)[Application.__str_name__])
 

test/tests_chino.py

@@ -81,6 +81,7 @@ def setUp(self):
         fields = [dict(name='first_name', type='string'), dict(name='last_name', type='string'),
                   dict(name='email', type='string')]
         self.us = self.chino.user_schemas.create('test', fields)
+        self.app_list = []
 
     def tearDown(self):
         # if user has been created we remove it.
@@ -93,6 +94,10 @@ def tearDown(self):
         if hasattr(self, 'app'):
             self.chino.applications.delete(self.app._id)
 
+        # delete also every Application which was created forthis test
+        for app in self.chino.applications.list().to_dict()['applications']:
+            self.chino.applications.delete(app['app_id'], force=True)
+
     def test_list(self):
         list = self.chino.users.list(self.us._id)
         self.assertIsNotNone(list.paging)
@@ -155,7 +160,39 @@ def test_auth(self):
         self.assertEqual(ste_2.username, EDIT)
 
         self.chino_user.users.refresh()
-        # now should be impossible to create the user
+        # it should be impossible to create the user after login with self.chino_user (no admin access)
+        self.assertRaises(CallError, self.chino_user.users.create, self.us._id, username='error', password='12345678',
+                          attributes=dict(first_name='john', last_name='doe',
+                                          email='[email protected]'))
+
+        self.chino_user.users.logout()
+        self.assertRaises(Exception, self.chino_user.users.login, EDIT, '')
+
+        self.assertRaises(CallError, self.chino.users.current)
+
+    def test_auth_public(self):
+        # login
+        NAME = 'test.user.new'
+        EDIT = NAME + '.edited'
+        self.app = self.chino.applications.create("test", grant_type='password', client_type='public')
+        # Init 'public' client
+        self.chino_user = ChinoAPIClient(customer_id=cfg.customer_id,
+                                            url=cfg.url,
+                                            client_id=self.app.app_id,
+                                            client_secret=None
+                                        )
+        self.assertIsNone(self.chino_user.auth.client_secret)
+
+        user = self.chino.users.create(self.us._id, username=EDIT, password='12345678',
+                                       attributes=dict(first_name='john', last_name='doe',
+                                                       email='[email protected]'))
+
+        self.chino_user.users.login(EDIT, '12345678')
+        ste_2 = self.chino_user.users.current()
+        self.assertEqual(ste_2.username, EDIT)
+
+        self.chino_user.users.refresh()
+        # it should be impossible to create the user after login with self.chino_user (no admin access)
         self.assertRaises(CallError, self.chino_user.users.create, self.us._id, username='error', password='12345678',
                           attributes=dict(first_name='john', last_name='doe',
                                           email='[email protected]'))
@@ -178,11 +215,20 @@ def tearDown(self):
         self.logger.debug("tearing down %s", self.user)
 
     def test_CRUD(self):
-        app = self.chino.applications.create(name='tessst', grant_type='password')
+        app = self.chino.applications.create(name='tesssst_confidential', grant_type='password')
+        app_public = self.chino.applications.create(name='test_public', grant_type='password', client_type='public')
+
+        app_public1 = self.chino.applications.detail(app_public._id)
+        self.assertEqual(app_public._id, app_public1._id)
+        self.assertEqual(app_public.app_name, app_public1.app_name)
+
+        newname = 'test_confidential'
+        self.chino.applications.update(app._id, name=newname)
         app1 = self.chino.applications.detail(app._id)
-        self.chino.applications.update(app1._id, name='asds')
-        app2 = self.chino.applications.detail(app1._id)
+        self.assertEqual(app1.app_name, newname)
+
         apps = self.chino.applications.list()
+        self.chino.applications.delete(app_public1._id, force=True)
         self.chino.applications.delete(app1._id, force=True)