From e0682e9298092721c0d3eb358ce4be8039e7ccf6 Mon Sep 17 00:00:00 2001 From: Eric Buehl Date: Wed, 5 Mar 2014 17:15:52 +0000 Subject: [PATCH 1/2] don't implicitly import provider.oauth2 --- rest_framework/authentication.py | 4 ++-- rest_framework/compat.py | 13 ++----------- rest_framework/permissions.py | 7 +++---- rest_framework/tests/test_authentication.py | 12 ++++++------ 4 files changed, 13 insertions(+), 23 deletions(-) diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py index e491ce5f9..b0e88d88b 100644 --- a/rest_framework/authentication.py +++ b/rest_framework/authentication.py @@ -326,11 +326,11 @@ class OAuth2Authentication(BaseAuthentication): """ try: - token = oauth2_provider.models.AccessToken.objects.select_related('user') + token = oauth2_provider.oauth2.models.AccessToken.objects.select_related('user') # provider_now switches to timezone aware datetime when # the oauth2_provider version supports to it. token = token.get(token=access_token, expires__gt=provider_now()) - except oauth2_provider.models.AccessToken.DoesNotExist: + except oauth2_provider.oauth2.models.AccessToken.DoesNotExist: raise exceptions.AuthenticationFailed('Invalid token') user = token.user diff --git a/rest_framework/compat.py b/rest_framework/compat.py index 3089b7fbb..f60a180df 100644 --- a/rest_framework/compat.py +++ b/rest_framework/compat.py @@ -550,13 +550,8 @@ except (ImportError, ImproperlyConfigured): # OAuth 2 support is optional try: - import provider.oauth2 as oauth2_provider - from provider.oauth2 import models as oauth2_provider_models - from provider.oauth2 import forms as oauth2_provider_forms - from provider import scope as oauth2_provider_scope - from provider import constants as oauth2_constants - from provider import __version__ as provider_version - if provider_version in ('0.2.3', '0.2.4'): + import provider as oauth2_provider + if oauth2_provider.__version__ in ('0.2.3', '0.2.4'): # 0.2.3 and 0.2.4 are supported version that do not support # timezone aware datetimes import datetime @@ -566,10 +561,6 @@ try: from django.utils.timezone import now as provider_now except ImportError: oauth2_provider = None - oauth2_provider_models = None - oauth2_provider_forms = None - oauth2_provider_scope = None - oauth2_constants = None provider_now = None # Handle lazy strings diff --git a/rest_framework/permissions.py b/rest_framework/permissions.py index f24a51235..6460056af 100644 --- a/rest_framework/permissions.py +++ b/rest_framework/permissions.py @@ -8,8 +8,7 @@ import warnings SAFE_METHODS = ['GET', 'HEAD', 'OPTIONS'] from django.http import Http404 -from rest_framework.compat import (get_model_name, oauth2_provider_scope, - oauth2_constants) +from rest_framework.compat import (get_model_name, oauth2_provider) class BasePermission(object): @@ -219,8 +218,8 @@ class TokenHasReadWriteScope(BasePermission): if hasattr(token, 'resource'): # OAuth 1 return read_only or not request.auth.resource.is_readonly elif hasattr(token, 'scope'): # OAuth 2 - required = oauth2_constants.READ if read_only else oauth2_constants.WRITE - return oauth2_provider_scope.check(required, request.auth.scope) + required = oauth2_provider.constants.READ if read_only else oauth2_provider.constants.WRITE + return oauth2_provider.scope.check(required, request.auth.scope) assert False, ('TokenHasReadWriteScope requires either the' '`OAuthAuthentication` or `OAuth2Authentication` authentication ' diff --git a/rest_framework/tests/test_authentication.py b/rest_framework/tests/test_authentication.py index f072b81b7..90383eefd 100644 --- a/rest_framework/tests/test_authentication.py +++ b/rest_framework/tests/test_authentication.py @@ -19,7 +19,7 @@ from rest_framework.authentication import ( ) from rest_framework.authtoken.models import Token from rest_framework.compat import patterns, url, include -from rest_framework.compat import oauth2_provider, oauth2_provider_models, oauth2_provider_scope +from rest_framework.compat import oauth2_provider from rest_framework.compat import oauth, oauth_provider from rest_framework.test import APIRequestFactory, APIClient from rest_framework.views import APIView @@ -488,7 +488,7 @@ class OAuth2Tests(TestCase): self.ACCESS_TOKEN = "access_token" self.REFRESH_TOKEN = "refresh_token" - self.oauth2_client = oauth2_provider_models.Client.objects.create( + self.oauth2_client = oauth2_provider.oauth2.models.Client.objects.create( client_id=self.CLIENT_ID, client_secret=self.CLIENT_SECRET, redirect_uri='', @@ -497,12 +497,12 @@ class OAuth2Tests(TestCase): user=None, ) - self.access_token = oauth2_provider_models.AccessToken.objects.create( + self.access_token = oauth2_provider.oauth2.models.AccessToken.objects.create( token=self.ACCESS_TOKEN, client=self.oauth2_client, user=self.user, ) - self.refresh_token = oauth2_provider_models.RefreshToken.objects.create( + self.refresh_token = oauth2_provider.oauth2.models.RefreshToken.objects.create( user=self.user, access_token=self.access_token, client=self.oauth2_client @@ -581,7 +581,7 @@ class OAuth2Tests(TestCase): def test_post_form_with_invalid_scope_failing_auth(self): """Ensure POSTing with a readonly scope instead of a write scope fails""" read_only_access_token = self.access_token - read_only_access_token.scope = oauth2_provider_scope.SCOPE_NAME_DICT['read'] + read_only_access_token.scope = oauth2_provider.scope.SCOPE_NAME_DICT['read'] read_only_access_token.save() auth = self._create_authorization_header(token=read_only_access_token.token) response = self.csrf_client.get('/oauth2-with-scope-test/', HTTP_AUTHORIZATION=auth) @@ -593,7 +593,7 @@ class OAuth2Tests(TestCase): def test_post_form_with_valid_scope_passing_auth(self): """Ensure POSTing with a write scope succeed""" read_write_access_token = self.access_token - read_write_access_token.scope = oauth2_provider_scope.SCOPE_NAME_DICT['write'] + read_write_access_token.scope = oauth2_provider.scope.SCOPE_NAME_DICT['write'] read_write_access_token.save() auth = self._create_authorization_header(token=read_write_access_token.token) response = self.csrf_client.post('/oauth2-with-scope-test/', HTTP_AUTHORIZATION=auth) From 34887ed75625a58d00c986b3ea5526877f4724b2 Mon Sep 17 00:00:00 2001 From: Eric Buehl Date: Thu, 6 Mar 2014 20:19:21 +0000 Subject: [PATCH 2/2] it's safe to import scope and constants --- rest_framework/compat.py | 4 ++++ rest_framework/permissions.py | 7 ++++--- rest_framework/tests/test_authentication.py | 6 +++--- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/rest_framework/compat.py b/rest_framework/compat.py index f60a180df..d155f5542 100644 --- a/rest_framework/compat.py +++ b/rest_framework/compat.py @@ -551,6 +551,8 @@ except (ImportError, ImproperlyConfigured): # OAuth 2 support is optional try: import provider as oauth2_provider + from provider import scope as oauth2_provider_scope + from provider import constants as oauth2_constants if oauth2_provider.__version__ in ('0.2.3', '0.2.4'): # 0.2.3 and 0.2.4 are supported version that do not support # timezone aware datetimes @@ -561,6 +563,8 @@ try: from django.utils.timezone import now as provider_now except ImportError: oauth2_provider = None + oauth2_provider_scope = None + oauth2_constants = None provider_now = None # Handle lazy strings diff --git a/rest_framework/permissions.py b/rest_framework/permissions.py index 6460056af..f24a51235 100644 --- a/rest_framework/permissions.py +++ b/rest_framework/permissions.py @@ -8,7 +8,8 @@ import warnings SAFE_METHODS = ['GET', 'HEAD', 'OPTIONS'] from django.http import Http404 -from rest_framework.compat import (get_model_name, oauth2_provider) +from rest_framework.compat import (get_model_name, oauth2_provider_scope, + oauth2_constants) class BasePermission(object): @@ -218,8 +219,8 @@ class TokenHasReadWriteScope(BasePermission): if hasattr(token, 'resource'): # OAuth 1 return read_only or not request.auth.resource.is_readonly elif hasattr(token, 'scope'): # OAuth 2 - required = oauth2_provider.constants.READ if read_only else oauth2_provider.constants.WRITE - return oauth2_provider.scope.check(required, request.auth.scope) + required = oauth2_constants.READ if read_only else oauth2_constants.WRITE + return oauth2_provider_scope.check(required, request.auth.scope) assert False, ('TokenHasReadWriteScope requires either the' '`OAuthAuthentication` or `OAuth2Authentication` authentication ' diff --git a/rest_framework/tests/test_authentication.py b/rest_framework/tests/test_authentication.py index 90383eefd..8caeb0812 100644 --- a/rest_framework/tests/test_authentication.py +++ b/rest_framework/tests/test_authentication.py @@ -19,7 +19,7 @@ from rest_framework.authentication import ( ) from rest_framework.authtoken.models import Token from rest_framework.compat import patterns, url, include -from rest_framework.compat import oauth2_provider +from rest_framework.compat import oauth2_provider, oauth2_provider_scope from rest_framework.compat import oauth, oauth_provider from rest_framework.test import APIRequestFactory, APIClient from rest_framework.views import APIView @@ -581,7 +581,7 @@ class OAuth2Tests(TestCase): def test_post_form_with_invalid_scope_failing_auth(self): """Ensure POSTing with a readonly scope instead of a write scope fails""" read_only_access_token = self.access_token - read_only_access_token.scope = oauth2_provider.scope.SCOPE_NAME_DICT['read'] + read_only_access_token.scope = oauth2_provider_scope.SCOPE_NAME_DICT['read'] read_only_access_token.save() auth = self._create_authorization_header(token=read_only_access_token.token) response = self.csrf_client.get('/oauth2-with-scope-test/', HTTP_AUTHORIZATION=auth) @@ -593,7 +593,7 @@ class OAuth2Tests(TestCase): def test_post_form_with_valid_scope_passing_auth(self): """Ensure POSTing with a write scope succeed""" read_write_access_token = self.access_token - read_write_access_token.scope = oauth2_provider.scope.SCOPE_NAME_DICT['write'] + read_write_access_token.scope = oauth2_provider_scope.SCOPE_NAME_DICT['write'] read_write_access_token.save() auth = self._create_authorization_header(token=read_write_access_token.token) response = self.csrf_client.post('/oauth2-with-scope-test/', HTTP_AUTHORIZATION=auth)