allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kentontay...@apache.org
Subject [allura] 06/12: [#8273] TG 2.3.0: root controller single-run fix for oauth
Date Tue, 09 Apr 2019 17:02:41 GMT
This is an automated email from the ASF dual-hosted git repository.

kentontaylor pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git

commit 0f705acedd7fe6801492f2576d8dae25fee3672a
Author: Dave Brondsema <dave@brondsema.net>
AuthorDate: Fri Mar 22 17:06:33 2019 -0400

    [#8273] TG 2.3.0: root controller single-run fix for oauth
---
 Allura/allura/controllers/rest.py           | 14 +++++++-------
 Allura/allura/tests/functional/test_auth.py | 10 +++++-----
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/Allura/allura/controllers/rest.py b/Allura/allura/controllers/rest.py
index 6e9f78b..f654d0c 100644
--- a/Allura/allura/controllers/rest.py
+++ b/Allura/allura/controllers/rest.py
@@ -116,7 +116,7 @@ class RestController(object):
 
 class OAuthNegotiator(object):
 
-    @LazyProperty
+    @property
     def server(self):
         result = oauth.Server()
         result.add_signature_method(oauth.SignatureMethod_PLAINTEXT())
@@ -165,8 +165,8 @@ class OAuthNegotiator(object):
         consumer = consumer_token.consumer
         try:
             self.server.verify_request(req, consumer, access_token.as_token())
-        except:
-            log.error('Invalid signature')
+        except oauth.Error as e:
+            log.error('Invalid signature %s %s', type(e), e)
             raise exc.HTTPUnauthorized
         return access_token
 
@@ -187,8 +187,8 @@ class OAuthNegotiator(object):
         consumer = consumer_token.consumer
         try:
             self.server.verify_request(req, consumer, None)
-        except:
-            log.error('Invalid signature')
+        except oauth.Error as e:
+            log.error('Invalid signature %s %s', type(e), e)
             raise exc.HTTPUnauthorized
         req_token = M.OAuthRequestToken(
             consumer_token_id=consumer_token._id,
@@ -259,8 +259,8 @@ class OAuthNegotiator(object):
         consumer = consumer_token.consumer
         try:
             self.server.verify_request(req, consumer, rtok)
-        except:
-            log.error('Invalid signature')
+        except oauth.Error as e:
+            log.error('Invalid signature %s %s', type(e), e)
             raise exc.HTTPUnauthorized
         acc_token = M.OAuthAccessToken(
             consumer_token_id=consumer_token._id,
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index fb4069b..9ab4560 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -22,10 +22,7 @@ import json
 from urlparse import urlparse, parse_qs
 from urllib import urlencode
 
-from allura.lib.multifactor import TotpService, RecoveryCodeService
-from allura.tests.decorators import audits, out_audits
 from bson import ObjectId
-
 import re
 from ming.orm.ormsession import ThreadLocalORMSession, session
 from tg import config, expose
@@ -44,13 +41,16 @@ from nose.tools import (
 )
 from tg import tmpl_context as c, app_globals as g
 from webob import exc
+import oauth2
 
 from allura.tests import TestController
 from allura.tests import decorators as td
+from allura.tests.decorators import audits, out_audits
 from alluratest.controller import setup_trove_categories
 from allura import model as M
 from allura.lib import plugin
 from allura.lib import helpers as h
+from allura.lib.multifactor import TotpService, RecoveryCodeService
 
 
 def unentity(s):
@@ -1639,7 +1639,7 @@ class TestOAuth(TestController):
     @mock.patch('allura.controllers.rest.oauth.Server')
     @mock.patch('allura.controllers.rest.oauth.Request')
     def test_request_token_invalid(self, Request, Server):
-        Server().verify_request.side_effect = ValueError
+        Server().verify_request.side_effect = oauth2.Error('test_request_token_invalid')
         M.OAuthConsumerToken.consumer = mock.Mock()
         user = M.User.by_username('test-user')
         M.OAuthConsumerToken(
@@ -1810,7 +1810,7 @@ class TestOAuth(TestController):
             validation_pin='good',
         )
         ThreadLocalORMSession.flush_all()
-        Server().verify_request.side_effect = ValueError
+        Server().verify_request.side_effect = oauth2.Error('test_access_token_bad_sig')
         self.app.get('/rest/oauth/access_token', status=401)
 
     @mock.patch('allura.controllers.rest.oauth.Server')


Mime
View raw message