from django.test import TestCase
from django.test.utils import override_settings
from mock import patch
-from piston.models import Consumer, Token
+from api.models import Consumer, Token
from catalogue.models import Book, Tag
from picture.forms import PictureImportForm
class BlogTests(ApiTest):
def test_get(self):
- self.assertEqual(self.load_json('/api/blog/'), [])
+ self.assertEqual(self.load_json('/api/blog'), [])
class PreviewTests(ApiTest):
@classmethod
def setUpClass(cls):
cls.user = User.objects.create(username='test')
+ cls.user.set_password('test')
+ cls.user.save()
cls.consumer_secret = 'len(quote(consumer secret))>=32'
Consumer.objects.create(
key='client',
User.objects.all().delete()
def test_create_token(self):
+ # Fetch request token.
base_query = ("oauth_consumer_key=client&oauth_nonce=12345678&"
"oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&"
"oauth_version=1.0".format(int(time())))
sign = quote(h)
query = "{}&oauth_signature={}".format(base_query, sign)
response = self.client.get('/api/oauth/request_token/?' + query)
- request_token = parse_qs(response.content)
+ request_token_data = parse_qs(response.content)
+ request_token = request_token_data['oauth_token'][0]
+ request_token_secret = request_token_data['oauth_token_secret'][0]
- Token.objects.filter(
- key=request_token['oauth_token'][0], token_type=Token.REQUEST
- ).update(user=self.user, is_approved=True)
+ # Request token authorization.
+ self.client.login(username='test', password='test')
+ response = self.client.get('/api/oauth/authorize/?oauth_token=%s&oauth_callback=test://oauth.callback/' % request_token)
+ post_data = response.context['form'].initial
+ response = self.client.post('/api/oauth/authorize/?' + urlencode(post_data))
+ self.assertEqual(
+ response['Location'],
+ 'test://oauth.callback/?oauth_token=' + request_token
+ )
+
+ # Fetch access token.
base_query = ("oauth_consumer_key=client&oauth_nonce=12345678&"
"oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&"
"oauth_token={}&oauth_version=1.0".format(
- int(time()), request_token['oauth_token'][0]))
+ int(time()), request_token))
raw = '&'.join([
'GET',
quote('http://testserver/api/oauth/access_token/', safe=''),
])
h = hmac.new(
quote(self.consumer_secret) + '&' +
- quote(request_token['oauth_token_secret'][0], safe=''),
+ quote(request_token_secret, safe=''),
raw,
hashlib.sha1
).digest()
sign = quote(h)
query = u"{}&oauth_signature={}".format(base_query, sign)
response = self.client.get(u'/api/oauth/access_token/?' + query)
- access_token = parse_qs(response.content)
+ access_token_data = parse_qs(response.content)
+ access_token = access_token_data['oauth_token'][0]
self.assertTrue(
Token.objects.filter(
- key=access_token['oauth_token'][0],
+ key=access_token,
token_type=Token.ACCESS,
user=self.user
).exists())