Remove custom contrib.appengine exceptions (#533)
* Remove InvalidClientSecretsError duplicated from oauth2client * Remove internal-only InvalidXsrfTokenError and rework logic without exception.
This commit is contained in:
Pat Ferate
committed by
Jon Wayne Parrott
Jon Wayne Parrott
parent
66d47251fd
commit
cd635f4d1e
@@ -88,14 +88,6 @@ def _safe_html(s):
|
||||
return cgi.escape(s, quote=1).replace("'", ''')
|
||||
|
||||
|
||||
class InvalidClientSecretsError(Exception):
|
||||
"""The client_secrets.json file is malformed or missing required fields."""
|
||||
|
||||
|
||||
class InvalidXsrfTokenError(Exception):
|
||||
"""The XSRF token is invalid or expired."""
|
||||
|
||||
|
||||
class SiteXsrfSecretKey(db.Model):
|
||||
"""Storage for the sites XSRF secret key.
|
||||
|
||||
@@ -475,18 +467,15 @@ def _parse_state_value(state, user):
|
||||
state: string, The value of the state parameter.
|
||||
user: google.appengine.api.users.User, The current user.
|
||||
|
||||
Raises:
|
||||
InvalidXsrfTokenError: if the XSRF token is invalid.
|
||||
|
||||
Returns:
|
||||
The redirect URI.
|
||||
The redirect URI, or None if XSRF token is not valid.
|
||||
"""
|
||||
uri, token = state.rsplit(':', 1)
|
||||
if not xsrfutil.validate_token(xsrf_secret_key(), token, user.user_id(),
|
||||
action_id=uri):
|
||||
raise InvalidXsrfTokenError()
|
||||
|
||||
return uri
|
||||
if xsrfutil.validate_token(xsrf_secret_key(), token, user.user_id(),
|
||||
action_id=uri):
|
||||
return uri
|
||||
else:
|
||||
return None
|
||||
|
||||
|
||||
class OAuth2Decorator(object):
|
||||
@@ -814,6 +803,10 @@ class OAuth2Decorator(object):
|
||||
user=user).put(credentials)
|
||||
redirect_uri = _parse_state_value(
|
||||
str(self.request.get('state')), user)
|
||||
if redirect_uri is None:
|
||||
self.response.out.write(
|
||||
'The authorization request failed')
|
||||
return
|
||||
|
||||
if (decorator._token_response_param and
|
||||
credentials.token_response):
|
||||
@@ -884,7 +877,7 @@ class OAuth2DecoratorFromClientSecrets(OAuth2Decorator):
|
||||
cache=cache)
|
||||
if client_type not in (clientsecrets.TYPE_WEB,
|
||||
clientsecrets.TYPE_INSTALLED):
|
||||
raise InvalidClientSecretsError(
|
||||
raise clientsecrets.InvalidClientSecretsError(
|
||||
"OAuth2Decorator doesn't support this OAuth 2.0 flow.")
|
||||
|
||||
constructor_kwargs = dict(kwargs)
|
||||
|
||||
@@ -55,8 +55,6 @@ from oauth2client.contrib.appengine import CredentialsModel
|
||||
from oauth2client.contrib.appengine import CredentialsNDBModel
|
||||
from oauth2client.contrib.appengine import CredentialsProperty
|
||||
from oauth2client.contrib.appengine import FlowProperty
|
||||
from oauth2client.contrib.appengine import (
|
||||
InvalidClientSecretsError as AppEngineInvalidClientSecretsError)
|
||||
from oauth2client.contrib.appengine import OAuth2Decorator
|
||||
from oauth2client.contrib.appengine import oauth2decorator_from_clientsecrets
|
||||
from oauth2client.contrib.appengine import OAuth2DecoratorFromClientSecrets
|
||||
@@ -921,7 +919,7 @@ class DecoratorTests(unittest2.TestCase):
|
||||
'oauth2client.contrib.appengine.clientsecrets.loadfile')
|
||||
with loadfile_patch as loadfile_mock:
|
||||
loadfile_mock.return_value = ('badtype', None)
|
||||
with self.assertRaises(AppEngineInvalidClientSecretsError):
|
||||
with self.assertRaises(InvalidClientSecretsError):
|
||||
OAuth2DecoratorFromClientSecrets(
|
||||
'doesntmatter.json',
|
||||
scope=['foo_scope', 'bar_scope'])
|
||||
@@ -1077,5 +1075,5 @@ class DecoratorXsrfProtectionTests(unittest2.TestCase):
|
||||
self.assertEqual(
|
||||
'https://example.org',
|
||||
appengine._parse_state_value(state, UserMock()))
|
||||
with self.assertRaises(appengine.InvalidXsrfTokenError):
|
||||
appengine._parse_state_value(state[1:], UserMock())
|
||||
redirect_uri = appengine._parse_state_value(state[1:], UserMock())
|
||||
self.assertIsNone(redirect_uri)
|
||||
|
||||
Reference in New Issue
Block a user