Add tests for new auth and logging classes.

Add a new coop auth demo.

Author: Jeff-Meadows

README.rst

@@ -287,6 +287,7 @@ Other Auth Options
 
 For advanced uses of the SDK, two additional auth classes are provided:
 
+- `CooperativelyManagedOAuth2`: Allows multiple auth instances to share tokens.
 - `RemoteOAuth2`: Allows use of the SDK on clients without access to your application's client secret. Instead, you
   provide a `retrieve_access_token` callback. That callback should perform the token refresh, perhaps on your server
   that does have access to the client secret.

boxsdk/auth/cooperatively_managed_oauth2.py

@@ -0,0 +1,35 @@
+# coding: utf-8
+
+from __future__ import unicode_literals
+from boxsdk import OAuth2
+
+
+class CooperativelyManagedOAuth2Mixin(OAuth2):
+    """
+    Box SDK OAuth2 mixin.
+    Allows for sharing auth tokens between multiple clients.
+    """
+    def __init__(self, retrieve_tokens=None, *args, **kwargs):
+        """
+        :param retrieve_tokens:
+            Callback to get the current access/refresh token pair.
+        :type retrieve_tokens:
+            `callable` of () => (`unicode`, `unicode`)
+        """
+        self._retrieve_tokens = retrieve_tokens
+        super(CooperativelyManagedOAuth2Mixin, self).__init__(*args, **kwargs)
+
+    def _get_tokens(self):
+        """
+        Base class override. Get the tokens from the user-specified callback.
+        """
+        return self._retrieve_tokens()
+
+
+class CooperativelyManagedOAuth2(CooperativelyManagedOAuth2Mixin):
+    """
+    Box SDK OAuth2 subclass.
+    Allows for sharing auth tokens between multiple clients. The retrieve_tokens callback should
+    return the current access/refresh token pair.
+    """
+    pass

boxsdk/auth/oauth2.py

@@ -28,6 +28,7 @@ def __init__(
             access_token=None,
             refresh_token=None,
             network_layer=None,
+            refresh_lock=None,
     ):
         """
         :param client_id:
@@ -62,14 +63,18 @@ def __init__(
             If specified, use it to make network requests. If not, the default network implementation will be used.
         :type network_layer:
             :class:`Network`
+        :param refresh_lock:
+            Lock used to synchronize token refresh. If not specified, then a :class:`threading.Lock` will be used.
+        :type refresh_lock:
+            Context Manager
         """
         self._client_id = client_id
         self._client_secret = client_secret
         self._store_tokens_callback = store_tokens
         self._access_token = access_token
         self._refresh_token = refresh_token
         self._network_layer = network_layer if network_layer else DefaultNetwork()
-        self._refresh_lock = Lock()
+        self._refresh_lock = refresh_lock or Lock()
         self._box_device_id = box_device_id
         self._box_device_name = box_device_name
 

boxsdk/auth/redis_managed_oauth2.py

@@ -24,12 +24,15 @@ class RedisManagedOAuth2Mixin(OAuth2):
     def __init__(self, unique_id=uuid4(), redis_server=None, *args, **kwargs):
         self._unique_id = unique_id
         self._redis_server = redis_server or StrictRedis()
-        super(RedisManagedOAuth2Mixin, self).__init__(*args, **kwargs)
+        refresh_lock = Lock(redis=self._redis_server, name='{0}_lock'.format(self._unique_id))
+        super(RedisManagedOAuth2Mixin, self).__init__(*args, refresh_lock=refresh_lock, **kwargs)
         if self._access_token is None:
             self._update_current_tokens()
-        self._refresh_lock = Lock(redis=self._redis_server, name='{0}_lock'.format(self._unique_id))
 
     def _update_current_tokens(self):
+        """
+        Get the latest tokens from redis and store them.
+        """
         self._access_token, self._refresh_token = self._redis_server.hvals(self._unique_id) or (None, None)
 
     @property

boxsdk/auth/remote_oauth2.py boxsdk/auth/remote_managed_oauth2.py

@@ -6,15 +6,17 @@
 
 class RemoteOAuth2Mixin(OAuth2):
     """
-    Box SDK OAuth2 subclass.
+    Box SDK OAuth2 mixin.
     Allows for storing auth tokens remotely.
 
-    :param retrieve_access_token:
-        Callback to exchange an existing access token for a new one.
-    :type retrieve_access_token:
-        `callable` of `unicode` => `unicode`
     """
     def __init__(self, retrieve_access_token=None, *args, **kwargs):
+        """
+        :param retrieve_access_token:
+            Callback to exchange an existing access token for a new one.
+        :type retrieve_access_token:
+            `callable` of `unicode` => `unicode`
+        """
         self._retrieve_access_token = retrieve_access_token
         super(RemoteOAuth2Mixin, self).__init__(*args, **kwargs)
 
@@ -24,3 +26,12 @@ def _refresh(self, access_token):
         """
         self._access_token = self._retrieve_access_token(access_token)
         return self._access_token, None
+
+
+class RemoteOAuth2(RemoteOAuth2Mixin):
+    """
+    Box SDK OAuth2 subclass.
+    Allows for storing auth tokens remotely. The retrieve_access_token callback should
+    return an access token, presumably acquired from a remote server on which your auth credentials are available.
+    """
+    pass

boxsdk/network/logging_network.py

@@ -10,6 +10,11 @@ class LoggingNetwork(DefaultNetwork):
     """
     SDK Network subclass that logs requests and responses.
     """
+    LOGGER_NAME = 'boxsdk.network'
+    REQUEST_FORMAT = '\x1b[36m%s %s %s\x1b[0m'
+    SUCCESSFUL_RESPONSE_FORMAT = '\x1b[32m%s\x1b[0m'
+    ERROR_RESPONSE_FORMAT = '\x1b[31m%s\n%s\n%s\n\x1b[0m'
+
     def __init__(self, logger=None):
         """
         :param logger:
@@ -19,7 +24,7 @@ def __init__(self, logger=None):
             :class:`Logger`
         """
         super(LoggingNetwork, self).__init__()
-        self._logger = logger or setup_logging(name='network')
+        self._logger = logger or setup_logging(name=self.LOGGER_NAME)
 
     @property
     def logger(self):
@@ -42,7 +47,7 @@ def _log_request(self, method, url, **kwargs):
         :type access_token:
             `unicode`
         """
-        self._logger.info('\x1b[36m%s %s %s\x1b[0m', method, url, pformat(kwargs))
+        self._logger.info(self.REQUEST_FORMAT, method, url, pformat(kwargs))
 
     def _log_response(self, response):
         """
@@ -51,10 +56,10 @@ def _log_response(self, response):
         :param response: The Box API response.
         """
         if response.ok:
-            self._logger.info('\x1b[32m%s\x1b[0m', response.content)
+            self._logger.info(self.SUCCESSFUL_RESPONSE_FORMAT, response.content)
         else:
             self._logger.warning(
-                '\x1b[31m%s\n%s\n%s\n\x1b[0m',
+                self.ERROR_RESPONSE_FORMAT,
                 response.status_code,
                 response.headers,
                 pformat(response.content),

demo/auth.py

@@ -15,7 +15,7 @@
 CLIENT_SECRET = ''  # Insert Box client secret here
 
 
-def authenticate():
+def authenticate(oauth_class=OAuth2):
     class StoppableWSGIServer(bottle.ServerAdapter):
         def __init__(self, *args, **kwargs):
             super(StoppableWSGIServer, self).__init__(*args, **kwargs)
@@ -45,7 +45,7 @@ def get_token():
     server_thread = Thread(target=lambda: local_oauth_redirect.run(server=local_server))
     server_thread.start()
 
-    oauth = OAuth2(
+    oauth = oauth_class(
         client_id=CLIENT_ID,
         client_secret=CLIENT_SECRET,
     )
@@ -60,7 +60,7 @@ def get_token():
     print('access_token: ' + access_token)
     print('refresh_token: ' + refresh_token)
 
-    return oauth
+    return oauth, access_token, refresh_token
 
 
 if __name__ == '__main__':

demo/cooperative_auth.py

@@ -0,0 +1,92 @@
+# coding: utf-8
+
+from __future__ import unicode_literals, absolute_import
+
+from logging import Logger
+from multiprocessing import Manager, Process
+from os import getpid
+
+from boxsdk.auth.cooperatively_managed_oauth2 import CooperativelyManagedOAuth2
+from boxsdk.network.logging_network import LoggingNetwork
+from boxsdk.util.log import setup_logging
+from boxsdk import Client
+
+from auth import authenticate, CLIENT_ID, CLIENT_SECRET
+
+
+def main():
+    # Create a multiprocessing manager to use as the token store
+    global tokens, refresh_lock
+    manager = Manager()
+    tokens = manager.Namespace()
+    refresh_lock = manager.Lock()
+
+    # Authenticate in master process
+    oauth2, tokens.access, tokens.refresh = authenticate(CooperativelyManagedOAuth2)
+
+    # Create 2 worker processes and wait on them to finish
+    workers = []
+    for _ in range(2):
+        worker_process = Process(target=worker)
+        worker_process.start()
+        workers.append(worker_process)
+    for worker_process in workers:
+        worker_process.join()
+
+
+def _retrive_tokens():
+    return tokens.access, tokens.refresh
+
+
+def _store_tokens(access_token, refresh_token):
+    tokens.access, tokens.refresh = access_token, refresh_token
+
+
+def worker():
+    # Set up a logging network, but use the LoggingProxy so we can see which PID is generating messages
+    logger = setup_logging(name='boxsdk.network.{0}'.format(getpid()))
+    logger_proxy = LoggerProxy(logger)
+    logging_network = LoggingNetwork(logger)
+
+    # Create a coop oauth2 instance.
+    # Tokens will be retrieved from and stored to the multiprocessing Namespace.
+    # A multiprocessing Lock will be used to synchronize token refresh.
+    # The tokens from the master process are used for initial auth.
+    # Whichever process needs to refresh
+    oauth2 = CooperativelyManagedOAuth2(
+        retrieve_tokens=_retrive_tokens,
+        client_id=CLIENT_ID,
+        client_secret=CLIENT_SECRET,
+        store_tokens=_store_tokens,
+        network_layer=logging_network,
+        access_token=tokens.access,
+        refresh_token=tokens.refresh,
+        refresh_lock=refresh_lock,
+    )
+    client = Client(oauth2, network_layer=logging_network)
+    _do_work(client)
+
+
+def _do_work(client):
+    # Do some work in a worker process.
+    # To see token refresh, perhaps put this in a loop (and don't forget to sleep for a bit between requests).
+    me = client.user(user_id='me').get()
+    items = client.folder('0').get_items(10)
+
+
+class LoggerProxy(Logger):
+    """
+    Proxy for a logger that injects the current PID before log messages.
+    """
+    def __init__(self, logger):
+        self._logger_log = logger._log
+        logger._log = self._log
+        self._preamble = 'PID {0}: '.format(getpid())
+
+    def _log(self, level, msg, args, exc_info=None, extra=None):
+        msg = self._preamble + msg
+        return self._logger_log(level, msg, args, exc_info=exc_info, extra=extra)
+
+
+if __name__ == '__main__':
+    main()

demo/example.py

@@ -290,7 +290,7 @@ def run_examples(oauth):
 def main():
 
     # Please notice that you need to put in your client id and client secret in demo/auth.py in order to make this work.
-    oauth = authenticate()
+    oauth, _, _ = authenticate()
     run_examples(oauth)
     os._exit(0)
 

demo/music_player.py

@@ -16,7 +16,7 @@ def __init__(self, folder_path):
         shuffle(self._mp3_files)
 
     def _get_client(self):
-        oauth = self._authenticate()
+        oauth, _, _ = self._authenticate()
         return Client(oauth)
 
     def _authenticate(self):

docs/source/boxsdk.auth.rst

@@ -4,6 +4,14 @@ boxsdk.auth package
 Submodules
 ----------
 
+boxsdk.auth.cooperatively_managed_oauth2 module
+-----------------------------------------------
+
+.. automodule:: boxsdk.auth.cooperatively_managed_oauth2
+    :members:
+    :undoc-members:
+    :show-inheritance:
+
 boxsdk.auth.jwt_auth module
 ---------------------------
 
@@ -28,10 +36,10 @@ boxsdk.auth.redis_managed_oauth2 module
     :undoc-members:
     :show-inheritance:
 
-boxsdk.auth.remote_oauth2 module
---------------------------------
+boxsdk.auth.remote_managed_oauth2 module
+----------------------------------------
 
-.. automodule:: boxsdk.auth.remote_oauth2
+.. automodule:: boxsdk.auth.remote_managed_oauth2
     :members:
     :undoc-members:
     :show-inheritance:

test/conftest.py

@@ -75,6 +75,7 @@ def retry_after_response(request):
 def server_error_response(request):
     mock_network_response = Mock(DefaultNetworkResponse)
     mock_network_response.status_code = int(request.param)
+    mock_network_response.ok = False
     return mock_network_response
 
 

test/unit/auth/test_cooperatively_managed_oauth2.py

@@ -0,0 +1,19 @@
+# coding: utf-8
+
+from __future__ import unicode_literals, absolute_import
+
+from mock import Mock
+
+from boxsdk.auth import cooperatively_managed_oauth2
+
+
+def test_cooperatively_managed_oauth2_calls_retrieve_tokens_during_refresh(access_token, refresh_token):
+    retrieve_tokens = Mock()
+    oauth2 = cooperatively_managed_oauth2.CooperativelyManagedOAuth2(
+        retrieve_tokens=retrieve_tokens,
+        client_id=None,
+        client_secret=None,
+    )
+    retrieve_tokens.return_value = access_token, refresh_token
+    assert oauth2.refresh(None) == (access_token, refresh_token)
+    retrieve_tokens.assert_called_once_with()

test/unit/auth/test_jwt_auth.py

@@ -79,9 +79,9 @@ def jwt_auth_init_mocks(
             )
 
             jwt_auth_open.assert_called_once_with(sentinel.rsa_path)
-            key_file.return_value.read.assert_called_once_with()
+            key_file.return_value.read.assert_called_once_with()  # pylint:disable=no-member
             load_pem_private_key.assert_called_once_with(
-                key_file.return_value.read.return_value,
+                key_file.return_value.read.return_value,  # pylint:disable=no-member
                 password=rsa_passphrase,
                 backend=default_backend(),
             )