Python generate_access_token Beispiele

Programmiersprache: Python

Namespace / Paketname: app.oauth.views.authorize

Methode / Funktion: generate_access_token

Beispiele auf hotexamples.com: 2

Python generate_access_token - 2 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die app.oauth.views.authorize.generate_access_token, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: test_authorize.py Projekt: roshanconnor123/app

def test_generate_access_token(flask_client):
    access_token = generate_access_token()
    assert len(access_token) == 40

Beispiel #2

Datei anzeigen

Datei: token.py Projekt: liuxuc63/app4simple-login

def token():
    """
    Calls by client to exchange the access token given the authorization code.
    The client authentications using Basic Authentication.
    The form contains the following data:
    - grant_type: must be "authorization_code"
    - code: the code obtained in previous step
    """
    # Basic authentication
    oauth_client_id = (request.authorization and request.authorization.username
                       ) or request.form.get("client_id")

    oauth_client_secret = (request.authorization
                           and request.authorization.password
                           ) or request.form.get("client_secret")

    client = Client.filter_by(oauth_client_id=oauth_client_id,
                              oauth_client_secret=oauth_client_secret).first()

    if not client:
        return jsonify(error="wrong client-id or client-secret"), 400

    # Get code from form data
    grant_type = request.form.get("grant_type")
    code = request.form.get("code")

    # sanity check
    if grant_type != "authorization_code":
        return jsonify(error="grant_type must be authorization_code"), 400

    auth_code: AuthorizationCode = AuthorizationCode.filter_by(
        code=code).first()
    if not auth_code:
        return jsonify(error=f"no such authorization code {code}"), 400
    elif auth_code.is_expired():
        AuthorizationCode.delete(auth_code.id)
        db.session.commit()
        LOG.d("delete expired authorization code:%s", auth_code)
        return jsonify(error=f"{code} already expired"), 400

    if auth_code.client_id != client.id:
        return jsonify(error="are you sure this code belongs to you?"), 400

    LOG.debug("Create Oauth token for user %s, client %s", auth_code.user,
              auth_code.client)

    # Create token
    oauth_token = OauthToken.create(
        client_id=auth_code.client_id,
        user_id=auth_code.user_id,
        scope=auth_code.scope,
        redirect_uri=auth_code.redirect_uri,
        access_token=generate_access_token(),
        response_type=auth_code.response_type,
    )
    db.session.add(oauth_token)

    # Auth code can be used only once
    AuthorizationCode.delete(auth_code.id)

    db.session.commit()

    client_user: ClientUser = ClientUser.get_by(client_id=auth_code.client_id,
                                                user_id=auth_code.user_id)

    user_data = client_user.get_user_info()

    res = {
        "access_token": oauth_token.access_token,
        "token_type": "Bearer",
        "expires_in": 3600,
        "scope": auth_code.scope,
        "user": user_data,  # todo: remove this
    }

    if oauth_token.scope and Scope.OPENID.value in oauth_token.scope:
        res["id_token"] = make_id_token(client_user)

    # Also return id_token if the initial flow is "code,id_token"
    # cf https://medium.com/@darutk/diagrams-of-all-the-openid-connect-flows-6968e3990660
    response_types = get_response_types_from_str(auth_code.response_type)
    if ResponseType.ID_TOKEN in response_types:
        res["id_token"] = make_id_token(client_user)

    return jsonify(res)