def _get_authorization_code_token(self):
"""
Generate an access token after authorization_code authorization.
"""
access_token = AccessTokenDAO.create(self.client.id, self.user)
CodeDAO.delete(self.code)
return access_token
def _validate_authorization_code(self):
"""
Validate an authorization_code request.
"""
if not self.code_key:
raise InvalidRequest('No code_key provided')
self.code = CodeDAO.get(key=self.code_key)
if not self.code:
raise InvalidRequest('No such code: %s' % self.code_key)
if self.code.expire < time.time():
raise InvalidGrant("Provided code is expired")
if self.redirect_uri is None:
raise InvalidRequest('No redirect_uri')
if normalize(self.redirect_uri) != normalize(self.code.redirect_uri):
raise InvalidRequest("redirect_uri doesn't match")
def grant_redirect(self, client_id, user_id, redirect_uri, scope):
code = CodeDAO.create(client_id=client_id, user_id=user_id, redirect_uri=redirect_uri, scope=scope)
parameters = {"code": code.key}
redirect_uri = add_parameters(redirect_uri, parameters)
return redirect_uri
