def validate_code(self, client_id, code, client, request, *args, **kwargs): # Validate the code belongs to the client. Add associated scopes, # state and user to request.scopes, request.state and request.user. client = Client.objects(client_id=client_id).first() client_code = Code.objects(client=client).first() valid = client_code.code == code if valid and client_code.expires_at > get_utc_time(): request.scopes = client_code.scopes request.user = client_code.user request.state = client_code.state return True return False
def validate_code(self, client_id, code, client, request, *args, **kwargs): # Validate the code belongs to the client. Add associated scopes, # state and user to request.scopes, request.state and request.user. client = Client.objects(client_id=client_id).first() client_code = Code.objects(client=client).first() valid = client_code.code == code if valid and client_code.expires_at > get_utc_time(): request.scopes = client_code.scopes request.user = client_code.user request.state = client_code.state return True return False
def invalidate_authorization_code(self, client_id, code, request, *args, **kwargs): # Authorization codes are use once, invalidate it when a Bearer token # has been acquired. Code.objects(code=code).delete()
def confirm_redirect_uri(self, client_id, code, redirect_uri, client, *args, **kwargs): # You did save the redirect uri with the authorization code right? c = Code.objects(code=code, client=client).first() uri = get_auth_base_uri() + redirect_uri return c.redirect_uri == redirect_uri or uri == c.redirect_uri
def invalidate_authorization_code(self, client_id, code, request, *args, **kwargs): # Authorization codes are use once, invalidate it when a Bearer token # has been acquired. Code.objects(code=code).delete()
def confirm_redirect_uri(self, client_id, code, redirect_uri, client, *args, **kwargs): # You did save the redirect uri with the authorization code right? c = Code.objects(code=code, client=client).first() uri = get_auth_base_uri() + redirect_uri return c.redirect_uri == redirect_uri or uri == c.redirect_uri