def password_authorization(request, username, password, scope, expires_in):
policy = request.registry.queryUtility(IAuthenticationPolicy)
authapi = policy._getAPI(request)
credentials = {'login': username, 'password': password}
identity, headers = authapi.login(credentials)
if not identity:
return OAuth2ErrorHandler.error_unauthorized_client()
else:
# Create and store token
storage = request.registry.osiris_store
token = generate_token()
stored = storage.store(token, username, scope, expires_in)
# Issue token
if stored:
return dict(access_token=token,
token_type='bearer',
scope=scope,
expires_in=expires_in)
else:
# If operation error, return a generic server error
return HTTPInternalServerError()
def password_authorization(request, username, password, scope, expires_in):
policy = request.registry.queryUtility(IAuthenticationPolicy)
authapi = policy._getAPI(request)
credentials = {'login': username, 'password': password}
identity, headers = authapi.login(credentials)
if not identity:
return OAuth2ErrorHandler.error_unauthorized_client()
else:
# Create and store token
storage = request.registry.osiris_store
token = generate_token()
stored = storage.store(token, username, scope, expires_in)
# Issue token
if stored:
return dict(
access_token=token,
token_type='bearer',
scope=scope,
expires_in=expires_in
)
else:
# If operation error, return a generic server error
return HTTPInternalServerError()
