def token_endpoint(request):
"""
The token endpoint is used by the client to obtain an access token by
presenting its authorization grant or refresh token. The token
endpoint is used with every authorization grant except for the
implicit grant type (since an access token is issued directly).
"""
expires_in = request.registry.settings.get('osiris.tokenexpiry', 0)
grant_type = request.params.get('grant_type')
# Authorization Code Grant
if grant_type == 'authorization_code':
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Implicit Grant
elif grant_type == 'implicit':
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Client Credentials
elif grant_type == 'client_credentials':
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Client Credentials Grant
elif grant_type == 'password':
scope = request.params.get('scope', '') # Optional
username = request.params.get('username', None)
password = request.params.get('password', None)
if username is None:
return OAuth2ErrorHandler.error_invalid_request('Required paramer "username" not found in the request')
elif password is None:
return OAuth2ErrorHandler.error_invalid_request('Required paramer "password" not found in the request')
else:
return password_authorization(request, username, password, scope, expires_in)
else:
return OAuth2ErrorHandler.error_unsupported_grant_type()
def token_endpoint(request):
"""
The token endpoint is used by the client to obtain an access token by
presenting its authorization grant or refresh token. The token
endpoint is used with every authorization grant except for the
implicit grant type (since an access token is issued directly).
"""
expires_in = request.registry.settings.get("osiris.tokenexpiry", 0)
grant_type = request.params.get("grant_type")
# Authorization Code Grant
if grant_type == "authorization_code":
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Implicit Grant
elif grant_type == "implicit":
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Client Credentials
elif grant_type == "client_credentials":
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Client Credentials Grant
elif grant_type == "password":
scope = request.params.get("scope", None) # Optional
username = request.params.get("username", None)
password = request.params.get("password", None)
if username is None:
return OAuth2ErrorHandler.error_invalid_request("Required parameter username not found in the request")
elif password is None:
return OAuth2ErrorHandler.error_invalid_request("Required parameter password not found in the request")
else:
return password_authorization(request, username, password, scope, expires_in)
else:
return OAuth2ErrorHandler.error_unsupported_grant_type()
def token_endpoint(request):
"""
The token endpoint is used by the client to obtain an access token by
presenting its authorization grant or refresh token. The token
endpoint is used with every authorization grant except for the
implicit grant type (since an access token is issued directly).
"""
expires_in = request.registry.settings.get('osiris.tokenexpiry', 0)
grant_type = request.params.get('grant_type')
# Authorization Code Grant
if grant_type == 'authorization_code':
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Implicit Grant
elif grant_type == 'implicit':
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Client Credentials
elif grant_type == 'client_credentials':
return OAuth2ErrorHandler.error_unsupported_grant_type()
# Client Credentials Grant
elif grant_type == 'password':
scope = request.params.get('scope', None) # Optional
username = urllib.unquote(request.params.get('username', None))
password = urllib.unquote(request.params.get('password', None))
if username is None:
return OAuth2ErrorHandler.error_invalid_request(
'Required parameter username not found in the request')
elif password is None:
return OAuth2ErrorHandler.error_invalid_request(
'Required parameter password not found in the request')
else:
return password_authorization(request, username, password, scope,
expires_in)
else:
return OAuth2ErrorHandler.error_unsupported_grant_type()
