def _process(self, **kwargs): if request.method == 'POST': if 'confirm' not in request.form: return False logger.info('User %s authorized %s', session.user, self.application) return True if self.application.is_trusted: logger.info('User %s automatically authorized %s', session.user, self.application) return True requested_scopes = set(kwargs['scopes']) token = self.application.tokens.filter_by(user=session.user).first() authorized_scopes = token.scopes if token else set() if requested_scopes <= authorized_scopes: return True new_scopes = requested_scopes - authorized_scopes return render_template( 'oauth/authorize.html', application=self.application, authorized_scopes=[ _f for _f in [SCOPES.get(s) for s in authorized_scopes] if _f ], new_scopes=[ _f for _f in [SCOPES.get(s) for s in new_scopes] if _f ])
def save_token(token_data, request, *args, **kwargs): # For the implicit flow # Check issue: https://github.com/lepture/flask-oauthlib/issues/209 if request.grant_type == 'authorization_code': user = request.user elif request.grant_type is None: # implicit flow user = session.user else: raise ValueError('Invalid grant_type') requested_scopes = set(token_data['scope'].split()) token = OAuthToken.find_first(OAuthApplication.client_id == request.client.client_id, OAuthToken.user == user, _join=OAuthApplication) if token is None: application = OAuthApplication.find_one(client_id=request.client.client_id) token = OAuthToken(application=application, user=user) db.session.add(token) token.access_token = token_data['access_token'] token.scopes = requested_scopes elif requested_scopes - token.scopes: logger.info('Added scopes to {}: {}'.format(token, requested_scopes - token.scopes)) # use the new access_token when extending scopes token.access_token = token_data['access_token'] token.scopes |= requested_scopes else: token_data['access_token'] = token.access_token token_data.pop('refresh_token', None) # we don't support refresh tokens so far token_data.pop('expires_in', None) # our tokens currently do not expire return token
def save_token(token_data, request, *args, **kwargs): # For the implicit flow # Check issue: https://github.com/lepture/flask-oauthlib/issues/209 if request.grant_type == 'authorization_code': user = request.user elif request.grant_type is None: # implicit flow user = session.user else: raise ValueError('Invalid grant_type') requested_scopes = set(token_data['scope'].split()) token = (OAuthToken.query.filter( OAuthApplication.client_id == request.client.client_id, OAuthToken.user == user).join(OAuthApplication).first()) if token is None: application = OAuthApplication.query.filter_by( client_id=request.client.client_id).one() token = OAuthToken(application=application, user=user) db.session.add(token) token.access_token = token_data['access_token'] token.scopes = requested_scopes elif requested_scopes - token.scopes: logger.info('Added scopes to %s: %s', token, requested_scopes - token.scopes) # use the new access_token when extending scopes token.access_token = token_data['access_token'] token.scopes |= requested_scopes else: token_data['access_token'] = token.access_token token_data.pop('refresh_token', None) # we don't support refresh tokens so far token_data.pop('expires_in', None) # our tokens currently do not expire return token
def _process(self): form = ApplicationForm(obj=self.application, application=self.application) if form.validate_on_submit(): form.populate_obj(self.application) logger.info("Application %s updated by %s", self.application, session.user) flash(_("Application {} was modified").format(self.application.name), 'success') return redirect(url_for('.apps')) return WPOAuthAdmin.render_template('app_details.html', application=self.application, form=form)
def _process(self): self.application.tokens.delete() logger.info("All user tokens for {} have been revoked.".format( self.application)) flash( _("All user tokens for this application were revoked successfully" ), 'success') return redirect(url_for('.app_details', self.application))
def _process(self): db.session.delete(self.token) logger.info("Token of application %s for user %s was revoked.", self.token.application, self.token.user) flash( _("Token for {} has been revoked successfully").format( self.token.application.name), 'success') return redirect(url_for('.user_profile'))
def _process(self): self.application.tokens.delete() logger.info("All user tokens for %s revoked by %s", self.application, session.user) flash( _("All user tokens for this application were revoked successfully" ), 'success') return redirect(url_for('.app_details', self.application))
def _process(self): form = ApplicationForm(obj=FormDefaults(is_enabled=True)) if form.validate_on_submit(): application = OAuthApplication() form.populate_obj(application) db.session.add(application) db.session.flush() logger.info("Application %s created by %s", application, session.user) flash(_("Application {} registered successfully").format(application.name), 'success') return redirect(url_for('.app_details', application)) return WPOAuthAdmin.render_template('app_new.html', form=form)
def _process(self, **kwargs): if request.method == 'POST': if 'confirm' not in request.form: return False logger.info('User %s authorized %s', session.user, self.application) return True if self.application.is_trusted: logger.info('User %s automatically authorized %s', session.user, self.application) return True requested_scopes = set(kwargs['scopes']) token = self.application.tokens.filter_by(user=session.user).first() authorized_scopes = token.scopes if token else set() if requested_scopes <= authorized_scopes: return True new_scopes = requested_scopes - authorized_scopes return render_template('oauth/authorize.html', application=self.application, authorized_scopes=filter(None, [SCOPES.get(s) for s in authorized_scopes]), new_scopes=filter(None, [SCOPES.get(s) for s in new_scopes]))
def _process(self): self.application.tokens.delete() logger.info("All user tokens for %s revoked by %s", self.application, session.user) flash(_("All user tokens for this application were revoked successfully"), 'success') return redirect(url_for('.app_details', self.application))
def _process(self): self.application.reset_client_secret() logger.info("Client secret of %s reset by %s", self.application, session.user) flash(_("New client secret generated for the application"), 'success') return redirect(url_for('.app_details', self.application))
def _process(self): db.session.delete(self.application) logger.info("Application %s deleted by %s", self.application, session.user) flash(_("Application deleted successfully"), 'success') return redirect(url_for('.apps'))
def _process(self): db.session.delete(self.application) logger.info("Application {} was deleted.".format(self.application)) flash(_("Application deleted successfully"), 'success') return redirect(url_for('.apps'))
def reset_client_secret(self): self.client_secret = unicode(uuid4()) logger.info("Client secret for %s has been reset.", self)
def _process(self): self.application.tokens.delete() logger.info("All user tokens for {} have been revoked.".format(self.application)) flash(_("All user tokens for this application were revoked successfully"), 'success') return redirect(url_for('.app_details', self.application))
def _process(self): db.session.delete(self.token) logger.info("Token of application %s for user %s was revoked.", self.token.application, self.token.user) flash(_("Token for {} has been revoked successfully").format(self.token.application.name), 'success') return redirect(url_for('.user_profile'))