def signup_client(request):
serializer = SignupClientSerializer(data=request.data, context={'request': request})
serializer.is_valid()
# print("serializer error: ", oauth2_settings)
if serializer.errors:
return Response(data=serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
else:
serializer.save()
application = Application.objects.get(client_id=serializer.initial_data["client_id"])
expires = timezone.now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
activated_user = User.objects.get(email=serializer.data["email"])
access_token = AccessToken(
user=activated_user,
scope='',
expires=expires,
token=common.generate_token(),
application=application
)
access_token.save()
refresh_token = RefreshToken(
user=activated_user,
token=common.generate_token(),
application=application,
access_token=access_token
)
refresh_token.save()
return Response({"expires": expires, "access_token": access_token.token,
"refresh_token": refresh_token.token}, status=200)
def add(cls,
name,
redirect_uri='',
allowed_grant_types=None,
allowed_response_types=None,
allowed_scopes=None):
client_id = generate_token()
client_secret = generate_token()
allowed_grant_types = allowed_grant_types or ['authorization_code']
allowed_response_types = allowed_response_types or ['token']
allowed_scopes = set(allowed_scopes or []) | {OAuthScope.basic}
sql = ('insert into oauth_client'
' (name, client_id, client_secret, redirect_uri,'
' allowed_grant_types, allowed_response_types,'
' allowed_scopes) '
'values (%s, %s, %s, %s, %s, %s, %s)')
params = (name, client_id, client_secret, redirect_uri,
' '.join(allowed_grant_types),
' '.join(allowed_response_types),
' '.join(scope.value for scope in allowed_scopes))
id_ = db.execute(sql, params)
db.commit()
cls.clear_cache(id_)
return cls.get(id_)
def get_access_token(user): #,serializer):
app = Application.objects.get(name="Pharmeasy")
try:
old_access_token = AccessToken.objects.get(user=user, application=app)
old_refresh_token = RefreshToken.objects.get(user=user,
application=app)
except:
pass
else:
old_access_token.delete()
old_refresh_token.delete()
access_token = generate_token()
refresh_token = generate_token()
oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS = 100000000
expires = now() + timedelta(
seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects. \
create(user=user,
application=app,
expires=expires,
token=access_token,
scope=scope)
RefreshToken.objects. \
create(user=user,
application=app,
token=refresh_token,
access_token=access_token)
#serializer.save()
return get_token_json(access_token)
def convert_token(request):
try:
app = Application.objects.get(name=PROPRIETARY_APPLICATION_NAME)
except Application.DoesNotExist:
return Response(
{
"detail":
"The server's oauth2 application is not setup or misconfigured"
},
status=status.HTTP_501_NOT_IMPLEMENTED)
token = AccessToken.objects.create(user=request.user,
application=app,
token=generate_token(),
expires=timezone.now() +
timedelta(days=1),
scope="read write")
refresh_token = RefreshToken.objects.create(access_token=token,
token=generate_token(),
user=request.user,
application=app)
code = status.HTTP_201_CREATED
return Response(
{
"access_token": token.token,
"refresh_token": refresh_token.token,
"token_type": "Bearer",
"expires_in": int(
(token.expires - timezone.now()).total_seconds()),
"scope": token.scope
},
status=status.HTTP_201_CREATED)
def access_token_gen(user):
try:
app = Application.objects.get(name="Facebook")
old_access_token = AccessToken.objects.filter(user=user, \
application=app)
old_refresh_token = RefreshToken.objects.filter(user=user, \
access_token=old_access_token)
except:
pass
logger_error.error(traceback.format_exc())
else:
old_access_token.delete()
old_refresh_token.delete()
# we generate an access token
token = generate_token()
# we generate a refresh token
refresh_token = generate_token()
expires = now() + timedelta(
seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
# we create the access token
access_token = AccessToken.objects.\
create(user=user,
application=app,
expires=expires,
token=token,
scope=scope)
# we create the refresh token
RefreshToken.objects.\
create(user=user,
application=app,
token=refresh_token,
access_token=access_token)
logger_user.info("Token created")
return get_token_json(access_token, app, refresh_token)
def generate_new_token_for_user(self, user, scope='r:profile', application=None, expires=None, refresh_token=False):
with transaction.atomic():
if application is None:
application, created = Application.objects.get_or_create(
client_id='public',
client_type=Application.CLIENT_PUBLIC,
authorization_grant_type=Application.GRANT_PASSWORD,
)
if created:
ApplicationInfo.objects.create(application=application)
if expires is None:
access_token_expires_seconds = getattr(settings, 'OAUTH2_PROVIDER', {}).get(
'ACCESS_TOKEN_EXPIRE_SECONDS', 86400)
expires = timezone.now() + timezone.timedelta(seconds=access_token_expires_seconds)
accesstoken = self.create(
application=application,
user=user,
expires=expires,
token=generate_token(),
scope=scope
)
if refresh_token:
accesstoken.refresh_token = RefreshToken.objects.create(
access_token=accesstoken,
user=user,
application=application,
token=generate_token()
)
return accesstoken
def get_access_token(user):
application = Application.objects.get(name="my-api-app")
try:
old_access_token = AccessToken.objects.get(user=user, application=application)
old_refresh_token = RefreshToken.objects.get(user=user, access_token=old_access_token)
except:
pass
else:
old_access_token.delete()
old_refresh_token.delete()
token = generate_token()
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects.\
create(user=user,
application=application,
expires=expires,
token=token,
scope=scope)
RefreshToken.objects.\
create(user=user,
application=application,
token=refresh_token,
access_token=access_token)
return get_token_json(access_token)
def get_access_token(user):
"""
Takes a user instance and return an access_token as a JsonResponse
instance.
"""
app = get_default_app()
try:
old_access_token = AccessToken.objects.get(user=user, application=app)
old_refresh_token = RefreshToken.objects.get(user=user, access_token=old_access_token)
except:
pass
else:
old_access_token.delete()
old_refresh_token.delete()
token = generate_token()
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects.create(user=user, application=app, expires=expires, token=token, scope=scope)
RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token)
return get_token_json(access_token)
def get_access_token(user):
"""
Takes a user instance and return an access_token as a JsonResponse
instance.
"""
# our oauth2 app
app = Application.objects.get(name=OAUTH_APP_NAME)
# We delete the old access_token and refresh_token
try:
old_access_token = AccessToken.objects.get(user=user, application=app)
old_refresh_token = RefreshToken.objects.get(user=user, access_token=old_access_token)
except:
pass
else:
old_access_token.delete()
old_refresh_token.delete()
# we generate an access token
token = generate_token()
# we generate a refresh token
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
# we create the access token
access_token = AccessToken.objects.create(user=user, application=app, expires=expires, token=token, scope=scope)
# we create the refresh token
RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token)
# we call get_token_json and returns the access token as json
return get_token_json(access_token)
def convert_token(request):
try:
app = Application.objects.get(name=PROPRIETARY_APPLICATION_NAME)
except Application.DoesNotExist:
return Response({
"detail": "The server's oauth2 application is not setup or misconfigured"
}, status=status.HTTP_403_FORBIDDEN)
code = status.HTTP_200_OK
token = AccessToken.objects.filter(user=request.user, application=app).order_by('expires').last()
# If the token is goinf to expire within the minute, we generate a new one
if not token or int((token.expires - timezone.now()).total_seconds()) < 60:
token = AccessToken.objects.create(user=request.user, application=app,
token=generate_token(), expires=timezone.now() + timedelta(days=1),
scope="read write")
refresh_token = RefreshToken.objects.create(access_token=token,
token=generate_token(), user=request.user, application=app)
code = status.HTTP_201_CREATED
else:
try:
refresh_token = RefreshToken.objects.get(access_token=token,
user=request.user, application=app)
except RefreshToken.DoesNotExist:
refresh_token = RefreshToken.objects.create(access_token=token,
token=generate_token(), user=request.user, application=app)
return Response({
"access_token": token.token,
"refresh_token": refresh_token.token,
"token_type": "Bearer",
"expires_in": int((token.expires - timezone.now()).total_seconds()),
"scope": token.scope
}, status=code)
def save(self, *args, **kwargs):
if not self.key:
self.key = generate_token(32)
if not self.secret:
self.secret = generate_token(32)
super(Token, self).save(*args, **kwargs)
def generate(client, callback=None):
if callback is None:
callback = client.default_callback
return OAuthRequestToken.objects.create(
client=client,
token=generate_token(),
secret=generate_token(),
callback=callback)
class LTIConsumerFactory(factory.alchemy.SQLAlchemyModelFactory):
class Meta:
model = LTIConsumer
sqlalchemy_session = db.session
oauth_consumer_key = generate_token()
oauth_consumer_secret = generate_token()
lti_version = "LTI-1p0"
def post(self, request):
# STEP 1:
# Lookup the refresh token and if it does not exist then return 401 error.
token = request.data.get('refresh_token', None)
refresh_token = RefreshToken.objects.filter(token=token).first()
if refresh_token is None:
print(token, "not found!")
return Response(data=[], status=status.HTTP_401_UNAUTHORIZED)
# STEP 2:
# Make the refresh token and access token not longer valid.
refresh_token.revoked = timezone.now()
refresh_token.save()
refresh_token.access_token.expires = timezone.now()
refresh_token.access_token.save()
# STEP 3:
# Create our new access token and refresh token....
# Get our web application authorization.
application = Application.objects.filter(
name=settings.MIKAPONICS_RESOURCE_SERVER_NAME).first()
# Generate our "NEW" access token which does not have a time limit.
# We want to generate a new token every time because the user may be
# logging in from multiple locations and may log out from multiple
# locations so we don't want the user using the same token every time.
aware_dt = timezone.now()
expires_dt = aware_dt + timezone.timedelta(days=1)
access_token = AccessToken.objects.create(
application=application,
user=refresh_token.user,
expires=expires_dt,
token=generate_token(),
scope='read,write,introspection')
refresh_token = RefreshToken.objects.create(application=application,
user=refresh_token.user,
access_token=access_token,
token=generate_token())
# STEP 4:
# Return our new credentials.
revoked_at = int(refresh_token.revoked.timestamp()
) if refresh_token.revoked is not None else None
return Response(data={
'access_token': {
'token': str(access_token),
'expires': int(access_token.expires.timestamp()),
'scope': str(access_token.scope)
},
'refresh_token': {
'token': str(refresh_token),
'revoked': revoked_at,
}
},
status=status.HTTP_200_OK)
def create(self,request):
mobile=request.data.get('mobile')
if not mobile:
return Response('please enter the mobile no:')
phone_object=PhoneNumber()
phone_object.phone=mobile
phone_object.save()
try:
email=request.data.get('email')
user_email=MyUser.objects.filter(email=email)
if user_email:
return Response('already register email')
myuser=MyUser()
myuser.save()
myuser.mobile.add(phone_object)
myuser.email=request.data.get('email')
myuser.first_name=request.data.get('first_name')
myuser.last_name=request.data.get('last_name')
myuser.date_of_birth=request.data.get('dob')
myuser.gender=request.data.get('gender')
myuser.role=request.data.get('role')
myuser.set_password(request.data.get('password'))
myuser.mobile.add(phone_object)
myuser.is_active=True
myuser.save()
app = Application.objects.create(user=myuser)
token = generate_token()
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects.create(user=myuser,
application=app,
expires=expires,
token=token,
scope=scope,
)
print("access token ------->", access_token)
RefreshToken.objects.create(user=myuser,
application=app,
token=refresh_token,
access_token=access_token
)
response = {
'access_token': access_token.token,
'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS,
'token_type': 'Bearer',
'refresh_token': access_token.refresh_token.token,
'client_id': app.client_id,
'client_secret': app.client_secret
}
return Response({'response':'you are sign up successfull ','message':True,'status':status.HTTP_200_OK})
except Exception as error:
traceback.print_exc()
return Response({'response':str(error),'message':False,'status':status.HTTP_200_OK})
def test_has_required_params(self):
client_id = generate_client_id()
client_secret = generate_token()
tc = ToolConsumer(client_id, client_secret, launch_url="http://example.edu")
self.assertFalse(tc.has_required_params())
tc.launch_params["resource_link_id"] = generate_token()
self.assertTrue(tc.has_required_params())
def get_access_token(user):
"""
Takes a user instance and return an access_token as a JsonResponse instance.
"""
app = Application.objects.get(name="Fabler")
# We delete the old access_token and refresh_token
try:
old_access_token = AccessToken.objects.get(
user=user, application=app)
old_refresh_token = RefreshToken.objects.get(
user=user, access_token=old_access_token
)
except:
try:
old_access_tokens = AccessToken.objects.all().filter(user=user, application=app)
old_refresh_tokens = RefreshToken.objects.all().filter(user=user, access_token=old_access_tokens)
except:
# Something's wrong if we get here
pass
else:
old_access_tokens.delete()
old_refresh_tokens.delete()
else:
timenow = datetime.utcnow().replace(tzinfo=pytz.utc)
if timenow < old_access_token.expires:
return get_token_json(old_access_token)
old_access_token.delete()
old_refresh_token.delete()
# we generate an access token
token = generate_token()
# we generate a refresh token
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
# we create the access token
access_token = AccessToken.objects. \
create(user=user,
application=app,
expires=expires,
token=token,
scope=scope)
# we create the refresh token
RefreshToken.objects. \
create(user=user,
application=app,
token=refresh_token,
access_token=access_token)
# we call get_token_json and returns the access token as json
return get_token_json(access_token)
def test_generate_token(self):
token = generate_token()
self.assertEqual(len(token), 30)
token = generate_token(length=44)
self.assertEqual(len(token), 44)
token = generate_token(length=6, chars="python")
self.assertEqual(len(token), 6)
for c in token:
self.assertIn(c, "python")
def create(self, request, *args, **kwargs):
"""
"""
data = request.data
data = dict(data.items())
serializer = UserCreateSerializer(data=data)
host = request.META['HTTP_HOST']
if serializer.is_valid():
user = get_user_model().objects.create_user(**serializer.data)
user.set_password(data.get('password'))
user.is_active = False
user.save()
# here generating the activation key
activation_key = str(uuid.uuid4())
user.activation_key = activation_key
user.save()
profile = Profile(user=user)
profile.save()
mail_user_activation_key(user, host=host)
# getting application
application = Application.objects.get(name="mmb")
# creating access token
access_token = AccessToken(user=user,
expires=expires,
token=generate_token(),
application=application)
access_token.save()
refresh_token = RefreshToken.objects.create(
user=user,
token=generate_token(),
access_token=access_token,
application=application)
response = {
'access_token':
access_token.token,
'token_type':
'Bearer',
'expires_in':
settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS'],
'refresh_token':
refresh_token.token
}
return Response(response, status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def test_generate_token(self):
token = generate_token()
self.assertEqual(len(token), 30)
token = generate_token(length=44)
self.assertEqual(len(token), 44)
token = generate_token(length=6, chars="python")
self.assertEqual(len(token), 6)
for c in token:
self.assertIn(c, "python")
def access_token(self):
"""Create an OAuth access token for an authorized client.
Defaults to /access_token. Invoked by client applications.
"""
access_token = generate_token(length=self.access_token_length[1])
token_secret = generate_token(self.secret_length)
client_key = request.oauth.client_key
self.save_access_token(client_key, access_token,
request.oauth.resource_owner_key, secret=token_secret)
return urlencode([(u'oauth_token', access_token),
(u'oauth_token_secret', token_secret)])
def test_has_required_params(self):
client_id = generate_client_id()
client_secret = generate_token()
tc = ToolConsumer(client_id,
client_secret,
launch_url='http://example.edu')
self.assertFalse(tc.has_required_params())
tc.launch_params['resource_link_id'] = generate_token()
self.assertTrue(tc.has_required_params())
def create(self,request):
try:
email=request.data.get('email')
password=request.data.get('password')
user=authenticate(email=email,password=password)
send_email_display()
if user is not None:
app = Application.objects.get(user=user)
# token = get_access_token(user)
token = generate_token()
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects.create(user=user,
application=app,
expires=expires,
token=token,
scope=scope,
)
RefreshToken.objects.create(user=user,
application=app,
token=refresh_token,
access_token=access_token
)
response = {
'name':user.first_name,
'access_token': access_token.token,
'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS, 'token_type': 'Bearer',
'refresh_token': access_token.refresh_token.token,
'client_id': app.client_id,
'client_secret': app.client_secret
}
return Response({'response':response,'message':True,'status':status.HTTP_200_OK})
else:
email=MyUser.objects.filter(email=email)
if not email:
return Response({'response':'email is not valid plz enter valid email id','message':False,'status':status.HTTP_200_OK})
password=MyUser.objects.filter(password=password)
if not password:
return Response({'response':'password is not valid plz enter valid paasword id','message':False,'status':status.HTTP_200_OK})
except Exception as error:
traceback.print_exc()
return Response({'response':str(error),'message':False,'status':status.HTTP_200_OK})
def create(self, request):
try:
email = request.data.get('email')
print('eeeeeeeeee', email)
password = (request.data.get('password'))
print('password', password)
user = authenticate(email=email, password=password)
print('ppppppp', user)
if user is not None:
app = Application.objects.get(user=user)
token = generate_token()
refresh_token = generate_token()
expires = now() + timedelta(
seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects.create(
user=user,
application=app,
expires=expires,
token=token,
scope=scope,
)
RefreshToken.objects.create(user=user,
application=app,
token=refresh_token,
access_token=access_token)
response = {
'access_token': access_token.token,
'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS,
'token_type': 'Bearer',
'refresh_token': access_token.refresh_token.token,
'client_id': app.client_id,
'client_secret': app.client_secret
}
return Response({
"response": response,
'success': True,
'status': status.HTTP_200_OK
})
else:
return Response("excess denied")
except Exception as error:
traceback.print_exc()
return Response({
'response': str(error),
'success': False,
'status': status.HTTP_200_OK
})
def get_or_create_token(user):
print "get_or_create_token for user : "******"DEBUG Show all tokens"
# tokens = AccessToken.objects.all()
# print "Found ", len(tokens), " tokens"
# for token in tokens:
# print "Token : ", token.id, token.user, token.token, token.application, token.expires, token.scope
# refresh_token = RefreshToken.objects.get(access_token=token)
# print "Refresh token : ", refresh_token.id, refresh_token.user, refresh_token.application, refresh_token, refresh_token.access_token
# # DEBUG Show all tokens
# print "ENDDEBUG Show all tokens"
application = Application.objects.get(
name="Local OAuth2 Server with Password")
tokens = AccessToken.objects.filter(user=user,
expires__gt=datetime.now(),
application=application)
print "Found ", len(tokens), " tokens"
for token in tokens:
print "Token : ", token.id, token.user, token.token, token.application, token.expires, token.scope
refresh_token = RefreshToken.objects.get(access_token=token)
print "Refresh token : ", refresh_token.id, refresh_token.user, refresh_token.application, refresh_token, refresh_token.access_token
if len(tokens) == 0:
print "Create new token"
expires = datetime.now() + timedelta(seconds=36000)
scope = "read write"
token = AccessToken.objects.create(user=user,
application=application,
expires=expires,
token=generate_token(),
scope=scope)
refresh_token = RefreshToken.objects.create(
user=user,
application=application,
token=generate_token(),
access_token=token)
print "Created token : ", token.id, token.user, token.token, token.application, token.expires, token.scope
print "with a Refresh token : ", refresh_token.id, refresh_token.user, refresh_token.application, refresh_token, refresh_token.access_token
return token
else:
# get the first
print "Return the first found token"
return tokens[0]
except:
# do something
print "Exception is thrown"
return None
def access_token(self):
"""Create an OAuth access token for an authorized client.
Defaults to /access_token. Invoked by client applications.
"""
access_token = generate_token(length=self.access_token_length[1])
token_secret = generate_token(self.secret_length)
client_key = request.oauth.client_key
self.save_access_token(client_key,
access_token,
request.oauth.resource_owner_key,
secret=token_secret)
return urlencode([(u'oauth_token', access_token),
(u'oauth_token_secret', token_secret)])
def __call__(self, request, refresh_token=False):
token = {
'access_token': common.generate_token(),
'expires_in': self.expires_in,
'scope': ' '.join(request.scopes),
'token_type': 'Bearer',
}
if getattr(request, 'state', None):
token['state'] = request.state
if refresh_token:
token['refresh_token'] = common.generate_token()
self.save_token(request, token)
return token
def generate_tokens(app, account):
"""
Generate Access and Refresh tokens for an oauth2 app's account
"""
next_week = timezone.now() + timedelta(weeks=1)
access_token = AccessToken.objects.create(application=app,
user=account,
scope='read write',
token=generate_token(),
expires=next_week)
refresh_token = RefreshToken.objects.create(application=app,
user=account,
access_token=access_token,
token=generate_token())
return access_token, refresh_token
def get_access_token(user,request):
"""
Takes a user instance and return an access_token as a JsonResponse
instance.
"""
# our oauth2 app
app = Application.objects.get(name="issste")
# We delete the old access_token and refresh_token
try:
old_access_token = AccessToken.objects.get(
user_id=user.id, application_id=app.id)
old_refresh_token = RefreshToken.objects.get(
user=user, access_token=old_access_token
)
except:
pass
else:
old_access_token.delete()
old_refresh_token.delete()
# we generate an access token
token = generate_token()
# we generate a refresh token
refresh_token = generate_token()
expires = now() + timedelta(seconds=oauth2_settings.
ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
# we create the access token
access_token = AccessToken.objects.\
create(user=user,
application=app,
expires=expires,
token=token,
scope=scope)
# we create the refresh token
RefreshToken.objects.\
create(user=user,
application=app,
token=refresh_token,
access_token=access_token)
request.session["access_token"] = access_token.token
# we call get_token_json and returns the access token as json
return get_token_json(access_token)
def create_access_token(user, scope):
"""
Takes a user instance and return an access_token as a JsonResponse
instance.
:param user: django user instance
:param scope: should be valid oauth scope value
:return: Token dictionary object
"""
# retrieve our oauth2 application model
app = get_application_model().objects.get(
name=settings.OAUTH2_APPLICATION_NAME)
# Delete any existing access and refresh tokens.
try:
at = AccessToken.objects.get(user=user, application=app)
RefreshToken.objects.get(user=user, access_token=at).delete()
at.delete()
except:
pass
# Generate new tokens
atoken = generate_token()
rtoken = generate_token()
# Setup the access token expiration value.
expires = now() + timedelta(
seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
# Create the access token model object.
access_token = AccessToken.objects.\
create(user=user,
application=app,
expires=expires,
token=atoken,
scope=scope)
# Create the refresh token model object.
RefreshToken.objects.\
create(user=user,
application=app,
token=rtoken,
access_token=access_token)
# Return dictionary object with token information.
return build_token_dict(access_token)
def create(self, request):
try:
user = MyUser()
user.name = request.data.get('name')
user.email = request.data.get('email')
user.set_password(request.data.get('password'))
user.maid_choices = request.data.get('maid_choices')
user.is_active = True
user.save()
app = Application.objects.create(user=user)
token = generate_token()
refresh_token = generate_token()
expires = now() + timedelta(
seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
scope = "read write"
access_token = AccessToken.objects.create(
user=user,
application=app,
expires=expires,
token=token,
scope=scope,
)
print("access token ------->", access_token)
RefreshToken.objects.create(user=user,
application=app,
token=refresh_token,
access_token=access_token)
response = {
'access_token': access_token.token,
'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS,
'token_type': 'Bearer',
'refresh_token': access_token.refresh_token.token,
'client_id': app.client_id,
'client_secret': app.client_secret
}
return Response({
"response": response,
'status': status.HTTP_200_OK,
'success': True
})
except Exception as error:
traceback.print_exc()
return Response({
'message': str(error),
'status': status.HTTP_200_OK,
'success': False
})
def test_new_request(self):
key = generate_client_id()
secret = generate_token()
lp = {
'lti_version': 'foo',
'lti_message_type': 'bar',
'resource_link_id': 123
}
tp = create_tp(key, secret, lp)
req = tp.new_request({})
self.assertIsInstance(req, OutcomeRequest)
self.assertEqual(req, tp._last_outcome_request)
self.assertEqual(req.consumer_key, key)
self.assertEqual(len(tp.outcome_requests), 1)
# outcome request should get assigned attr
req = tp.new_request({'score': 1.0})
self.assertEqual(req.score, 1.0)
self.assertEqual(len(tp.outcome_requests), 2)
# but can't override some fields
req = tp.new_request({'consumer_key': 'foo'})
self.assertEqual(req.consumer_key, key)
self.assertEqual(len(tp.outcome_requests), 3)
# should fail if we use an invalid opt
self.assertRaises(InvalidLTIConfigError, tp.new_request, {'foo': 1})
self.assertEqual(len(tp.outcome_requests), 3)
def _set_token(self, request, response):
if request.user and request.user.is_authenticated():
access_token = request.META.get('ACCESS_TOKEN', None)
if access_token is None:
Application = get_application_model()
geoserver_app = Application.objects.get(name="GeoServer")
token = generate_token()
ttl = datetime.datetime.now() + datetime.timedelta(days=3)
AccessToken.objects.get_or_create(user=request.user,
application=geoserver_app,
expires=ttl,
token=token)
access_token = token
response.set_cookie(
settings.ACCESS_TOKEN_NAME,
access_token,
max_age=settings.SESSION_COOKIE_AGE,
domain=settings.SESSION_COOKIE_DOMAIN,
path=settings.SESSION_COOKIE_PATH,
secure=settings.SESSION_COOKIE_SECURE or None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None,)
patch_vary_headers(response, ('Cookie',))
else:
response.delete_cookie(settings.ACCESS_TOKEN_NAME,
domain=settings.SESSION_COOKIE_DOMAIN)
def test_new_request(self):
key = generate_client_id()
secret = generate_token()
lp = {
'lti_version': 'foo',
'lti_message_type': 'bar',
'resource_link_id': 123
}
tp = create_tp(key, secret, lp)
req = tp.new_request({})
self.assertIsInstance(req, OutcomeRequest)
self.assertEqual(req, tp._last_outcome_request)
self.assertEqual(req.consumer_key, key)
self.assertEqual(len(tp.outcome_requests), 1)
# outcome request should get assigned attr
req = tp.new_request({'score': 1.0})
self.assertEqual(req.score, 1.0)
self.assertEqual(len(tp.outcome_requests), 2)
# but can't override some fields
req = tp.new_request({'consumer_key': 'foo'})
self.assertEqual(req.consumer_key, key)
self.assertEqual(len(tp.outcome_requests), 3)
# should fail if we use an invalid opt
self.assertRaises(InvalidLTIConfigError, tp.new_request, {'foo': 1})
self.assertEqual(len(tp.outcome_requests), 3)
def request_token(self):
"""Create an OAuth request token for a valid client request.
Defaults to /request_token. Invoked by client applications.
"""
client_key = request.oauth.client_key
realm = request.oauth.realm
# TODO: fallback on default realm?
callback = request.oauth.callback_uri
request_token = generate_token(length=self.request_token_length[1])
token_secret = generate_token(length=self.secret_length)
self.save_request_token(client_key, request_token, callback,
realm=realm, secret=token_secret)
return urlencode([(u'oauth_token', request_token),
(u'oauth_token_secret', token_secret),
(u'oauth_callback_confirmed', u'true')])
def create_oauth_token(self, application, user, scope='', expires=None,
**kwargs):
"""Create an OAuth2 access token for testing.
Args:
application (reviewboard.oauth.models.Application):
The application the token should be associated with.
user (django.contrib.auth.models.User):
The user who should own the token.
scope (unicode, optional):
The scopes of the token. This argument defaults to the empty
scope.
expires (datetime.timedelta, optional):
How far into the future the token expires. If not provided,
this argument defaults to one hour.
Returns:
oauth2_provider.models.AccessToken:
The created access token.
"""
if expires is None:
expires = timedelta(hours=1)
return AccessToken.objects.create(
application=application,
token=generate_token(),
expires=timezone.now() + expires,
scope=scope,
user=user,
)
def create_authorization_code(self, request):
"""Generates an authorization grant represented as a dictionary."""
grant = {"code": common.generate_token()}
if hasattr(request, "state") and request.state:
grant["state"] = request.state
log.debug("Created authorization code grant %r for request %r.", grant, request)
return grant
def random_token_generator(request, refresh_token=False):
"""
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:param refresh_token:
"""
return common.generate_token()
def authorized(self, request_token, request = None):
"""Create a verifier for an user authorized client"""
verifier = generate_token(length=self.verifier_length[1])
self.save_verifier(request_token, verifier)
#if request:
# response = dict(request.args.items())
#else:
response = {}
# Alright, now for the fun part!
# We need to retrieve the user's unique ID for the service
# the app just authenticated with them through us.
service = session['realm']
uid = APIS[service].get_uid(request)
if uid:
response.update({'uid': uid, 'service': service})
# Are we logged in?
if current_user.is_authenticated():
response.update({'btid': current_user.get_id()})
response.update(
{u'oauth_token': request_token,
u'oauth_verifier': verifier})
callback = self.get_callback(request_token)
return redirect(add_params_to_uri(callback, response.items()))
def convert_token(request, backend):
if request.method == 'POST':
client_id = request.POST.get("client_id")
client_secret = request.POST.get("client_secret")
my_app = get_object_or_404(Application, client_id=client_id, client_secret=client_secret)
params = dict(code=request.GET.get("token"),
client_id=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_KEY,
client_secret=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET,
redirect_uri=settings.SECRET_URI,
grant_type="authorization_code")
response = requests.post("https://www.googleapis.com/oauth2/v3/token", data=params).json()
user = request.backend.do_auth(response.get("access_token"))
if user and user.is_authenticated and user.is_active:
old_token = AccessToken.objects.filter(user = user)
if len(old_token)>0:
return Response({'access_token':old_token[0].token})
else:
my_access_token = AccessToken.objects.create(user=user, token=generate_token(), application=my_app,
expires=datetime(2020,1,1), scope='create chatrooms')
return Response({'access_token':my_access_token.token})
else:
raise PermissionDenied("User is not authenticated.")
else:
raise PermissionError("Method not available")
def make_random_string_char_and_number(str_length=32):
"""
生成英文字符和数字混合型的字符串(最大长度:128位)
"""
if str_length > 128:
str_length = 128
return generate_token(length=str_length)
def _get_user_token(self):
"""
Returns an access token for the user. This function facilitates interactions
with the bundle service.
"""
CLIENT_ID = 'codalab_cli_client'
if request.user is None:
return None
# Try to find an existing token that will work.
token = local.model.find_oauth2_token(
CLIENT_ID,
request.user.user_id,
datetime.utcnow() + timedelta(minutes=5))
if token is not None:
return token.access_token
# Otherwise, generate a new one.
token = OAuth2Token(
local.model,
access_token=generate_token(),
refresh_token=None,
scopes='',
expires=datetime.utcnow() + timedelta(hours=10),
client_id=CLIENT_ID,
user_id=request.user.user_id,
)
local.model.save_oauth2_token(token)
return token.access_token
def test_constructor(self):
client_id = generate_client_id()
client_secret = generate_token()
tc = ToolConsumer(client_id, client_secret,
launch_url='http://example.edu')
self.assertIsInstance(tc.launch_params, LaunchParams)
lp = LaunchParams()
tc = ToolConsumer(client_id, client_secret,
launch_url='http://example.edu', params=lp)
self.assertEqual(tc.launch_params, lp)
lp_dict = {'resource_link_id': 1}
tc = ToolConsumer(client_id, client_secret,
launch_url='http://example.edu',
params=lp_dict)
self.assertIsInstance(tc.launch_params, LaunchParams)
self.assertEqual(tc.launch_params._params.get('resource_link_id'), 1)
# no launch_url should raise exception
self.failUnlessRaises(InvalidLTIConfigError, ToolConsumer,
client_id, client_secret,
params=lp_dict)
# but confirm that 'launch_url' can still be passed in params
# (backwards compatibility)
lp_dict['launch_url'] = 'http://example.edu'
tc = ToolConsumer(client_id, client_secret, params=lp_dict)
self.assertEqual(tc.launch_url, 'http://example.edu')
def random_token_generator(request, refresh_token=False):
"""
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:param refresh_token:
"""
return common.generate_token()
def get_dictation_token():
user = request.oauth.user
asr_token = IssuedToken.query.filter_by(user_id=user.id,
scopes='{asr}').first()
if not asr_token:
asr_token = IssuedToken(
user_id=user.id,
client_id='asr',
scopes=['asr'],
expires=datetime.datetime.utcnow() + datetime.timedelta(days=3650),
access_token=generate_token(
15, 'abcdefghijklmnopqrsstuvwxyz0123456789'),
refresh_token=generate_token())
db.session.add(asr_token)
db.session.commit()
return jsonify(token=asr_token.access_token)
def _get_access_token(self, user_id=None, create=False):
self.ensure_one()
if not user_id:
user_id = self.env.user.id
access_token = self.env['oauth.access_token'].sudo().search(
[('application_id', '=', self.id), ('user_id', '=', user_id)],
order='id DESC',
limit=1)
if access_token:
access_token = access_token[0]
if access_token.is_expired():
access_token = None
if not access_token and create:
expires = datetime.now() + timedelta(seconds=60 * 60)
vals = {
'user_id': user_id,
'scope': 'userinfo',
'expires': expires.strftime(DEFAULT_SERVER_DATETIME_FORMAT),
'token': oauthlib_common.generate_token(),
'application_id': self.id,
}
access_token = self.env['oauth.access_token'].create(vals)
# we have to commit now, because /oauth2/tokeninfo could
# be called before we finish current transaction.
self._cr.commit()
if not access_token:
return None
return access_token.token
def login(request):
# this view can be called directly by django admin site from
# any url, or can be accessed by the login url if the urls
# from this app were included
if request.path == reverse(oauthadmin.views.login):
# if this view is being accessed from login url look for 'next'
# in query string to use as destination after the login is complete
next = request.GET.get('next')
else:
# otherwise the django admin site called this view from another view.
# Django admin doesn't redirect to login url if login is required, it
# calls the view directly (django 1.7 fixed this and redirects and we
# don't support it yet)
next = request.get_full_path()
redirect_uri = request.build_absolute_uri(
reverse(oauthadmin.views.callback))
state_token = generate_token()
state = base64.b64encode(
json.dumps({
"state": state_token,
"next": next
}).encode('utf-8'))
oauth = OAuth2Session(
client_id=app_setting('CLIENT_ID'),
redirect_uri=redirect_uri,
scope=["default"],
state=state,
)
authorization_url, state = oauth.authorization_url(app_setting('AUTH_URL'))
request.session['oauth_state'] = state
return redirect(authorization_url)
def login(request):
# this view can be called directly by django admin site from
# any url, or can be accessed by the login url if the urls
# from this app were included
if request.path == reverse(oauthadmin.views.login):
# if this view is being accessed from login url look for 'next'
# in query string to use as destination after the login is complete
next = request.GET.get('next')
else:
# otherwise the django admin site called this view from another view.
# Django admin doesn't redirect to login url if login is required, it
# calls the view directly (django 1.7 fixed this and redirects and we
# don't support it yet)
next = request.get_full_path()
redirect_uri = request.build_absolute_uri(reverse(oauthadmin.views.callback))
state_token = generate_token()
state=base64.b64encode(json.dumps({"state": state_token, "next": next}).encode('utf-8'))
oauth = OAuth2Session(
client_id=app_setting('CLIENT_ID'),
redirect_uri=redirect_uri,
scope=["default"],
state=state,
)
authorization_url, state = oauth.authorization_url(app_setting('AUTH_URL'))
request.session['oauth_state'] = state
return redirect(authorization_url)
def _get_access_token(self, user_id=None, create=False):
self.ensure_one()
if not user_id:
user_id = self.env.user.id
access_token = self.env['oauth.access_token'].sudo().search([('application_id', '=', self.id), ('user_id', '=', user_id)], order='id DESC', limit=1)
if access_token:
access_token = access_token[0]
if access_token.is_expired():
access_token = None
if not access_token and create:
expires = datetime.now() + timedelta(seconds=60*60)
vals = {
'user_id': user_id,
'scope': 'userinfo',
'expires': expires.strftime(DEFAULT_SERVER_DATETIME_FORMAT),
'token': oauthlib_common.generate_token(),
'application_id': self.id,
}
access_token = self.env['oauth.access_token'].create(vals)
# we have to commit now, because /oauth2/tokeninfo could
# be called before we finish current transaction.
self._cr.commit()
if not access_token:
return None
return access_token.token
def get_user_token(user):
"""
Returns an access token for the given user. This function facilitates
interactions with the bundle service.
"""
if user is None or not user.is_authenticated():
return None
client = Application.objects.get(client_id=cli_client_id(user))
tokens = AccessToken.objects.filter(application_id=client.id,
expires__gt=timezone.now() + timedelta(minutes=5))
access_token = None
for token in tokens:
if token.is_valid([]):
access_token = token
break
if access_token is None:
access_token = AccessToken(
user=user,
scope='',
expires=timezone.now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS),
token=generate_token(),
application=client)
access_token.save()
return str(access_token.token)
def get_user_token():
"""
Returns an access token for the authenticated user.
This function facilitates interactions with the bundle service.
"""
CLIENT_ID = 'codalab_cli_client'
if not request.user.is_authenticated:
return None
# Try to find an existing token that will work.
token = local.model.find_oauth2_token(
CLIENT_ID, request.user.user_id,
datetime.utcnow() + timedelta(minutes=5))
if token is not None:
return token.access_token
# Otherwise, generate a new one.
token = OAuth2Token(
local.model,
access_token=generate_token(),
refresh_token=None,
scopes='',
expires=datetime.utcnow() + timedelta(hours=10),
client_id=CLIENT_ID,
user_id=request.user.user_id,
)
local.model.save_oauth2_token(token)
return token.access_token
def test_constructor(self):
client_id = generate_client_id()
client_secret = generate_token()
tc = ContentItemResponse(client_id, client_secret,
launch_url='http://example.edu')
self.assertIsInstance(tc.launch_params, LaunchParams)
lp = LaunchParams()
tc = ContentItemResponse(client_id, client_secret,
launch_url='http://example.edu', params=lp)
self.assertEqual(tc.launch_params, lp)
lp_dict = {'resource_link_id': 1}
tc = ContentItemResponse(client_id, client_secret,
launch_url='http://example.edu',
params=lp_dict)
self.assertIsInstance(tc.launch_params, LaunchParams)
self.assertEqual(tc.launch_params._params.get('resource_link_id'), 1)
# no launch_url should raise exception
self.failUnlessRaises(InvalidLTIConfigError, ContentItemResponse,
client_id, client_secret,
params=lp_dict)
# but confirm that 'launch_url' can still be passed in params
# (backwards compatibility)
lp_dict['launch_url'] = 'http://example.edu'
tc = ContentItemResponse(client_id, client_secret, params=lp_dict)
self.assertEqual(tc.launch_url, 'http://example.edu')
def create_authorization_code(self, request):
"""Generates an authorization grant represented as a dictionary."""
grant = {'code': common.generate_token()}
if hasattr(request, 'state') and request.state:
grant['state'] = request.state
log.debug('Created authorization code grant %r for request %r.',
grant, request)
return grant
def create_access_token(user, scope):
"""
Takes a user instance and return an access_token as a JsonResponse
instance.
:param user: django user instance
:param scope: should be valid oauth scope value
:return: Token dictionary object
"""
# retrieve our oauth2 application model
app = get_application_model().objects.get(name=settings.OAUTH2_APPLICATION_NAME)
# Delete any existing access and refresh tokens.
try:
at = AccessToken.objects.get(user=user, application=app)
RefreshToken.objects.get(user=user, access_token=at).delete()
at.delete()
except:
pass
# Generate new tokens
atoken = generate_token()
rtoken = generate_token()
# Setup the access token expiration value.
expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
# Create the access token model object.
access_token = AccessToken.objects.\
create(user=user,
application=app,
expires=expires,
token=atoken,
scope=scope)
# Create the refresh token model object.
RefreshToken.objects.\
create(user=user,
application=app,
token=rtoken,
access_token=access_token)
# Return dictionary object with token information.
return build_token_dict(access_token)
def create_token(self, request, refresh_token=False):
"""Create a BearerToken, by default without refresh token."""
token = {
'access_token': common.generate_token(),
'expires_in': self.expires_in,
'token_type': 'Bearer',
}
if request.scopes is not None:
token['scope'] = ' '.join(request.scopes)
if request.state is not None:
token['state'] = request.state
if refresh_token:
token['refresh_token'] = common.generate_token()
self.request_validator.save_bearer_token(request, token)
return token
def get_admin_token():
Application = get_application_model()
app = Application.objects.get(name="GeoServer")
token = generate_token()
AccessToken.objects.get_or_create(
user=get_default_user(),
application=app,
expires=datetime.datetime.now() + datetime.timedelta(days=3),
token=token)
return token
def create_tp(key=None, secret=None, lp=None, launch_url=None,
launch_headers=None, tp_class=ToolProvider):
key = key or generate_client_id()
secret = secret or generate_token()
launch_params = LaunchParams()
if lp is not None:
launch_params.update(lp)
launch_url = launch_url or "http://example.edu"
launch_headers = launch_headers or {}
return tp_class(key, secret, launch_params, launch_url, launch_headers)
def authorized(self, request_token):
"""Create a verifier for an user authorized client"""
verifier = generate_token(length=self.verifier_length[1])
self.save_verifier(request_token, verifier)
response = [
(u'oauth_token', request_token),
(u'oauth_verifier', verifier)
]
callback = self.get_callback(request_token)
return redirect(add_params_to_uri(callback, response))
