def set_oauth_token(self, **auth_args):
"""Creates or updates an authorization
Args:
auth_args: dict, contains the properties of the authorization to set
Returns:
tuple containing uuid and boolean indicating authorization newness
"""
assert auth_args.get('client_name') is not None
assert auth_args.get('service_name') is not None
assert auth_args.get('user_id') is not None
# 1) Do we have a UUID for this tuple?
authz = yield Authz.find(
where=self.args_to_where(
client_name=auth_args['client_name'],
service_name=auth_args['service_name'],
user_id=auth_args['user_id'],
),
limit=1,
)
# 2) If not, create a UUID and write it.
if not authz:
uuid = get_uuid()
authz = yield Authz(
client_name=auth_args.get('client_name', None),
expired_on_timestamp=auth_args.get('expired_on_timestamp', None),
redirect_uri=auth_args.get('redirect_uri', None),
refresh_token=auth_args.get('refresh_token', None),
secret=auth_args.get('secret', None),
service_name=auth_args.get('service_name', None),
state=auth_args.get('state', None),
token=auth_args.get('token', None),
user_id=auth_args.get('user_id', None),
uuid=uuid,
).save()
# Sometimes Twistar doesn't return the created row's id after a call
# to save(). In that case, hit the DB and grab the object.
if not authz.id:
authz = yield Authz.find(
where=self.args_to_where(
uuid=uuid,
),
limit=1
)
authz.is_new = True
else:
uuid = authz.uuid
authz.is_new = False
attrs = {}
if auth_args.get('token') and auth_args['token'] != authz.token:
attrs['token'] = auth_args['token']
if auth_args.get('secret') and auth_args['secret'] != authz.secret:
attrs['secret'] = auth_args['secret']
if len(attrs):
authz.updateAttrs(attrs)
authz = yield authz.save()
defer.returnValue(authz)
def get_oauth_token(self, **kwargs):
"""
Retrieve an authorization given a set of possible parameters:
* UUID - can be a list or a single UUID
If UUID is not passed in, then client_name and service_name must be
provided. user_id can also be passed in. This will be used to get a list
of UUIDs.
Then, once a list of UUIDs is generated, then the client_name and/or
service_name (if either is provided) will be used to winnow the list
down.
"""
# We might get a UUID or a client_name/service_name/user_id tuple.
uuid = kwargs.get('uuid')
if not uuid:
assert kwargs.get('client_name') != None
assert kwargs.get('service_name') != None
authz = yield Authz.find(where=self.args_to_where(**kwargs), limit=1)
if not authz:
defer.returnValue(dict())
else:
uuid = authz.uuid
if type(uuid) == list:
authz = yield defer.gatherResults([
Authz.find(where=['uuid = ?', this], limit=1) for this in uuid
])
authz = [this for this in authz if this]
if kwargs.get('client_name'):
authz = [
this for this in authz
if this.client_name == kwargs['client_name']
]
if kwargs.get('service_name'):
if type(kwargs['service_name']) != list:
kwargs['service_name'] = [kwargs['service_name']]
authz = [
this for this in authz
if this.service_name in kwargs['service_name']
]
else:
authz = yield Authz.find(where=['uuid = ?', uuid], limit=1)
if not authz:
defer.returnValue(None)
if kwargs.get('client_name'):
if kwargs['client_name'] != authz.client_name:
authz = None
if kwargs.get('service_name'):
if kwargs['service_name'] != authz.service_name:
authz = None
defer.returnValue(authz)
def delete_oauth_token(self, **kwargs):
# We might get a UUID or a client_name/service_name/user_id tuple.
# This operation never fails.
uuid = kwargs.get('uuid')
if uuid:
yield Authz.deleteAll(where=['uuid = ?', uuid])
defer.returnValue(True)
else:
assert kwargs.get('client_name') != None
assert kwargs.get('service_name') != None
assert kwargs.get('user_id') != None
yield Authz.deleteAll(where=self.args_to_where(**kwargs))
defer.returnValue(True)
def _write(self, uuid=None, timestamp=0, method='foo', data=None):
if not uuid:
if hasattr(self, 'uuid'):
uuid = self.uuid
else:
uuid = 'abcd'
found = yield Authz.find(
where=[
'uuid = ?',
uuid
]
)
if not found:
# Set up a test authorization.
auth = yield Authz(
uuid=uuid,
user_id='a1234',
client_name='testing',
service_name='loopback',
token='abcd',
).save()
result = yield self.db.write_value(uuid=uuid, timestamp=timestamp, method=method, data=data)
defer.returnValue(result)
def expire_oauth_token(self, **kwargs):
"Expire the oauth token."
assert 'uuid' in kwargs
assert 'timestamp' in kwargs
authz = yield Authz.find(where=['uuid = ?', kwargs['uuid']], limit=1)
authz.expired_on_timestamp = kwargs['timestamp']
yield authz.save()
def finish_authorization(self, client_name, **kwargs):
"""
The entry point for finishing authorization. This assumes that it was
called using the parameters that start_authorization() provided, plus
the original redirect_uri as passed into start_authorization().
"""
self.ensure_arguments(
['redirect_uri', 'username'],
kwargs.get('args', {}),
)
authorization = Authz(
client_name=client_name,
service_name=self.name,
token=self.oauth_token,
user_id=kwargs['args']['username'],
)
d = authorization.set_token(self.datastore)
def return_authz(_):
return authorization
d.addCallback(return_authz)
return d
def delete_user_data(self, **kwargs):
"Delete all the user-data"
# We might get a UUID or a client_name/service_name/user_id tuple.
uuid = kwargs.get('uuid')
if not uuid:
assert kwargs.get('client_name') != None
assert kwargs.get('service_name') != None
assert kwargs.get('user_id') != None
authz = yield Authz.find(where=self.args_to_where(**kwargs), limit=1)
if authz:
uuid = authz.uuid
else:
defer.returnValue(False)
yield UserData.deleteAll(where=['uuid = ?', uuid])
yield GranularData.deleteAll(where=['uuid = ?', uuid])
yield StreamCache.deleteAll(where=['uuid = ?', uuid])
defer.returnValue(True)
