def generate_token(self, client_id, refresh_token, user_id, scope=None):
if not refresh_token:
refresh_token = generate_string(self.token_length)
access_token = generate_string(self.token_length)
expires = datetime.now(pytz.utc) + timedelta(seconds=self.token_expire)
self.persist_token(client_id, scope, refresh_token, access_token, expires, user_id)
return access_token, 'Bearer', self.token_expire, refresh_token
def create(name, user_id, desc, website, redirect_uri):
"""Creates new OAuth client and generates a secret key for it.
Args:
user_id: ID of a user who manages the client.
name: Name of the client.
desc: Client description.
website: Client web site.
redirect_uri: URI where responses will be sent.
Returns:
New OAuth client ID.
"""
client_id = generate_string(20)
with db.engine.connect() as connection:
connection.execute(sqlalchemy.text("""
INSERT INTO oauth_client (client_id, client_secret, redirect_uri, user_id, name, description, website)
VALUES (:client_id, :client_secret, :redirect_uri, :user_id, :name, :description, :website)
"""), {
"client_id": client_id,
"client_secret": generate_string(40),
"redirect_uri": redirect_uri,
"user_id": user_id,
"name": name,
"description": desc,
"website": website,
})
return client_id
def create(name, user_id, desc, website, redirect_uri):
"""Creates new OAuth client and generates a secret key for it.
Args:
user_id: ID of a user who manages the client.
name: Name of the client.
desc: Client description.
website: Client web site.
redirect_uri: URI where responses will be sent.
Returns:
New OAuth client ID.
"""
client_id = generate_string(20)
with db.engine.connect() as connection:
connection.execute(
sqlalchemy.text("""
INSERT INTO oauth_client (client_id, client_secret, redirect_uri, user_id, name, description, website)
VALUES (:client_id, :client_secret, :redirect_uri, :user_id, :name, :description, :website)
"""), {
"client_id": client_id,
"client_secret": generate_string(40),
"redirect_uri": redirect_uri,
"user_id": user_id,
"name": name,
"description": desc,
"website": website,
})
return client_id
def test_generate_string(self):
length = 42
str_1 = utils.generate_string(length)
str_2 = utils.generate_string(length)
self.assertEqual(len(str_1), length)
self.assertEqual(len(str_2), length)
self.assertNotEqual(str_1, str_2) # Generated strings shouldn't be the same
def generate_token(self, client_id, refresh_token, user_id, scope=None):
if not refresh_token:
refresh_token = generate_string(self.token_length)
access_token = generate_string(self.token_length)
expires = datetime.now(pytz.utc) + timedelta(seconds=self.token_expire)
self.persist_token(client_id, scope, refresh_token, access_token,
expires, user_id)
return access_token, 'Bearer', self.token_expire, refresh_token
def generate_token(cls, owner_id):
"""Generates new token for a specified user and revokes all other
tokens owned by this user.
Returns:
Value of the new token.
"""
if owner_id is not None:
last_hour_q = cls.query.filter(
cls.owner_id == owner_id,
cls.created > datetime.utcnow() - timedelta(hours=1),
)
if last_hour_q.count() > 0:
raise TokenGenerationLimitException("Can't generate more than one token per hour.")
cls.revoke_tokens(owner_id)
new_token = cls(
value=generate_string(TOKEN_LENGTH),
owner_id=owner_id,
)
db.session.add(new_token)
db.session.commit()
TokenLog.create_record(new_token.value, token_log.ACTION_CREATE)
return new_token.value
def generate_token(cls, owner_id):
"""Generates new token for a specified user and revokes all other
tokens owned by this user.
Returns:
Value of the new token.
"""
if owner_id is not None:
last_hour_q = cls.query.filter(
cls.owner_id == owner_id,
cls.created > datetime.utcnow() - timedelta(hours=1),
)
if last_hour_q.count() > 0:
raise TokenGenerationLimitException(
"Can't generate more than one token per hour.")
cls.revoke_tokens(owner_id)
new_token = cls(
value=generate_string(TOKEN_LENGTH),
owner_id=owner_id,
)
db.session.add(new_token)
db.session.commit()
TokenLog.create_record(new_token.value, token_log.ACTION_CREATE)
return new_token.value
def get_authentication_uri():
"""Prepare and return URL to authentication service login form."""
csrf = generate_string(20)
session.persist_data(csrf=csrf)
params = {
'response_type': 'code',
'redirect_uri': url_for(
'users.musicbrainz_post',
_external=True,
_scheme=current_app.config['PREFERRED_URL_SCHEME'],
),
'scope': 'profile email',
'state': csrf,
}
return _musicbrainz_service.get_authorize_url(**params)
def get_authentication_uri():
"""Prepare and return URL to authentication service login form."""
csrf = generate_string(20)
session.persist_data(csrf=csrf)
params = {
'response_type': 'code',
'redirect_uri': url_for(
'users.musicbrainz_post',
_external=True,
_scheme=current_app.config['PREFERRED_URL_SCHEME'],
),
'scope': 'profile email',
'state': csrf,
}
return _musicbrainz_service.get_authorize_url(**params)
def generate_grant(self, client_id, user_id, redirect_uri, scope=None):
code = generate_string(self.token_length)
expires = datetime.now(pytz.utc) + timedelta(seconds=self.grant_expire)
self.persist_grant(client_id, code, scope, expires, redirect_uri, user_id)
return code
def generate_grant(self, client_id, user_id, redirect_uri, scope=None):
code = generate_string(self.token_length)
expires = datetime.now(pytz.utc) + timedelta(seconds=self.grant_expire)
self.persist_grant(client_id, code, scope, expires, redirect_uri,
user_id)
return code
