def grant_redirect(self): """On successful authorization of the request, return a Django HttpResponseRedirect with the appropriate authorization code parameters or access token URI fragments.. Raises UnvalidatedRequest if the request has not been validated. *Returns HttpResponseRedirect*""" if not self.valid: raise UnvalidatedRequest("This request is invalid or has not " "been validated.") if self.user.is_authenticated(): parameters = {} fragments = {} if self.scope is not None: access_ranges = list(AccessRange.objects.filter(key__in=self.scope)) else: access_ranges = [] if RESPONSE_TYPES[self.response_type] & CODE != 0: code = Code.objects.create( user=self.user, client=self.client, redirect_uri=self.redirect_uri) code.scope.add(*access_ranges) code.save() parameters['code'] = code.key if RESPONSE_TYPES[self.response_type] & TOKEN != 0: access_token = AccessToken.objects.create( user=self.user, client=self.client) access_token.scope = access_ranges fragments['access_token'] = access_token.token if access_token.refreshable: fragments['refresh_token'] = access_token.refresh_token fragments['expires_in'] = ACCESS_TOKEN_EXPIRATION if self.scope is not None: fragments['scope'] = ' '.join(self.scope) if self.authentication_method == MAC: access_token.mac_key = KeyGenerator(MAC_KEY_LENGTH)() fragments["mac_key"] = access_token.mac_key fragments["mac_algorithm"] = "hmac-sha-256" fragments["token_type"] = "mac" elif self.authentication_method == BEARER: fragments["token_type"] = "bearer" access_token.save() if self.state is not None: parameters['state'] = self.state redirect_uri = add_parameters(self.redirect_uri, parameters) redirect_uri = add_fragments(redirect_uri, fragments) response = HttpResponse("", status=302) response["Location"] = redirect_uri return response else: raise UnauthenticatedUser("Django user object associated with the " "request is not authenticated.")
def grant_redirect(self): """On successful authorization of the request, return a Django HttpResponseRedirect with the appropriate authorization code parameters or access token URI fragments.. Raises UnvalidatedRequest if the request has not been validated. *Returns HttpResponseRedirect*""" if not self.valid: raise UnvalidatedRequest("This request is invalid or has not " "been validated.") if self.user.is_authenticated(): parameters = {} fragments = {} if self.scope is not None: access_ranges = list( AccessRange.objects.filter(key__in=self.scope)) else: access_ranges = [] if RESPONSE_TYPES[self.response_type] & CODE != 0: code = Code.objects.create(user=self.user, client=self.client, redirect_uri=self.redirect_uri) code.scope.add(*access_ranges) code.save() parameters['code'] = code.key if RESPONSE_TYPES[self.response_type] & TOKEN != 0: access_token = AccessToken.objects.create(user=self.user, client=self.client) access_token.scope = access_ranges fragments['access_token'] = access_token.token if access_token.refreshable: fragments['refresh_token'] = access_token.refresh_token fragments['expires_in'] = ACCESS_TOKEN_EXPIRATION if self.scope is not None: fragments['scope'] = ' '.join(self.scope) if self.authentication_method == MAC: access_token.mac_key = KeyGenerator(MAC_KEY_LENGTH)() fragments["mac_key"] = access_token.mac_key fragments["mac_algorithm"] = "hmac-sha-256" fragments["token_type"] = "mac" elif self.authentication_method == BEARER: fragments["token_type"] = "bearer" access_token.save() if self.state is not None: parameters['state'] = self.state redirect_uri = add_parameters(self.redirect_uri, parameters) redirect_uri = add_fragments(redirect_uri, fragments) response = HttpResponse("", status=302) response["Location"] = redirect_uri return response else: raise UnauthenticatedUser("Django user object associated with the " "request is not authenticated.")
def error_redirect(self): """In the event of an error, return a Django HttpResponseRedirect with the appropriate error parameters. Raises MissingRedirectURI if no redirect_uri is available. *Returns HttpResponseRedirect*""" self._check_redirect_uri() if self.error is not None: e = self.error else: e = AccessDenied("Access Denied.") parameters = {'error': e.error, 'error_description': u'%s' % e.message} if self.state is not None: parameters['state'] = self.state redirect_uri = self.redirect_uri if self.authorized_response_type & CODE != 0: redirect_uri = add_parameters(redirect_uri, parameters) if self.authorized_response_type & TOKEN != 0: redirect_uri = add_fragments(redirect_uri, parameters) response = HttpResponse("", status=302) response["Location"] = redirect_uri return response