def access_token_response(self, access_token):
"""
Returns a successful response after creating the access token
as defined in :rfc:`5.1`.
"""
user = access_token.user
if not user.is_active:
raise AuthenticationFailed('User inactive or deleted.')
# set the request user in case it is not set
self.request.user = user
user_dict = UserDetailSerializer(user,
context={
'request': self.request
}).data
response_data = {
'access_token': access_token.token,
'token_type': provider_constants.TOKEN_TYPE,
'expires_in': access_token.get_expire_delta(),
'scope': ' '.join(provider_scope.names(access_token.scope)),
'user': user_dict,
}
# Not all access_tokens are given a refresh_token
# (for example, public clients doing password auth)
try:
rt = access_token.refresh_token
response_data['refresh_token'] = rt.token
except ObjectDoesNotExist:
pass
return Response(response_data)
def access_token_response_data(self,
access_token,
response_type=None,
nonce=''):
"""
Returns access token data as defined in :rfc:`5.1`.
Derived classes can override to add extra parameters.
"""
response_data = {
'access_token': access_token.token,
'token_type': constants.TOKEN_TYPE,
'expires_in': access_token.get_expire_delta(),
'scope': ' '.join(scope.names(access_token.scope)),
}
# Not all access_tokens are given a refresh_token
# (for example, public clients doing password auth)
try:
rt = access_token.refresh_token
response_data['refresh_token'] = rt.token
except ObjectDoesNotExist:
pass
return response_data
def test_template_filter(self):
names = scopes(constants.READ)
self.assertEqual('read', ' '.join(names))
names = scope.names(constants.READ_WRITE)
names.sort()
self.assertEqual('read read+write write', ' '.join(names))
def test_get_scope_names(self):
names = scope.to_names(constants.READ)
self.assertEqual('read', ' '.join(names))
names = scope.names(constants.READ_WRITE)
names.sort()
self.assertEqual('read read+write write', ' '.join(names))
def test_template_filter(self):
names = scopes(constants.READ)
self.assertEqual('read', ' '.join(names))
names = scope.names(constants.READ_WRITE)
names.sort()
self.assertEqual('read write', ' '.join(names))
def test_get_scope_names(self):
names = scope.to_names(constants.READ)
self.assertEqual('read', ' '.join(names))
names = scope.names(constants.READ_WRITE)
names.sort()
self.assertEqual('read write', ' '.join(names))
def access_token_response(self, access_token):
"""
Returns a successful response after creating the access token
as defined in :draft:`5.1`.
"""
return HttpResponse(
json.dumps({
'access_token': access_token.token,
'expires_in': access_token.get_expire_delta(),
'refresh_token': access_token.refresh_token.token,
'scope': ' '.join(scope.names(access_token.scope)),
}), mimetype='application/json'
)
def assert_valid_access_token_response(self, access_token, response):
""" Verifies the content of the response contains a JSON representation of the access token.
Note:
The access token should NOT have an associated refresh token.
"""
expected = {
u'access_token': access_token.token,
u'token_type': constants.TOKEN_TYPE,
u'expires_in': access_token.get_expire_delta(),
u'scope': u' '.join(scope.names(access_token.scope)),
}
self.assertEqual(json.loads(response.content.decode()), expected)
def access_token_response(self, access_token):
"""
Returns a successful response after creating the access token
as defined in :rfc:`5.1`.
"""
response_data = {
'access_token': access_token.token,
'token_type': constants.TOKEN_TYPE,
'expires_in': access_token.get_expire_delta(),
'scope': ' '.join(scope.names(access_token.scope)),
}
# Not all access_tokens are given a refresh_token
# (for example, public clients doing password auth)
try:
rt = access_token.refresh_token
response_data['refresh_token'] = rt.token
except ObjectDoesNotExist:
pass
return HttpResponse(
json.dumps(response_data), #mimetype='application/json'
)
