def _generate_session():
"""
Handle the case when a user is redirected from PayPal back to the
homepage
"""
if "token" not in session:
# XXX There will need to be error handling for bad responses
response = oauth.exchange_auth_code(request.args.get("code"))
session["token"] = make_secure_oauth_cookie(response)
def _handle_expired_tokens():
"""
Attempt to obtain a new token using the refresh token. It that doesn't
work, re-direct the user to the PayPal login
"""
try:
response = oauth.use_refresh_token(
session["token"]["paypal_session"]["refresh_token"]
)
except StatusCodeError:
redirect(make_consent_url(**get_consent_params()))
else:
session["token"] = make_secure_oauth_cookie(response)