def authenticate(self, request, authorization_request):
user = request.user
if not user.is_authenticated():
return handle_login_request(request, authorization_request_key=authorization_request.key)
#if True:
# return handle_scope_request(request, authorization_request_key=authorization_request.key)
return authorization_grant_response(authorization_request, user, '')
def handle_scope_response(request):
authorization_request = get_object_or_404(AuthorizationRequest, key=request.POST.get('authorization_request_key'))
form = ScopeForm(authorization_request, data=request.POST)
if form.is_valid():
status = form.cleaned_data.get('status')
scope = form.cleaned_data.get('scope')
if status == STATUS_GRANT:
return authorization_grant_response(authorization_request, request.user, scope)
return authorization_deny_response(authorization_request)
return generate_scope_page(request, form, authorization_request)
def handle_login_response(request):
form = AuthenticationForm(data=request.POST)
if form.is_valid():
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if True:
authorization_request = get_object_or_404(
AuthorizationRequest,
key=form.cleaned_data.get('authorization_request_key')
)
return authorization_grant_response(authorization_request, request.user, '')
return handle_scope_request(request, form.cleaned_data.get('authorization_request_key'))
return generate_login_page(request, form)
def test_token(self):
redirect_uri = 'http://www.google.fr'
c = Client.objects.create(
key='test',
name='test client',
authorized_reponse_types=appconsts.RESPONSE_TYPES,
)
r = AuthorizationRequest.objects.create(
response_type=appconsts.RESPONSE_TYPE_TOKEN,
client=c,
redirect_uri=redirect_uri,
)
user = self.getuser()
response = authorization_grant_response(r, user, 'foobar')
self.assertAuthorizeGrantToken(
response,
redirect_uri,
AccessToken.objects.get().token,
)
