def post(self): if not self.validate_params(): return # TODO: check for some sort of cross site request forgery? sign the request? if self.request.get('authorize').lower() == 'no': self.authz_error('access_denied', "The user did not allow authorization.") return response_type = self.request.get('response_type') if response_type in ['code', 'code_and_token']: code = OAuth_Authorization( user_id = self.user.user_id(), client_id = self.client.client_id, redirect_uri = self.redirect_uri, ) code.put() code = code.serialize(state=self.request.get('state')) else: code = None if response_type in ['token', 'code_and_token']: token = OAuth_Token( user_id = self.user.user_id(), client_id = self.client.client_id, scope = self.request.get('scope'), ) token.put(can_refresh=False) token = token.serialize(requested_scope=self.request.get('scope')) else: token = None self.authz_redirect(code, token)
def post(self): if not self.validate_params(): return # TODO: check for some sort of cross site request forgery? sign the request? if self.request.get('authorize').lower() == 'no': self.authz_error('access_denied', "The user did not allow authorization.") return response_type = self.request.get('response_type') if response_type in ['code', 'code_and_token']: code = OAuth_Authorization( user_id=self.user.user_id(), client_id=self.client.client_id, redirect_uri=self.redirect_uri, ) code.put() code = code.serialize(state=self.request.get('state')) else: code = None if response_type in ['token', 'code_and_token']: token = OAuth_Token( user_id=self.user.user_id(), client_id=self.client.client_id, scope=self.request.get('scope'), ) token.put(can_refresh=False) token = token.serialize(requested_scope=self.request.get('scope')) else: token = None self.authz_redirect(code, token)
def handle_authorization_code(self, client, scope=None): authorization = OAuth_Authorization.get_by_code(self.request.get('code')) redirect_uri = self.request.get('redirect_uri') if not authorization or not authorization.validate(code, redirect_uri, client.client_id): self.render_error('invalid_grant', "Authorization code expired or invalid.") return token = OAuth_Token( user_id = authorization.user_id, client_id = authorization.client_id, scope = scope, ) token.put() authorization.delete() self.render_response(token)
def handle_authorization_code(self, client, scope=None): authorization = OAuth_Authorization.get_by_code( self.request.get('code')) redirect_uri = self.request.get('redirect_url') if not authorization or not authorization.validate( code, redirect_uri, client.client_id): self.render_error('invalid_grant', "Authorization code expired or invalid.") return token = OAuth_Token( user_id=authorization.user_id, client_id=authorization.client_id, scope=scope, ) token.put() authorization.delete() self.render_response(token)