def validate_access_token(access_token):
assert isinstance(access_token, str)
token_name = access_token[:ACCESS_TOKEN_PREFIX_LENGTH]
if not token_name:
return None
token_code = access_token[ACCESS_TOKEN_PREFIX_LENGTH:]
if not token_code:
return None
try:
found = (
OAuthAccessToken.select(OAuthAccessToken, User)
.join(User)
.where(OAuthAccessToken.token_name == token_name)
.get()
)
if found.token_code is None or not found.token_code.matches(token_code):
return None
return found
except OAuthAccessToken.DoesNotExist:
pass
return None
def lookup_access_token_for_user(user_obj, token_uuid):
try:
return (OAuthAccessToken.select(
OAuthAccessToken, User).join(User).where(
OAuthAccessToken.authorized_user == user_obj,
OAuthAccessToken.uuid == token_uuid).get())
except OAuthAccessToken.DoesNotExist:
return None
def list_access_tokens_for_user(user_obj):
query = (
OAuthAccessToken.select()
.join(OAuthApplication)
.switch(OAuthAccessToken)
.join(User)
.where(OAuthAccessToken.authorized_user == user_obj)
)
return query
def load_authorized_scope_string(self, client_id, username):
found = (OAuthAccessToken.select().join(OAuthApplication).switch(
OAuthAccessToken).join(User).where(
OAuthApplication.client_id == client_id,
User.username == username,
OAuthAccessToken.expires_at > datetime.utcnow()))
found = list(found)
logger.debug('Found %s matching tokens.', len(found))
long_scope_string = ','.join([token.scope for token in found])
logger.debug('Computed long scope string: %s', long_scope_string)
return long_scope_string
def validate_access_token(access_token):
assert isinstance(access_token, basestring)
token_name = access_token[:ACCESS_TOKEN_PREFIX_LENGTH]
if not token_name:
return None
token_code = access_token[ACCESS_TOKEN_PREFIX_LENGTH:]
if not token_code:
return None
try:
found = (OAuthAccessToken.select(
OAuthAccessToken, User).join(User).where(
OAuthAccessToken.token_name == token_name).get())
if found.token_code is None or not found.token_code.matches(
token_code):
return None
return found
except OAuthAccessToken.DoesNotExist:
pass
# Legacy lookup.
# TODO(remove-unenc): Remove this once migrated.
if ActiveDataMigration.has_flag(ERTMigrationFlags.READ_OLD_FIELDS):
try:
assert access_token
found = (OAuthAccessToken.select(
OAuthAccessToken, User).join(User).where(
OAuthAccessToken.access_token == access_token).get())
return found
except OAuthAccessToken.DoesNotExist:
return None
return None