def get_token(self, token_id, scope): """Retrieves a registered token by token ID and required scope. @type token_id: basestring @param token_id: token ID @type scope: basestring @param scope: required scopes as space separated string """ try: token = self.get_value(token_id) except KeyError: log.debug("Request for token of ID that is not registered: %s", token_id) return None, 'invalid_token' if not token.valid: log.debug("Request for invalid token of ID: %s", token_id) return None, 'invalid_token' if token.expires <= datetime.utcnow(): log.debug("Request for expired token of ID: %s", token_id) return None, 'invalid_token' # Check scope if not scopeutil.isScopeGranted(token.scope, scopeutil.scopeStringToList(scope)): log.debug("Request for token of ID: %s - token was not granted " "scope %s", token_id, scope) return None, 'insufficient_scope' return token, None
def __init__(self, token_id, request, grant, token_type, lifetime): self.token_id = token_id self.token_type = token_type self.grant = grant self.scope = scopeutil.scopeStringToList(grant.scope_str) self.timestamp = datetime.now() self.lifetime = lifetime self.expires = self.timestamp + timedelta(days=0, seconds=lifetime) self.valid = True
def from_token_request(cls, token_type, grant, lifetime): '''Create an instance from a token request. This applies to the Authorization Code Grant flow ''' obj = cls(token_type, lifetime) obj.token_type = token_type obj.grant = grant obj.scope = scopeutil.scopeStringToList(grant.scope_str) return obj
def __init__(self, user, client_id, scope, is_authorized): self.user = user self.client_id = client_id self.scope = scopeutil.scopeStringToList(scope) self.is_authorized = is_authorized