def signup_client(request): serializer = SignupClientSerializer(data=request.data, context={'request': request}) serializer.is_valid() # print("serializer error: ", oauth2_settings) if serializer.errors: return Response(data=serializer.errors, status=status.HTTP_400_BAD_REQUEST) else: serializer.save() application = Application.objects.get(client_id=serializer.initial_data["client_id"]) expires = timezone.now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) activated_user = User.objects.get(email=serializer.data["email"]) access_token = AccessToken( user=activated_user, scope='', expires=expires, token=common.generate_token(), application=application ) access_token.save() refresh_token = RefreshToken( user=activated_user, token=common.generate_token(), application=application, access_token=access_token ) refresh_token.save() return Response({"expires": expires, "access_token": access_token.token, "refresh_token": refresh_token.token}, status=200)
def add(cls, name, redirect_uri='', allowed_grant_types=None, allowed_response_types=None, allowed_scopes=None): client_id = generate_token() client_secret = generate_token() allowed_grant_types = allowed_grant_types or ['authorization_code'] allowed_response_types = allowed_response_types or ['token'] allowed_scopes = set(allowed_scopes or []) | {OAuthScope.basic} sql = ('insert into oauth_client' ' (name, client_id, client_secret, redirect_uri,' ' allowed_grant_types, allowed_response_types,' ' allowed_scopes) ' 'values (%s, %s, %s, %s, %s, %s, %s)') params = (name, client_id, client_secret, redirect_uri, ' '.join(allowed_grant_types), ' '.join(allowed_response_types), ' '.join(scope.value for scope in allowed_scopes)) id_ = db.execute(sql, params) db.commit() cls.clear_cache(id_) return cls.get(id_)
def get_access_token(user): #,serializer): app = Application.objects.get(name="Pharmeasy") try: old_access_token = AccessToken.objects.get(user=user, application=app) old_refresh_token = RefreshToken.objects.get(user=user, application=app) except: pass else: old_access_token.delete() old_refresh_token.delete() access_token = generate_token() refresh_token = generate_token() oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS = 100000000 expires = now() + timedelta( seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects. \ create(user=user, application=app, expires=expires, token=access_token, scope=scope) RefreshToken.objects. \ create(user=user, application=app, token=refresh_token, access_token=access_token) #serializer.save() return get_token_json(access_token)
def convert_token(request): try: app = Application.objects.get(name=PROPRIETARY_APPLICATION_NAME) except Application.DoesNotExist: return Response( { "detail": "The server's oauth2 application is not setup or misconfigured" }, status=status.HTTP_501_NOT_IMPLEMENTED) token = AccessToken.objects.create(user=request.user, application=app, token=generate_token(), expires=timezone.now() + timedelta(days=1), scope="read write") refresh_token = RefreshToken.objects.create(access_token=token, token=generate_token(), user=request.user, application=app) code = status.HTTP_201_CREATED return Response( { "access_token": token.token, "refresh_token": refresh_token.token, "token_type": "Bearer", "expires_in": int( (token.expires - timezone.now()).total_seconds()), "scope": token.scope }, status=status.HTTP_201_CREATED)
def access_token_gen(user): try: app = Application.objects.get(name="Facebook") old_access_token = AccessToken.objects.filter(user=user, \ application=app) old_refresh_token = RefreshToken.objects.filter(user=user, \ access_token=old_access_token) except: pass logger_error.error(traceback.format_exc()) else: old_access_token.delete() old_refresh_token.delete() # we generate an access token token = generate_token() # we generate a refresh token refresh_token = generate_token() expires = now() + timedelta( seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" # we create the access token access_token = AccessToken.objects.\ create(user=user, application=app, expires=expires, token=token, scope=scope) # we create the refresh token RefreshToken.objects.\ create(user=user, application=app, token=refresh_token, access_token=access_token) logger_user.info("Token created") return get_token_json(access_token, app, refresh_token)
def generate_new_token_for_user(self, user, scope='r:profile', application=None, expires=None, refresh_token=False): with transaction.atomic(): if application is None: application, created = Application.objects.get_or_create( client_id='public', client_type=Application.CLIENT_PUBLIC, authorization_grant_type=Application.GRANT_PASSWORD, ) if created: ApplicationInfo.objects.create(application=application) if expires is None: access_token_expires_seconds = getattr(settings, 'OAUTH2_PROVIDER', {}).get( 'ACCESS_TOKEN_EXPIRE_SECONDS', 86400) expires = timezone.now() + timezone.timedelta(seconds=access_token_expires_seconds) accesstoken = self.create( application=application, user=user, expires=expires, token=generate_token(), scope=scope ) if refresh_token: accesstoken.refresh_token = RefreshToken.objects.create( access_token=accesstoken, user=user, application=application, token=generate_token() ) return accesstoken
def get_access_token(user): application = Application.objects.get(name="my-api-app") try: old_access_token = AccessToken.objects.get(user=user, application=application) old_refresh_token = RefreshToken.objects.get(user=user, access_token=old_access_token) except: pass else: old_access_token.delete() old_refresh_token.delete() token = generate_token() refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects.\ create(user=user, application=application, expires=expires, token=token, scope=scope) RefreshToken.objects.\ create(user=user, application=application, token=refresh_token, access_token=access_token) return get_token_json(access_token)
def get_access_token(user): """ Takes a user instance and return an access_token as a JsonResponse instance. """ app = get_default_app() try: old_access_token = AccessToken.objects.get(user=user, application=app) old_refresh_token = RefreshToken.objects.get(user=user, access_token=old_access_token) except: pass else: old_access_token.delete() old_refresh_token.delete() token = generate_token() refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects.create(user=user, application=app, expires=expires, token=token, scope=scope) RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token) return get_token_json(access_token)
def get_access_token(user): """ Takes a user instance and return an access_token as a JsonResponse instance. """ # our oauth2 app app = Application.objects.get(name=OAUTH_APP_NAME) # We delete the old access_token and refresh_token try: old_access_token = AccessToken.objects.get(user=user, application=app) old_refresh_token = RefreshToken.objects.get(user=user, access_token=old_access_token) except: pass else: old_access_token.delete() old_refresh_token.delete() # we generate an access token token = generate_token() # we generate a refresh token refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" # we create the access token access_token = AccessToken.objects.create(user=user, application=app, expires=expires, token=token, scope=scope) # we create the refresh token RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token) # we call get_token_json and returns the access token as json return get_token_json(access_token)
def convert_token(request): try: app = Application.objects.get(name=PROPRIETARY_APPLICATION_NAME) except Application.DoesNotExist: return Response({ "detail": "The server's oauth2 application is not setup or misconfigured" }, status=status.HTTP_403_FORBIDDEN) code = status.HTTP_200_OK token = AccessToken.objects.filter(user=request.user, application=app).order_by('expires').last() # If the token is goinf to expire within the minute, we generate a new one if not token or int((token.expires - timezone.now()).total_seconds()) < 60: token = AccessToken.objects.create(user=request.user, application=app, token=generate_token(), expires=timezone.now() + timedelta(days=1), scope="read write") refresh_token = RefreshToken.objects.create(access_token=token, token=generate_token(), user=request.user, application=app) code = status.HTTP_201_CREATED else: try: refresh_token = RefreshToken.objects.get(access_token=token, user=request.user, application=app) except RefreshToken.DoesNotExist: refresh_token = RefreshToken.objects.create(access_token=token, token=generate_token(), user=request.user, application=app) return Response({ "access_token": token.token, "refresh_token": refresh_token.token, "token_type": "Bearer", "expires_in": int((token.expires - timezone.now()).total_seconds()), "scope": token.scope }, status=code)
def save(self, *args, **kwargs): if not self.key: self.key = generate_token(32) if not self.secret: self.secret = generate_token(32) super(Token, self).save(*args, **kwargs)
def generate(client, callback=None): if callback is None: callback = client.default_callback return OAuthRequestToken.objects.create( client=client, token=generate_token(), secret=generate_token(), callback=callback)
class LTIConsumerFactory(factory.alchemy.SQLAlchemyModelFactory): class Meta: model = LTIConsumer sqlalchemy_session = db.session oauth_consumer_key = generate_token() oauth_consumer_secret = generate_token() lti_version = "LTI-1p0"
def post(self, request): # STEP 1: # Lookup the refresh token and if it does not exist then return 401 error. token = request.data.get('refresh_token', None) refresh_token = RefreshToken.objects.filter(token=token).first() if refresh_token is None: print(token, "not found!") return Response(data=[], status=status.HTTP_401_UNAUTHORIZED) # STEP 2: # Make the refresh token and access token not longer valid. refresh_token.revoked = timezone.now() refresh_token.save() refresh_token.access_token.expires = timezone.now() refresh_token.access_token.save() # STEP 3: # Create our new access token and refresh token.... # Get our web application authorization. application = Application.objects.filter( name=settings.MIKAPONICS_RESOURCE_SERVER_NAME).first() # Generate our "NEW" access token which does not have a time limit. # We want to generate a new token every time because the user may be # logging in from multiple locations and may log out from multiple # locations so we don't want the user using the same token every time. aware_dt = timezone.now() expires_dt = aware_dt + timezone.timedelta(days=1) access_token = AccessToken.objects.create( application=application, user=refresh_token.user, expires=expires_dt, token=generate_token(), scope='read,write,introspection') refresh_token = RefreshToken.objects.create(application=application, user=refresh_token.user, access_token=access_token, token=generate_token()) # STEP 4: # Return our new credentials. revoked_at = int(refresh_token.revoked.timestamp() ) if refresh_token.revoked is not None else None return Response(data={ 'access_token': { 'token': str(access_token), 'expires': int(access_token.expires.timestamp()), 'scope': str(access_token.scope) }, 'refresh_token': { 'token': str(refresh_token), 'revoked': revoked_at, } }, status=status.HTTP_200_OK)
def create(self,request): mobile=request.data.get('mobile') if not mobile: return Response('please enter the mobile no:') phone_object=PhoneNumber() phone_object.phone=mobile phone_object.save() try: email=request.data.get('email') user_email=MyUser.objects.filter(email=email) if user_email: return Response('already register email') myuser=MyUser() myuser.save() myuser.mobile.add(phone_object) myuser.email=request.data.get('email') myuser.first_name=request.data.get('first_name') myuser.last_name=request.data.get('last_name') myuser.date_of_birth=request.data.get('dob') myuser.gender=request.data.get('gender') myuser.role=request.data.get('role') myuser.set_password(request.data.get('password')) myuser.mobile.add(phone_object) myuser.is_active=True myuser.save() app = Application.objects.create(user=myuser) token = generate_token() refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects.create(user=myuser, application=app, expires=expires, token=token, scope=scope, ) print("access token ------->", access_token) RefreshToken.objects.create(user=myuser, application=app, token=refresh_token, access_token=access_token ) response = { 'access_token': access_token.token, 'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS, 'token_type': 'Bearer', 'refresh_token': access_token.refresh_token.token, 'client_id': app.client_id, 'client_secret': app.client_secret } return Response({'response':'you are sign up successfull ','message':True,'status':status.HTTP_200_OK}) except Exception as error: traceback.print_exc() return Response({'response':str(error),'message':False,'status':status.HTTP_200_OK})
def test_has_required_params(self): client_id = generate_client_id() client_secret = generate_token() tc = ToolConsumer(client_id, client_secret, launch_url="http://example.edu") self.assertFalse(tc.has_required_params()) tc.launch_params["resource_link_id"] = generate_token() self.assertTrue(tc.has_required_params())
def get_access_token(user): """ Takes a user instance and return an access_token as a JsonResponse instance. """ app = Application.objects.get(name="Fabler") # We delete the old access_token and refresh_token try: old_access_token = AccessToken.objects.get( user=user, application=app) old_refresh_token = RefreshToken.objects.get( user=user, access_token=old_access_token ) except: try: old_access_tokens = AccessToken.objects.all().filter(user=user, application=app) old_refresh_tokens = RefreshToken.objects.all().filter(user=user, access_token=old_access_tokens) except: # Something's wrong if we get here pass else: old_access_tokens.delete() old_refresh_tokens.delete() else: timenow = datetime.utcnow().replace(tzinfo=pytz.utc) if timenow < old_access_token.expires: return get_token_json(old_access_token) old_access_token.delete() old_refresh_token.delete() # we generate an access token token = generate_token() # we generate a refresh token refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" # we create the access token access_token = AccessToken.objects. \ create(user=user, application=app, expires=expires, token=token, scope=scope) # we create the refresh token RefreshToken.objects. \ create(user=user, application=app, token=refresh_token, access_token=access_token) # we call get_token_json and returns the access token as json return get_token_json(access_token)
def test_generate_token(self): token = generate_token() self.assertEqual(len(token), 30) token = generate_token(length=44) self.assertEqual(len(token), 44) token = generate_token(length=6, chars="python") self.assertEqual(len(token), 6) for c in token: self.assertIn(c, "python")
def create(self, request, *args, **kwargs): """ """ data = request.data data = dict(data.items()) serializer = UserCreateSerializer(data=data) host = request.META['HTTP_HOST'] if serializer.is_valid(): user = get_user_model().objects.create_user(**serializer.data) user.set_password(data.get('password')) user.is_active = False user.save() # here generating the activation key activation_key = str(uuid.uuid4()) user.activation_key = activation_key user.save() profile = Profile(user=user) profile.save() mail_user_activation_key(user, host=host) # getting application application = Application.objects.get(name="mmb") # creating access token access_token = AccessToken(user=user, expires=expires, token=generate_token(), application=application) access_token.save() refresh_token = RefreshToken.objects.create( user=user, token=generate_token(), access_token=access_token, application=application) response = { 'access_token': access_token.token, 'token_type': 'Bearer', 'expires_in': settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS'], 'refresh_token': refresh_token.token } return Response(response, status=status.HTTP_200_OK) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def access_token(self): """Create an OAuth access token for an authorized client. Defaults to /access_token. Invoked by client applications. """ access_token = generate_token(length=self.access_token_length[1]) token_secret = generate_token(self.secret_length) client_key = request.oauth.client_key self.save_access_token(client_key, access_token, request.oauth.resource_owner_key, secret=token_secret) return urlencode([(u'oauth_token', access_token), (u'oauth_token_secret', token_secret)])
def test_has_required_params(self): client_id = generate_client_id() client_secret = generate_token() tc = ToolConsumer(client_id, client_secret, launch_url='http://example.edu') self.assertFalse(tc.has_required_params()) tc.launch_params['resource_link_id'] = generate_token() self.assertTrue(tc.has_required_params())
def create(self,request): try: email=request.data.get('email') password=request.data.get('password') user=authenticate(email=email,password=password) send_email_display() if user is not None: app = Application.objects.get(user=user) # token = get_access_token(user) token = generate_token() refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects.create(user=user, application=app, expires=expires, token=token, scope=scope, ) RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token ) response = { 'name':user.first_name, 'access_token': access_token.token, 'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS, 'token_type': 'Bearer', 'refresh_token': access_token.refresh_token.token, 'client_id': app.client_id, 'client_secret': app.client_secret } return Response({'response':response,'message':True,'status':status.HTTP_200_OK}) else: email=MyUser.objects.filter(email=email) if not email: return Response({'response':'email is not valid plz enter valid email id','message':False,'status':status.HTTP_200_OK}) password=MyUser.objects.filter(password=password) if not password: return Response({'response':'password is not valid plz enter valid paasword id','message':False,'status':status.HTTP_200_OK}) except Exception as error: traceback.print_exc() return Response({'response':str(error),'message':False,'status':status.HTTP_200_OK})
def create(self, request): try: email = request.data.get('email') print('eeeeeeeeee', email) password = (request.data.get('password')) print('password', password) user = authenticate(email=email, password=password) print('ppppppp', user) if user is not None: app = Application.objects.get(user=user) token = generate_token() refresh_token = generate_token() expires = now() + timedelta( seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects.create( user=user, application=app, expires=expires, token=token, scope=scope, ) RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token) response = { 'access_token': access_token.token, 'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS, 'token_type': 'Bearer', 'refresh_token': access_token.refresh_token.token, 'client_id': app.client_id, 'client_secret': app.client_secret } return Response({ "response": response, 'success': True, 'status': status.HTTP_200_OK }) else: return Response("excess denied") except Exception as error: traceback.print_exc() return Response({ 'response': str(error), 'success': False, 'status': status.HTTP_200_OK })
def get_or_create_token(user): print "get_or_create_token for user : "******"DEBUG Show all tokens" # tokens = AccessToken.objects.all() # print "Found ", len(tokens), " tokens" # for token in tokens: # print "Token : ", token.id, token.user, token.token, token.application, token.expires, token.scope # refresh_token = RefreshToken.objects.get(access_token=token) # print "Refresh token : ", refresh_token.id, refresh_token.user, refresh_token.application, refresh_token, refresh_token.access_token # # DEBUG Show all tokens # print "ENDDEBUG Show all tokens" application = Application.objects.get( name="Local OAuth2 Server with Password") tokens = AccessToken.objects.filter(user=user, expires__gt=datetime.now(), application=application) print "Found ", len(tokens), " tokens" for token in tokens: print "Token : ", token.id, token.user, token.token, token.application, token.expires, token.scope refresh_token = RefreshToken.objects.get(access_token=token) print "Refresh token : ", refresh_token.id, refresh_token.user, refresh_token.application, refresh_token, refresh_token.access_token if len(tokens) == 0: print "Create new token" expires = datetime.now() + timedelta(seconds=36000) scope = "read write" token = AccessToken.objects.create(user=user, application=application, expires=expires, token=generate_token(), scope=scope) refresh_token = RefreshToken.objects.create( user=user, application=application, token=generate_token(), access_token=token) print "Created token : ", token.id, token.user, token.token, token.application, token.expires, token.scope print "with a Refresh token : ", refresh_token.id, refresh_token.user, refresh_token.application, refresh_token, refresh_token.access_token return token else: # get the first print "Return the first found token" return tokens[0] except: # do something print "Exception is thrown" return None
def __call__(self, request, refresh_token=False): token = { 'access_token': common.generate_token(), 'expires_in': self.expires_in, 'scope': ' '.join(request.scopes), 'token_type': 'Bearer', } if getattr(request, 'state', None): token['state'] = request.state if refresh_token: token['refresh_token'] = common.generate_token() self.save_token(request, token) return token
def generate_tokens(app, account): """ Generate Access and Refresh tokens for an oauth2 app's account """ next_week = timezone.now() + timedelta(weeks=1) access_token = AccessToken.objects.create(application=app, user=account, scope='read write', token=generate_token(), expires=next_week) refresh_token = RefreshToken.objects.create(application=app, user=account, access_token=access_token, token=generate_token()) return access_token, refresh_token
def get_access_token(user,request): """ Takes a user instance and return an access_token as a JsonResponse instance. """ # our oauth2 app app = Application.objects.get(name="issste") # We delete the old access_token and refresh_token try: old_access_token = AccessToken.objects.get( user_id=user.id, application_id=app.id) old_refresh_token = RefreshToken.objects.get( user=user, access_token=old_access_token ) except: pass else: old_access_token.delete() old_refresh_token.delete() # we generate an access token token = generate_token() # we generate a refresh token refresh_token = generate_token() expires = now() + timedelta(seconds=oauth2_settings. ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" # we create the access token access_token = AccessToken.objects.\ create(user=user, application=app, expires=expires, token=token, scope=scope) # we create the refresh token RefreshToken.objects.\ create(user=user, application=app, token=refresh_token, access_token=access_token) request.session["access_token"] = access_token.token # we call get_token_json and returns the access token as json return get_token_json(access_token)
def create_access_token(user, scope): """ Takes a user instance and return an access_token as a JsonResponse instance. :param user: django user instance :param scope: should be valid oauth scope value :return: Token dictionary object """ # retrieve our oauth2 application model app = get_application_model().objects.get( name=settings.OAUTH2_APPLICATION_NAME) # Delete any existing access and refresh tokens. try: at = AccessToken.objects.get(user=user, application=app) RefreshToken.objects.get(user=user, access_token=at).delete() at.delete() except: pass # Generate new tokens atoken = generate_token() rtoken = generate_token() # Setup the access token expiration value. expires = now() + timedelta( seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) # Create the access token model object. access_token = AccessToken.objects.\ create(user=user, application=app, expires=expires, token=atoken, scope=scope) # Create the refresh token model object. RefreshToken.objects.\ create(user=user, application=app, token=rtoken, access_token=access_token) # Return dictionary object with token information. return build_token_dict(access_token)
def create(self, request): try: user = MyUser() user.name = request.data.get('name') user.email = request.data.get('email') user.set_password(request.data.get('password')) user.maid_choices = request.data.get('maid_choices') user.is_active = True user.save() app = Application.objects.create(user=user) token = generate_token() refresh_token = generate_token() expires = now() + timedelta( seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) scope = "read write" access_token = AccessToken.objects.create( user=user, application=app, expires=expires, token=token, scope=scope, ) print("access token ------->", access_token) RefreshToken.objects.create(user=user, application=app, token=refresh_token, access_token=access_token) response = { 'access_token': access_token.token, 'expires_in': oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS, 'token_type': 'Bearer', 'refresh_token': access_token.refresh_token.token, 'client_id': app.client_id, 'client_secret': app.client_secret } return Response({ "response": response, 'status': status.HTTP_200_OK, 'success': True }) except Exception as error: traceback.print_exc() return Response({ 'message': str(error), 'status': status.HTTP_200_OK, 'success': False })
def test_new_request(self): key = generate_client_id() secret = generate_token() lp = { 'lti_version': 'foo', 'lti_message_type': 'bar', 'resource_link_id': 123 } tp = create_tp(key, secret, lp) req = tp.new_request({}) self.assertIsInstance(req, OutcomeRequest) self.assertEqual(req, tp._last_outcome_request) self.assertEqual(req.consumer_key, key) self.assertEqual(len(tp.outcome_requests), 1) # outcome request should get assigned attr req = tp.new_request({'score': 1.0}) self.assertEqual(req.score, 1.0) self.assertEqual(len(tp.outcome_requests), 2) # but can't override some fields req = tp.new_request({'consumer_key': 'foo'}) self.assertEqual(req.consumer_key, key) self.assertEqual(len(tp.outcome_requests), 3) # should fail if we use an invalid opt self.assertRaises(InvalidLTIConfigError, tp.new_request, {'foo': 1}) self.assertEqual(len(tp.outcome_requests), 3)
def _set_token(self, request, response): if request.user and request.user.is_authenticated(): access_token = request.META.get('ACCESS_TOKEN', None) if access_token is None: Application = get_application_model() geoserver_app = Application.objects.get(name="GeoServer") token = generate_token() ttl = datetime.datetime.now() + datetime.timedelta(days=3) AccessToken.objects.get_or_create(user=request.user, application=geoserver_app, expires=ttl, token=token) access_token = token response.set_cookie( settings.ACCESS_TOKEN_NAME, access_token, max_age=settings.SESSION_COOKIE_AGE, domain=settings.SESSION_COOKIE_DOMAIN, path=settings.SESSION_COOKIE_PATH, secure=settings.SESSION_COOKIE_SECURE or None, httponly=settings.SESSION_COOKIE_HTTPONLY or None,) patch_vary_headers(response, ('Cookie',)) else: response.delete_cookie(settings.ACCESS_TOKEN_NAME, domain=settings.SESSION_COOKIE_DOMAIN)
def request_token(self): """Create an OAuth request token for a valid client request. Defaults to /request_token. Invoked by client applications. """ client_key = request.oauth.client_key realm = request.oauth.realm # TODO: fallback on default realm? callback = request.oauth.callback_uri request_token = generate_token(length=self.request_token_length[1]) token_secret = generate_token(length=self.secret_length) self.save_request_token(client_key, request_token, callback, realm=realm, secret=token_secret) return urlencode([(u'oauth_token', request_token), (u'oauth_token_secret', token_secret), (u'oauth_callback_confirmed', u'true')])
def create_oauth_token(self, application, user, scope='', expires=None, **kwargs): """Create an OAuth2 access token for testing. Args: application (reviewboard.oauth.models.Application): The application the token should be associated with. user (django.contrib.auth.models.User): The user who should own the token. scope (unicode, optional): The scopes of the token. This argument defaults to the empty scope. expires (datetime.timedelta, optional): How far into the future the token expires. If not provided, this argument defaults to one hour. Returns: oauth2_provider.models.AccessToken: The created access token. """ if expires is None: expires = timedelta(hours=1) return AccessToken.objects.create( application=application, token=generate_token(), expires=timezone.now() + expires, scope=scope, user=user, )
def create_authorization_code(self, request): """Generates an authorization grant represented as a dictionary.""" grant = {"code": common.generate_token()} if hasattr(request, "state") and request.state: grant["state"] = request.state log.debug("Created authorization code grant %r for request %r.", grant, request) return grant
def random_token_generator(request, refresh_token=False): """ :param request: OAuthlib request. :type request: oauthlib.common.Request :param refresh_token: """ return common.generate_token()
def authorized(self, request_token, request = None): """Create a verifier for an user authorized client""" verifier = generate_token(length=self.verifier_length[1]) self.save_verifier(request_token, verifier) #if request: # response = dict(request.args.items()) #else: response = {} # Alright, now for the fun part! # We need to retrieve the user's unique ID for the service # the app just authenticated with them through us. service = session['realm'] uid = APIS[service].get_uid(request) if uid: response.update({'uid': uid, 'service': service}) # Are we logged in? if current_user.is_authenticated(): response.update({'btid': current_user.get_id()}) response.update( {u'oauth_token': request_token, u'oauth_verifier': verifier}) callback = self.get_callback(request_token) return redirect(add_params_to_uri(callback, response.items()))
def convert_token(request, backend): if request.method == 'POST': client_id = request.POST.get("client_id") client_secret = request.POST.get("client_secret") my_app = get_object_or_404(Application, client_id=client_id, client_secret=client_secret) params = dict(code=request.GET.get("token"), client_id=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_KEY, client_secret=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET, redirect_uri=settings.SECRET_URI, grant_type="authorization_code") response = requests.post("https://www.googleapis.com/oauth2/v3/token", data=params).json() user = request.backend.do_auth(response.get("access_token")) if user and user.is_authenticated and user.is_active: old_token = AccessToken.objects.filter(user = user) if len(old_token)>0: return Response({'access_token':old_token[0].token}) else: my_access_token = AccessToken.objects.create(user=user, token=generate_token(), application=my_app, expires=datetime(2020,1,1), scope='create chatrooms') return Response({'access_token':my_access_token.token}) else: raise PermissionDenied("User is not authenticated.") else: raise PermissionError("Method not available")
def make_random_string_char_and_number(str_length=32): """ 生成英文字符和数字混合型的字符串(最大长度:128位) """ if str_length > 128: str_length = 128 return generate_token(length=str_length)
def _get_user_token(self): """ Returns an access token for the user. This function facilitates interactions with the bundle service. """ CLIENT_ID = 'codalab_cli_client' if request.user is None: return None # Try to find an existing token that will work. token = local.model.find_oauth2_token( CLIENT_ID, request.user.user_id, datetime.utcnow() + timedelta(minutes=5)) if token is not None: return token.access_token # Otherwise, generate a new one. token = OAuth2Token( local.model, access_token=generate_token(), refresh_token=None, scopes='', expires=datetime.utcnow() + timedelta(hours=10), client_id=CLIENT_ID, user_id=request.user.user_id, ) local.model.save_oauth2_token(token) return token.access_token
def test_constructor(self): client_id = generate_client_id() client_secret = generate_token() tc = ToolConsumer(client_id, client_secret, launch_url='http://example.edu') self.assertIsInstance(tc.launch_params, LaunchParams) lp = LaunchParams() tc = ToolConsumer(client_id, client_secret, launch_url='http://example.edu', params=lp) self.assertEqual(tc.launch_params, lp) lp_dict = {'resource_link_id': 1} tc = ToolConsumer(client_id, client_secret, launch_url='http://example.edu', params=lp_dict) self.assertIsInstance(tc.launch_params, LaunchParams) self.assertEqual(tc.launch_params._params.get('resource_link_id'), 1) # no launch_url should raise exception self.failUnlessRaises(InvalidLTIConfigError, ToolConsumer, client_id, client_secret, params=lp_dict) # but confirm that 'launch_url' can still be passed in params # (backwards compatibility) lp_dict['launch_url'] = 'http://example.edu' tc = ToolConsumer(client_id, client_secret, params=lp_dict) self.assertEqual(tc.launch_url, 'http://example.edu')
def get_dictation_token(): user = request.oauth.user asr_token = IssuedToken.query.filter_by(user_id=user.id, scopes='{asr}').first() if not asr_token: asr_token = IssuedToken( user_id=user.id, client_id='asr', scopes=['asr'], expires=datetime.datetime.utcnow() + datetime.timedelta(days=3650), access_token=generate_token( 15, 'abcdefghijklmnopqrsstuvwxyz0123456789'), refresh_token=generate_token()) db.session.add(asr_token) db.session.commit() return jsonify(token=asr_token.access_token)
def _get_access_token(self, user_id=None, create=False): self.ensure_one() if not user_id: user_id = self.env.user.id access_token = self.env['oauth.access_token'].sudo().search( [('application_id', '=', self.id), ('user_id', '=', user_id)], order='id DESC', limit=1) if access_token: access_token = access_token[0] if access_token.is_expired(): access_token = None if not access_token and create: expires = datetime.now() + timedelta(seconds=60 * 60) vals = { 'user_id': user_id, 'scope': 'userinfo', 'expires': expires.strftime(DEFAULT_SERVER_DATETIME_FORMAT), 'token': oauthlib_common.generate_token(), 'application_id': self.id, } access_token = self.env['oauth.access_token'].create(vals) # we have to commit now, because /oauth2/tokeninfo could # be called before we finish current transaction. self._cr.commit() if not access_token: return None return access_token.token
def login(request): # this view can be called directly by django admin site from # any url, or can be accessed by the login url if the urls # from this app were included if request.path == reverse(oauthadmin.views.login): # if this view is being accessed from login url look for 'next' # in query string to use as destination after the login is complete next = request.GET.get('next') else: # otherwise the django admin site called this view from another view. # Django admin doesn't redirect to login url if login is required, it # calls the view directly (django 1.7 fixed this and redirects and we # don't support it yet) next = request.get_full_path() redirect_uri = request.build_absolute_uri( reverse(oauthadmin.views.callback)) state_token = generate_token() state = base64.b64encode( json.dumps({ "state": state_token, "next": next }).encode('utf-8')) oauth = OAuth2Session( client_id=app_setting('CLIENT_ID'), redirect_uri=redirect_uri, scope=["default"], state=state, ) authorization_url, state = oauth.authorization_url(app_setting('AUTH_URL')) request.session['oauth_state'] = state return redirect(authorization_url)
def login(request): # this view can be called directly by django admin site from # any url, or can be accessed by the login url if the urls # from this app were included if request.path == reverse(oauthadmin.views.login): # if this view is being accessed from login url look for 'next' # in query string to use as destination after the login is complete next = request.GET.get('next') else: # otherwise the django admin site called this view from another view. # Django admin doesn't redirect to login url if login is required, it # calls the view directly (django 1.7 fixed this and redirects and we # don't support it yet) next = request.get_full_path() redirect_uri = request.build_absolute_uri(reverse(oauthadmin.views.callback)) state_token = generate_token() state=base64.b64encode(json.dumps({"state": state_token, "next": next}).encode('utf-8')) oauth = OAuth2Session( client_id=app_setting('CLIENT_ID'), redirect_uri=redirect_uri, scope=["default"], state=state, ) authorization_url, state = oauth.authorization_url(app_setting('AUTH_URL')) request.session['oauth_state'] = state return redirect(authorization_url)
def _get_access_token(self, user_id=None, create=False): self.ensure_one() if not user_id: user_id = self.env.user.id access_token = self.env['oauth.access_token'].sudo().search([('application_id', '=', self.id), ('user_id', '=', user_id)], order='id DESC', limit=1) if access_token: access_token = access_token[0] if access_token.is_expired(): access_token = None if not access_token and create: expires = datetime.now() + timedelta(seconds=60*60) vals = { 'user_id': user_id, 'scope': 'userinfo', 'expires': expires.strftime(DEFAULT_SERVER_DATETIME_FORMAT), 'token': oauthlib_common.generate_token(), 'application_id': self.id, } access_token = self.env['oauth.access_token'].create(vals) # we have to commit now, because /oauth2/tokeninfo could # be called before we finish current transaction. self._cr.commit() if not access_token: return None return access_token.token
def get_user_token(user): """ Returns an access token for the given user. This function facilitates interactions with the bundle service. """ if user is None or not user.is_authenticated(): return None client = Application.objects.get(client_id=cli_client_id(user)) tokens = AccessToken.objects.filter(application_id=client.id, expires__gt=timezone.now() + timedelta(minutes=5)) access_token = None for token in tokens: if token.is_valid([]): access_token = token break if access_token is None: access_token = AccessToken( user=user, scope='', expires=timezone.now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS), token=generate_token(), application=client) access_token.save() return str(access_token.token)
def get_user_token(): """ Returns an access token for the authenticated user. This function facilitates interactions with the bundle service. """ CLIENT_ID = 'codalab_cli_client' if not request.user.is_authenticated: return None # Try to find an existing token that will work. token = local.model.find_oauth2_token( CLIENT_ID, request.user.user_id, datetime.utcnow() + timedelta(minutes=5)) if token is not None: return token.access_token # Otherwise, generate a new one. token = OAuth2Token( local.model, access_token=generate_token(), refresh_token=None, scopes='', expires=datetime.utcnow() + timedelta(hours=10), client_id=CLIENT_ID, user_id=request.user.user_id, ) local.model.save_oauth2_token(token) return token.access_token
def test_constructor(self): client_id = generate_client_id() client_secret = generate_token() tc = ContentItemResponse(client_id, client_secret, launch_url='http://example.edu') self.assertIsInstance(tc.launch_params, LaunchParams) lp = LaunchParams() tc = ContentItemResponse(client_id, client_secret, launch_url='http://example.edu', params=lp) self.assertEqual(tc.launch_params, lp) lp_dict = {'resource_link_id': 1} tc = ContentItemResponse(client_id, client_secret, launch_url='http://example.edu', params=lp_dict) self.assertIsInstance(tc.launch_params, LaunchParams) self.assertEqual(tc.launch_params._params.get('resource_link_id'), 1) # no launch_url should raise exception self.failUnlessRaises(InvalidLTIConfigError, ContentItemResponse, client_id, client_secret, params=lp_dict) # but confirm that 'launch_url' can still be passed in params # (backwards compatibility) lp_dict['launch_url'] = 'http://example.edu' tc = ContentItemResponse(client_id, client_secret, params=lp_dict) self.assertEqual(tc.launch_url, 'http://example.edu')
def create_authorization_code(self, request): """Generates an authorization grant represented as a dictionary.""" grant = {'code': common.generate_token()} if hasattr(request, 'state') and request.state: grant['state'] = request.state log.debug('Created authorization code grant %r for request %r.', grant, request) return grant
def create_access_token(user, scope): """ Takes a user instance and return an access_token as a JsonResponse instance. :param user: django user instance :param scope: should be valid oauth scope value :return: Token dictionary object """ # retrieve our oauth2 application model app = get_application_model().objects.get(name=settings.OAUTH2_APPLICATION_NAME) # Delete any existing access and refresh tokens. try: at = AccessToken.objects.get(user=user, application=app) RefreshToken.objects.get(user=user, access_token=at).delete() at.delete() except: pass # Generate new tokens atoken = generate_token() rtoken = generate_token() # Setup the access token expiration value. expires = now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS) # Create the access token model object. access_token = AccessToken.objects.\ create(user=user, application=app, expires=expires, token=atoken, scope=scope) # Create the refresh token model object. RefreshToken.objects.\ create(user=user, application=app, token=rtoken, access_token=access_token) # Return dictionary object with token information. return build_token_dict(access_token)
def create_token(self, request, refresh_token=False): """Create a BearerToken, by default without refresh token.""" token = { 'access_token': common.generate_token(), 'expires_in': self.expires_in, 'token_type': 'Bearer', } if request.scopes is not None: token['scope'] = ' '.join(request.scopes) if request.state is not None: token['state'] = request.state if refresh_token: token['refresh_token'] = common.generate_token() self.request_validator.save_bearer_token(request, token) return token
def get_admin_token(): Application = get_application_model() app = Application.objects.get(name="GeoServer") token = generate_token() AccessToken.objects.get_or_create( user=get_default_user(), application=app, expires=datetime.datetime.now() + datetime.timedelta(days=3), token=token) return token
def create_tp(key=None, secret=None, lp=None, launch_url=None, launch_headers=None, tp_class=ToolProvider): key = key or generate_client_id() secret = secret or generate_token() launch_params = LaunchParams() if lp is not None: launch_params.update(lp) launch_url = launch_url or "http://example.edu" launch_headers = launch_headers or {} return tp_class(key, secret, launch_params, launch_url, launch_headers)
def authorized(self, request_token): """Create a verifier for an user authorized client""" verifier = generate_token(length=self.verifier_length[1]) self.save_verifier(request_token, verifier) response = [ (u'oauth_token', request_token), (u'oauth_verifier', verifier) ] callback = self.get_callback(request_token) return redirect(add_params_to_uri(callback, response))