def authz_part2(self, user, areq, skey, permission=None, authn=None, **kwargs): """ After the authentication this is where you should end up :param user: :param areq: The Authorization Request :param skey: Session key :param permission: A permission specification :param authn: The Authentication Method used :param kwargs: possible other parameters :return: A redirect to the redirect_uri of the client """ _log_debug = logger.debug _log_debug("- in authenticated() -") self.sdb.update(skey, "auz", permission) _log_debug("response type: %s" % areq["response_type"]) # create the response aresp = AuthorizationResponse() try: aresp["state"] = areq["state"] except KeyError: pass if "response_type" in areq and \ len(areq["response_type"]) == 1 and \ "none" in areq["response_type"]: pass else: #if self.sdb.is_revoked(sinfo): # return self._error(error="access_denied", # descr="Token is revoked") try: aresp["scope"] = areq["scope"] except KeyError: pass _log_debug("_dic: %s" % self.sdb[skey]) rtype = set(areq["response_type"][:]) if "code" in areq["response_type"]: #if issue_new_code: # scode = self.sdb.duplicate(_sinfo) # _sinfo = self.sdb[scode] _code = aresp["code"] = self.sdb.get_token(skey) rtype.remove("code") else: _code = self.sdb[skey]["code"] self.sdb.update(skey, "code", None) if "token" in rtype: self.sdb.upgrade_to_token(skey, issue_refresh=False, access_grant=_code) atr = AccessTokenResponse(**aresp.to_dict()) aresp = atr _cont = self.sdb[skey] _log_debug("_dic: %s" % _cont) for key, val in _cont.items(): if key in aresp.parameters() and val is not None: aresp[key] = val rtype.remove("token") if len(rtype): return BadRequest("Unknown response type") try: redirect_uri = self.get_redirect_uri(areq) except (RedirectURIError, ParameterError), err: return BadRequest("%s" % err)
def authz_part2(self, user, areq, skey, permission=None, authn=None, **kwargs): """ After the authentication this is where you should end up :param user: :param areq: The Authorization Request :param skey: Session key :param permission: A permission specification :param authn: The Authentication Method used :param kwargs: possible other parameters :return: A redirect to the redirect_uri of the client """ _log_debug = logger.debug _log_debug("- in authenticated() -") self.sdb.update(skey, "auz", permission) _log_debug("response type: %s" % areq["response_type"]) # create the response aresp = AuthorizationResponse() try: aresp["state"] = areq["state"] except KeyError: pass if "response_type" in areq and \ len(areq["response_type"]) == 1 and \ "none" in areq["response_type"]: pass else: # if self.sdb.is_revoked(sinfo): # return self._error(error="access_denied", # descr="Token is revoked") try: aresp["scope"] = areq["scope"] except KeyError: pass _log_debug("_dic: %s" % self.sdb[skey]) rtype = set(areq["response_type"][:]) if "code" in areq["response_type"]: #if issue_new_code: # scode = self.sdb.duplicate(_sinfo) # _sinfo = self.sdb[scode] _code = aresp["code"] = self.sdb.get_token(skey) rtype.remove("code") else: _code = self.sdb[skey]["code"] self.sdb.update(skey, "code", None) if "token" in rtype: self.sdb.upgrade_to_token(skey, issue_refresh=False, access_grant=_code) atr = AccessTokenResponse(**aresp.to_dict()) aresp = atr _cont = self.sdb[skey] _log_debug("_dic: %s" % _cont) for key, val in _cont.items(): if key in aresp.parameters() and val is not None: aresp[key] = val rtype.remove("token") if len(rtype): return BadRequest("Unknown response type") try: redirect_uri = self.get_redirect_uri(areq) except (RedirectURIError, ParameterError), err: return BadRequest("%s" % err)