def getAuthCode(): #logging.warning("GETCODE THE USER IS " + str(g.user.username)) code = randomString(32) client = lookupClientByID(request.form.get("client_id")) if client and request.form.get("confirm_yes"): redirectUrl = client.redirect_url codeDB = AuthCode(client_id=client.client_id, client=client.key, user=g.user.key, code=code, expires=datetime.now() + timedelta(seconds=app.config["AUTHCODE_EXPIRATION"])) codeDB.put() taskqueue.add(url='/_expire-authcode', params={ 'code': code, "secret": app.config["QUEUE_SECRET"] }, method="GET", countdown=app.config["AUTHCODE_EXPIRATION"]) return redirect("{0}?code={1}&expires={2}".format( redirectUrl, code, app.config["AUTHCODE_EXPIRATION"])) else: logging.warning("DID NOT CONFIRM") return "<script>window.close()</script>"
def getToken(): #client does this client = lookupClientByID(request.form.get("client_id")) #logging.warning("CLIENT ID: " + str(request.form.get("client_id"))) if client and client.client_secret == request.form.get("client_secret"): time.sleep(0.1) codeInDB = AuthCode.query(AuthCode.code == request.form.get("code")).get() #logging.warning("CODE IN DB:" + str(codeInDB)) if codeInDB: tokenGrant = Token(client = client.key, user = codeInDB.user, access_token = randomString(32), refresh_token = randomString(32), expires = datetime.now() + timedelta(seconds=app.config["ACCESSTOKEN_EXPIRATION"])) ndb.delete_multi(Token.query(Token.client == client.key and Token.user == codeInDB.user).fetch(keys_only = True)) #delete prior tokens tokenGrant.put() codeInDB.key.delete() taskqueue.add(url='/_expire-token', params={'access_token': tokenGrant.access_token, "secret": app.config["QUEUE_SECRET"]}, method="GET", countdown = app.config["ACCESSTOKEN_EXPIRATION"]) return jsonify({"access_token": tokenGrant.access_token, "refresh_token": tokenGrant.refresh_token, "expires": app.config["ACCESSTOKEN_EXPIRATION"]}) else: return jsonify({"error": "Auth code expired or invalid"}) return jsonify({"error": "Invalid credentials"})
def getAuthCode(): #logging.warning("GETCODE THE USER IS " + str(g.user.username)) code = randomString(32) client = lookupClientByID(request.form.get("client_id")) if client and request.form.get("confirm_yes"): redirectUrl = client.redirect_url codeDB = AuthCode(client_id = client.client_id, client = client.key, user = g.user.key, code = code, expires = datetime.now() + timedelta(seconds=app.config["AUTHCODE_EXPIRATION"])) codeDB.put() taskqueue.add(url='/_expire-authcode', params={'code': code, "secret": app.config["QUEUE_SECRET"]}, method="GET", countdown = app.config["AUTHCODE_EXPIRATION"]) return redirect("{0}?code={1}&expires={2}".format(redirectUrl, code, app.config["AUTHCODE_EXPIRATION"])) else: logging.warning("DID NOT CONFIRM") return "<script>window.close()</script>"
def getToken(): #client does this client = lookupClientByID(request.form.get("client_id")) #logging.warning("CLIENT ID: " + str(request.form.get("client_id"))) if client and client.client_secret == request.form.get("client_secret"): time.sleep(0.1) codeInDB = AuthCode.query( AuthCode.code == request.form.get("code")).get() #logging.warning("CODE IN DB:" + str(codeInDB)) if codeInDB: tokenGrant = Token( client=client.key, user=codeInDB.user, access_token=randomString(32), refresh_token=randomString(32), expires=datetime.now() + timedelta(seconds=app.config["ACCESSTOKEN_EXPIRATION"])) ndb.delete_multi( Token.query(Token.client == client.key and Token.user == codeInDB.user).fetch( keys_only=True)) #delete prior tokens tokenGrant.put() codeInDB.key.delete() taskqueue.add(url='/_expire-token', params={ 'access_token': tokenGrant.access_token, "secret": app.config["QUEUE_SECRET"] }, method="GET", countdown=app.config["ACCESSTOKEN_EXPIRATION"]) return jsonify({ "access_token": tokenGrant.access_token, "refresh_token": tokenGrant.refresh_token, "expires": app.config["ACCESSTOKEN_EXPIRATION"] }) else: return jsonify({"error": "Auth code expired or invalid"}) return jsonify({"error": "Invalid credentials"})