async def decode(payload: None, context: EventContext) -> ContextUserInfo: token_info = context.auth_info['payload'] return ContextUserInfo( id=token_info['id'], user=token_info['user'], email=token_info['email'] )
async def invoke_login(context: EventContext): auth_info = await login.login(None, context) cfg = context.settings(key='auth', datatype=AuthSettings) assert auth_info.token_type == 'BEARER' access_token_info = auth.decode_token(auth_info.access_token) assert access_token_info['app'] == 'test_app.test' assert access_token_info['id'] == 'id' assert access_token_info['email'] == 'test@email' assert access_token_info['user'] == 'test' iat = access_token_info['iat'] assert access_token_info['exp'] == iat + cfg.access_token_expiration assert access_token_info['renew'] > 0 assert access_token_info['renew'] < 1000.0 * ( cfg.access_token_expiration - cfg.access_token_renew_window) refresh_token_info = auth.decode_token(auth_info.refresh_token) assert refresh_token_info['app'] == 'test_app.test' assert refresh_token_info['id'] == 'id' assert refresh_token_info['email'] == 'test@email' assert refresh_token_info['user'] == 'test' iat = refresh_token_info['iat'] assert refresh_token_info['exp'] == iat + cfg.refresh_token_expiration assert auth_info.user_info == ContextUserInfo(id='id', user='******', email='test@email') assert auth_info.access_token_expiration == cfg.access_token_expiration assert auth_info.refresh_token_expiration == cfg.refresh_token_expiration assert auth_info.renew == access_token_info['renew'] return auth_info
async def refresh(payload: None, context: EventContext) -> AuthInfoExtended: """ Returns a new access and refresh tokens, from a request containing a valid refresh token. """ assert context.auth_info['allowed'] now = datetime.now().astimezone(timezone.utc) if context.auth_info['auth_type'] == AuthType.REFRESH: user_info = ContextUserInfo( id=context.auth_info['payload']['id'], user=context.auth_info['payload']['user'], email=context.auth_info['payload']['email']) return authorize(context, user_info, now) raise Unauthorized('Invalid authorization')
async def login(payload: None, context: EventContext) -> AuthInfoExtended: """ Returns a new access and refresh token for a set of given basic-auth credentials """ assert context.auth_info['allowed'] now = datetime.now(tz=timezone.utc) if context.auth_info['auth_type'] == AuthType.BASIC: data = base64.b64decode(context.auth_info['payload'].encode()).decode() user_info = ContextUserInfo( id='id', user=data.split(":")[0], # TODO: Check password!! email='test@email') return authorize(context, user_info, now) raise Unauthorized('Invalid authorization')
async def invoke_login(context: EventContext): auth_info = await login.login(None, context) assert auth_info.token_type == 'BEARER' access_token_info = auth.decode_token(auth_info.access_token) assert access_token_info['app'] == 'test_app.test' assert access_token_info['id'] == 'id' assert access_token_info['email'] == 'test@email' assert access_token_info['user'] == 'test' iat = access_token_info['iat'] assert access_token_info[ 'exp'] == iat + context.env['auth']['access_token_expiration'] assert access_token_info['renew'] > 0 assert access_token_info['renew'] < 1000.0 * ( int(context.env['auth']['access_token_expiration']) - int(context.env['auth']['access_token_renew_window'])) refresh_token_info = auth.decode_token(auth_info.refresh_token) assert refresh_token_info['app'] == 'test_app.test' assert refresh_token_info['id'] == 'id' assert refresh_token_info['email'] == 'test@email' assert refresh_token_info['user'] == 'test' iat = refresh_token_info['iat'] assert refresh_token_info[ 'exp'] == iat + context.env['auth']['refresh_token_expiration'] assert auth_info.user_info == ContextUserInfo(id='id', user='******', email='test@email') assert auth_info.access_token_expiration == context.env['auth'][ 'access_token_expiration'] assert auth_info.refresh_token_expiration == context.env['auth'][ 'refresh_token_expiration'] assert auth_info.renew == access_token_info['renew'] return auth_info