async def decode(payload: None, context: EventContext) -> ContextUserInfo:
token_info = context.auth_info['payload']
return ContextUserInfo(
id=token_info['id'],
user=token_info['user'],
email=token_info['email']
)
async def invoke_login(context: EventContext):
auth_info = await login.login(None, context)
cfg = context.settings(key='auth', datatype=AuthSettings)
assert auth_info.token_type == 'BEARER'
access_token_info = auth.decode_token(auth_info.access_token)
assert access_token_info['app'] == 'test_app.test'
assert access_token_info['id'] == 'id'
assert access_token_info['email'] == 'test@email'
assert access_token_info['user'] == 'test'
iat = access_token_info['iat']
assert access_token_info['exp'] == iat + cfg.access_token_expiration
assert access_token_info['renew'] > 0
assert access_token_info['renew'] < 1000.0 * (
cfg.access_token_expiration - cfg.access_token_renew_window)
refresh_token_info = auth.decode_token(auth_info.refresh_token)
assert refresh_token_info['app'] == 'test_app.test'
assert refresh_token_info['id'] == 'id'
assert refresh_token_info['email'] == 'test@email'
assert refresh_token_info['user'] == 'test'
iat = refresh_token_info['iat']
assert refresh_token_info['exp'] == iat + cfg.refresh_token_expiration
assert auth_info.user_info == ContextUserInfo(id='id',
user='******',
email='test@email')
assert auth_info.access_token_expiration == cfg.access_token_expiration
assert auth_info.refresh_token_expiration == cfg.refresh_token_expiration
assert auth_info.renew == access_token_info['renew']
return auth_info
async def refresh(payload: None, context: EventContext) -> AuthInfoExtended:
"""
Returns a new access and refresh tokens, from a request containing a valid refresh token.
"""
assert context.auth_info['allowed']
now = datetime.now().astimezone(timezone.utc)
if context.auth_info['auth_type'] == AuthType.REFRESH:
user_info = ContextUserInfo(
id=context.auth_info['payload']['id'],
user=context.auth_info['payload']['user'],
email=context.auth_info['payload']['email'])
return authorize(context, user_info, now)
raise Unauthorized('Invalid authorization')
async def login(payload: None, context: EventContext) -> AuthInfoExtended:
"""
Returns a new access and refresh token for a set of given basic-auth credentials
"""
assert context.auth_info['allowed']
now = datetime.now(tz=timezone.utc)
if context.auth_info['auth_type'] == AuthType.BASIC:
data = base64.b64decode(context.auth_info['payload'].encode()).decode()
user_info = ContextUserInfo(
id='id',
user=data.split(":")[0], # TODO: Check password!!
email='test@email')
return authorize(context, user_info, now)
raise Unauthorized('Invalid authorization')
async def invoke_login(context: EventContext):
auth_info = await login.login(None, context)
assert auth_info.token_type == 'BEARER'
access_token_info = auth.decode_token(auth_info.access_token)
assert access_token_info['app'] == 'test_app.test'
assert access_token_info['id'] == 'id'
assert access_token_info['email'] == 'test@email'
assert access_token_info['user'] == 'test'
iat = access_token_info['iat']
assert access_token_info[
'exp'] == iat + context.env['auth']['access_token_expiration']
assert access_token_info['renew'] > 0
assert access_token_info['renew'] < 1000.0 * (
int(context.env['auth']['access_token_expiration']) -
int(context.env['auth']['access_token_renew_window']))
refresh_token_info = auth.decode_token(auth_info.refresh_token)
assert refresh_token_info['app'] == 'test_app.test'
assert refresh_token_info['id'] == 'id'
assert refresh_token_info['email'] == 'test@email'
assert refresh_token_info['user'] == 'test'
iat = refresh_token_info['iat']
assert refresh_token_info[
'exp'] == iat + context.env['auth']['refresh_token_expiration']
assert auth_info.user_info == ContextUserInfo(id='id',
user='******',
email='test@email')
assert auth_info.access_token_expiration == context.env['auth'][
'access_token_expiration']
assert auth_info.refresh_token_expiration == context.env['auth'][
'refresh_token_expiration']
assert auth_info.renew == access_token_info['renew']
return auth_info