def create_token(client, user):
'''
Create an OAuthToken and an OAuthRefreshToken entry in the database
Returns the data structure expected by the OAuth clients.
'''
from mediagoblin.plugins.oauth.models import OAuthToken, OAuthRefreshToken
token = OAuthToken()
token.user = user
token.client = client
token.save()
refresh_token = OAuthRefreshToken()
refresh_token.user = user
refresh_token.client = client
refresh_token.save()
# expire time of token in full seconds
# timedelta.total_seconds is python >= 2.7 or we would use that
td = token.expires - datetime.now()
exp_in = 86400*td.days + td.seconds # just ignore µsec
return {'access_token': token.token, 'token_type': 'bearer',
'refresh_token': refresh_token.token, 'expires_in': exp_in}
def create_token(client, user):
'''
Create an OAuthToken and an OAuthRefreshToken entry in the database
Returns the data structure expected by the OAuth clients.
'''
from mediagoblin.plugins.oauth.models import OAuthToken, OAuthRefreshToken
token = OAuthToken()
token.user = user
token.client = client
token.save()
refresh_token = OAuthRefreshToken()
refresh_token.user = user
refresh_token.client = client
refresh_token.save()
# expire time of token in full seconds
# timedelta.total_seconds is python >= 2.7 or we would use that
td = token.expires - datetime.now()
exp_in = 86400 * td.days + td.seconds # just ignore µsec
return {
'access_token': token.token,
'token_type': 'bearer',
'refresh_token': refresh_token.token,
'expires_in': exp_in
}
def access_token(request):
if request.GET.get('code'):
code = OAuthCode.query.filter(OAuthCode.code ==
request.GET.get('code')).first()
if code:
if code.client.type == u'confidential':
client_identifier = request.GET.get('client_id')
if not client_identifier:
return json_response({
'error': 'invalid_request',
'error_description':
'Missing client_id in request'})
client_secret = request.GET.get('client_secret')
if not client_secret:
return json_response({
'error': 'invalid_request',
'error_description':
'Missing client_secret in request'})
if not client_secret == code.client.secret or \
not client_identifier == code.client.identifier:
return json_response({
'error': 'invalid_client',
'error_description':
'The client_id or client_secret does not match the'
' code'})
token = OAuthToken()
token.token = unicode(uuid4())
token.user = code.user
token.client = code.client
token.save()
access_token_data = {
'access_token': token.token,
'token_type': 'bearer',
'expires_in': int(
round(
(token.expires - datetime.now()).total_seconds()))}
return json_response(access_token_data, _disable_cors=True)
else:
return json_response({
'error': 'invalid_request',
'error_description':
'Invalid code'})
else:
return json_response({
'error': 'invalid_request',
'error_descriptin':
'Missing `code` parameter in request'})
def access_token(request):
if request.GET.get("code"):
code = OAuthCode.query.filter(OAuthCode.code == request.GET.get("code")).first()
if code:
if code.client.type == u"confidential":
client_identifier = request.GET.get("client_id")
if not client_identifier:
return json_response(
{"error": "invalid_request", "error_description": "Missing client_id in request"}
)
client_secret = request.GET.get("client_secret")
if not client_secret:
return json_response(
{"error": "invalid_request", "error_description": "Missing client_secret in request"}
)
if not client_secret == code.client.secret or not client_identifier == code.client.identifier:
return json_response(
{
"error": "invalid_client",
"error_description": "The client_id or client_secret does not match the" " code",
}
)
token = OAuthToken()
token.token = unicode(uuid4())
token.user = code.user
token.client = code.client
token.save()
# expire time of token in full seconds
# timedelta.total_seconds is python >= 2.7 or we would use that
td = token.expires - datetime.now()
exp_in = 86400 * td.days + td.seconds # just ignore µsec
access_token_data = {"access_token": token.token, "token_type": "bearer", "expires_in": exp_in}
return json_response(access_token_data, _disable_cors=True)
else:
return json_response({"error": "invalid_request", "error_description": "Invalid code"})
else:
return json_response({"error": "invalid_request", "error_descriptin": "Missing `code` parameter in request"})
