def _get_bearer_token(self): auth = request.headers.get("Authorization") try: auth_scheme, bearer_token = require_split(auth, 2) require(auth_scheme.lower() == "bearer") return OAuth2AccessToken.get_token(bearer_token) except RequirementException: self._auth_error(400, "invalid_request")
def POST_access_token(self, grant_type, code, redirect_uri): """ Exchange an [OAuth 2.0](http://oauth.net/2/) authorization code (from [/api/v1/authorize](#api_method_authorize)) for an access token. On success, returns a URL-encoded dictionary containing **access_token**, **token_type**, **expires_in**, and **scope**. If there is a problem, an **error** parameter will be returned instead. Must be called using SSL, and must contain a HTTP `Authorization:` header which contains the application's client identifier as the username and client secret as the password. (The client id and secret are visible on the [app preferences page](/prefs/apps).) Per the OAuth specification, **grant_type** must be ``authorization_code`` and **redirect_uri** must exactly match the value that was used in the call to [/api/v1/authorize](#api_method_authorize). """ resp = {} if not c.errors: auth_token = OAuth2AuthorizationCode.use_token( code, c.oauth2_client._id, redirect_uri) if auth_token: access_token = OAuth2AccessToken._new(auth_token.user_id, auth_token.scope) resp["access_token"] = access_token._id resp["token_type"] = access_token.token_type resp["expires_in"] = access_token._ttl resp["scope"] = auth_token.scope else: resp["error"] = "invalid_grant" else: if (errors.INVALID_OPTION, "grant_type") in c.errors: resp["error"] = "unsupported_grant_type" elif (errors.INVALID_OPTION, "scope") in c.errors: resp["error"] = "invalid_scope" else: resp["error"] = "invalid_request" return self.api_wrapper(resp)
def POST_access_token(self, grant_type, code, redirect_uri): """ Exchange an [OAuth 2.0](http://oauth.net/2/) authorization code (from [/api/v1/authorize](#api_method_authorize)) for an access token. On success, returns a URL-encoded dictionary containing **access_token**, **token_type**, **expires_in**, and **scope**. If there is a problem, an **error** parameter will be returned instead. Must be called using SSL, and must contain a HTTP `Authorization:` header which contains the application's client identifier as the username and client secret as the password. (The client id and secret are visible on the [app preferences page](/prefs/apps).) Per the OAuth specification, **grant_type** must be ``authorization_code`` and **redirect_uri** must exactly match the value that was used in the call to [/api/v1/authorize](#api_method_authorize). """ resp = {} if not c.errors: auth_token = OAuth2AuthorizationCode.use_token(code, c.oauth2_client._id, redirect_uri) if auth_token: access_token = OAuth2AccessToken._new(auth_token.user_id, auth_token.scope) resp["access_token"] = access_token._id resp["token_type"] = access_token.token_type resp["expires_in"] = access_token._ttl resp["scope"] = auth_token.scope else: resp["error"] = "invalid_grant" else: if (errors.INVALID_OPTION, "grant_type") in c.errors: resp["error"] = "unsupported_grant_type" elif (errors.INVALID_OPTION, "scope") in c.errors: resp["error"] = "invalid_scope" else: resp["error"] = "invalid_request" return self.api_wrapper(resp)
def POST_access_token(self, grant_type, code, redirect_uri): resp = {} if not c.errors: auth_token = OAuth2AuthorizationCode.use_token(code, c.oauth2_client._id, redirect_uri) if auth_token: access_token = OAuth2AccessToken._new(auth_token.user_id, auth_token.scope) resp["access_token"] = access_token._id resp["token_type"] = access_token.token_type resp["expires_in"] = access_token._ttl resp["scope"] = auth_token.scope else: resp["error"] = "invalid_grant" else: if (errors.INVALID_OPTION, "grant_type") in c.errors: resp["error"] = "unsupported_grant_type" elif (errors.INVALID_OPTION, "scope") in c.errors: resp["error"] = "invalid_scope" else: resp["error"] = "invalid_request" return self.api_wrapper(resp)
def POST_access_token(self, grant_type, code, redirect_uri): resp = {} if not c.errors: auth_token = OAuth2AuthorizationCode.use_token( code, c.oauth2_client._id, redirect_uri) if auth_token: access_token = OAuth2AccessToken._new(auth_token.user_id, auth_token.scope) resp["access_token"] = access_token._id resp["token_type"] = access_token.token_type resp["expires_in"] = access_token._ttl resp["scope"] = auth_token.scope else: resp["error"] = "invalid_grant" else: if (errors.INVALID_OPTION, "grant_type") in c.errors: resp["error"] = "unsupported_grant_type" elif (errors.INVALID_OPTION, "scope") in c.errors: resp["error"] = "invalid_scope" else: resp["error"] = "invalid_request" return self.api_wrapper(resp)