def validate_code(self, client_id, code, client, request, *args, **kwargs):
# Validate the code belongs to the client. Add associated scopes,
# state and user to request.scopes, request.state and request.user.
client = Client.objects(client_id=client_id).first()
client_code = Code.objects(client=client).first()
valid = client_code.code == code
if valid and client_code.expires_at > get_utc_time():
request.scopes = client_code.scopes
request.user = client_code.user
request.state = client_code.state
return True
return False
def validate_code(self, client_id, code, client, request, *args, **kwargs):
# Validate the code belongs to the client. Add associated scopes,
# state and user to request.scopes, request.state and request.user.
client = Client.objects(client_id=client_id).first()
client_code = Code.objects(client=client).first()
valid = client_code.code == code
if valid and client_code.expires_at > get_utc_time():
request.scopes = client_code.scopes
request.user = client_code.user
request.state = client_code.state
return True
return False
def save_authorization_code(self, client_id, code, request, *args,
**kwargs):
# Remember to associate it with request.scopes, request.redirect_uri
# request.client, request.state and request.user (the last is passed in
# post_authorization credentials, i.e. { 'user': request.user}.
client = Client.objects(client_id=client_id).first()
Code(client=client,
user=request.user,
state=request.state,
code=code['code'],
scopes=request.scopes,
redirect_uri=request.redirect_uri,
expires_at=get_utc_time(CODE_EXPIRE_TIME)).save()
def invalidate_authorization_code(self, client_id, code, request, *args,
**kwargs):
# Authorization codes are use once, invalidate it when a Bearer token
# has been acquired.
Code.objects(code=code).delete()
def confirm_redirect_uri(self, client_id, code, redirect_uri, client,
*args, **kwargs):
# You did save the redirect uri with the authorization code right?
c = Code.objects(code=code, client=client).first()
uri = get_auth_base_uri() + redirect_uri
return c.redirect_uri == redirect_uri or uri == c.redirect_uri
def invalidate_authorization_code(self, client_id, code, request,
*args, **kwargs):
# Authorization codes are use once, invalidate it when a Bearer token
# has been acquired.
Code.objects(code=code).delete()
def confirm_redirect_uri(self, client_id, code, redirect_uri, client,
*args, **kwargs):
# You did save the redirect uri with the authorization code right?
c = Code.objects(code=code, client=client).first()
uri = get_auth_base_uri() + redirect_uri
return c.redirect_uri == redirect_uri or uri == c.redirect_uri