Exemplos de RefreshToken.access_token em Python

Exemplo n.º 1

    def save_bearer_token(self, token, request, *args, **kwargs):
        """
        It's messy. It is 90% code from parent function. I didn't find a way to reduce it.
        I tried and I failed :'(
        Sin Count += 1
        Save access and refresh token, If refresh token is issued, remove old refresh tokens as
        in rfc:`6`
        """
        if request.refresh_token:
            # remove used refresh token
            # Copied as is from parent. I don't know why they're even caring to delete this! - Dheerendra
            try:
                RefreshToken.objects.get(token=request.refresh_token).revoke()
            except RefreshToken.DoesNotExist:
                assert (
                )  # TODO though being here would be very strange, at least log the error

        expires = timezone.now() + timedelta(
            seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
        token['expires_in'] = oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS

        if request.response_type == 'token':
            expires = timezone.now() + timedelta(
                seconds=settings.IMPLICIT_ACCESS_TOKEN_EXPIRES_SECONDS)
            token[
                'expires_in'] = settings.IMPLICIT_ACCESS_TOKEN_EXPIRES_SECONDS

        if request.grant_type == 'client_credentials':
            request.user = None

        access_token = AccessToken(user=request.user,
                                   scope=token['scope'],
                                   expires=expires,
                                   token=token['access_token'],
                                   application=request.client)
        access_token.save()

        if 'refresh_token' in token:
            refresh_token = RefreshToken(
                user=request.user,
                token=token['refresh_token'],
                application=request.client,
            )
            if request.grant_type == 'authorization_code':
                refresh_tokens = RefreshToken.objects.all().filter(
                    user=request.user,
                    application=request.client).order_by('-id')
                if len(refresh_tokens) > 0:
                    refresh_token = refresh_tokens[0]
                    # Delete the old access_token
                    refresh_token.access_token.delete()
                    if len(refresh_tokens) > 1:
                        # Enforce 1 token pair. Delete all old refresh_tokens
                        RefreshToken.objects.exclude(
                            pk=refresh_token.id).delete()

            refresh_token.access_token = access_token
            refresh_token.save()
            token['refresh_token'] = refresh_token.token
            token['groups'] = request.user.groups

Exemplo n.º 2

Arquivo: validators.py Projeto: Anay14/ldap-oauth2

    def save_bearer_token(self, token, request, *args, **kwargs):
        """
        It's messy. It is 90% code from parent function. I didn't find a way to reduce it.
        I tried and I failed :'(
        Sin Count += 1


        Save access and refresh token, If refresh token is issued, remove old refresh tokens as
        in rfc:`6`
        """
        if request.refresh_token:
            # remove used refresh token
            # Copied as is from parent. I don't know why they're even caring to delete this! - Dheerendra
            try:
                RefreshToken.objects.get(token=request.refresh_token).revoke()
            except RefreshToken.DoesNotExist:
                assert ()  # TODO though being here would be very strange, at least log the error

        expires = timezone.now() + timedelta(seconds=oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS)
        token['expires_in'] = oauth2_settings.ACCESS_TOKEN_EXPIRE_SECONDS

        if request.response_type == 'token':
            expires = timezone.now() + timedelta(seconds=settings.IMPLICIT_ACCESS_TOKEN_EXPIRES_SECONDS)
            token['expires_in'] = settings.IMPLICIT_ACCESS_TOKEN_EXPIRES_SECONDS

        if request.grant_type == 'client_credentials':
            request.user = None

        access_token = AccessToken(
            user=request.user,
            scope=token['scope'],
            expires=expires,
            token=token['access_token'],
            application=request.client)
        access_token.save()

        if 'refresh_token' in token:
            refresh_token = RefreshToken(
                user=request.user,
                token=token['refresh_token'],
                application=request.client,
            )
            if request.grant_type == 'authorization_code':
                refresh_tokens = RefreshToken.objects.all().filter(user=request.user,
                                                                   application=request.client).order_by('-id')
                if len(refresh_tokens) > 0:
                    refresh_token = refresh_tokens[0]
                    # Delete the old access_token
                    refresh_token.access_token.delete()
                    if len(refresh_tokens) > 1:
                        # Enforce 1 token pair. Delete all old refresh_tokens
                        RefreshToken.objects.exclude(pk=refresh_token.id).delete()

            refresh_token.access_token = access_token
            refresh_token.save()
            token['refresh_token'] = refresh_token.token