def __init__(self, oauth_validator, user_svc, domain):
self.oauth_validator = oauth_validator
auth_code_grant = AuthorizationCodeGrant(oauth_validator)
jwt_auth_grant = JWTAuthorizationGrant(oauth_validator, user_svc,
domain)
refresh_grant = RefreshTokenGrant(oauth_validator)
refresh_grant.custom_validators.pre_token.append(
self.load_client_id_from_refresh_token)
bearer = BearerToken(
oauth_validator,
token_generator=self.generate_access_token,
expires_in=ACCESS_TOKEN_TTL,
refresh_token_generator=self.generate_refresh_token,
refresh_token_expires_in=REFRESH_TOKEN_TTL)
AuthorizationEndpoint.__init__(
self,
default_response_type='code',
response_types={'code': auth_code_grant},
default_token_type=bearer)
TokenEndpoint.__init__(
self,
default_grant_type='authorization_code',
grant_types={
'authorization_code': auth_code_grant,
'refresh_token': refresh_grant,
'urn:ietf:params:oauth:grant-type:jwt-bearer': jwt_auth_grant,
},
default_token_type=bearer)
RevocationEndpoint.__init__(self, oauth_validator)
def __init__(self, oauth_validator, user_svc, domain):
self.oauth_validator = oauth_validator
auth_code_grant = AuthorizationCodeGrant(oauth_validator)
jwt_auth_grant = JWTAuthorizationGrant(oauth_validator, user_svc, domain)
refresh_grant = RefreshTokenGrant(oauth_validator)
refresh_grant.custom_validators.pre_token.append(self.load_client_id_from_refresh_token)
bearer = BearerToken(oauth_validator,
token_generator=self.generate_access_token,
expires_in=ACCESS_TOKEN_TTL,
refresh_token_generator=self.generate_refresh_token,
refresh_token_expires_in=REFRESH_TOKEN_TTL)
AuthorizationEndpoint.__init__(self,
default_response_type='code',
response_types={'code': auth_code_grant},
default_token_type=bearer)
TokenEndpoint.__init__(self, default_grant_type='authorization_code',
grant_types={
'authorization_code': auth_code_grant,
'refresh_token': refresh_grant,
'urn:ietf:params:oauth:grant-type:jwt-bearer': jwt_auth_grant,
},
default_token_type=bearer)
RevocationEndpoint.__init__(self, oauth_validator)
def __init__(self,
request_validator,
token_expires_in=None,
token_generator=None,
refresh_token_generator=None,
*args,
**kwargs):
"""Construct a new all-grants-in-one server.
:param request_validator: An implementation of
oauthlib.oauth2.RequestValidator.
:param token_expires_in: An int or a function to generate a token
expiration offset (in seconds) given a
oauthlib.common.Request object.
:param token_generator: A function to generate a token from a request.
:param refresh_token_generator: A function to generate a token from a
request for the refresh token.
:param kwargs: Extra parameters to pass to authorization-,
token-, resource-, and revocation-endpoint constructors.
"""
auth_grant = AuthorizationCodeGrant(request_validator)
implicit_grant = ImplicitGrant(request_validator)
password_grant = ResourceOwnerPasswordCredentialsGrant(
request_validator)
facebook_grant = FacebookGrant(request_validator)
credentials_grant = ClientCredentialsGrant(request_validator)
refresh_grant = RefreshTokenGrant(request_validator)
bearer = BearerToken(request_validator, token_generator,
token_expires_in, refresh_token_generator)
AuthorizationEndpoint.__init__(self,
default_response_type='code',
response_types={
'code': auth_grant,
'token': implicit_grant,
},
default_token_type=bearer)
TokenEndpoint.__init__(self,
default_grant_type='authorization_code',
grant_types={
'authorization_code': auth_grant,
'password': password_grant,
'facebook': facebook_grant,
'client_credentials': credentials_grant,
'refresh_token': refresh_grant,
},
default_token_type=bearer)
ResourceEndpoint.__init__(self,
default_token='Bearer',
token_types={'Bearer': bearer})
RevocationEndpoint.__init__(self, request_validator)
def __init__(self, request_validator, token_expires_in=None,
token_generator=None, refresh_token_generator=None,
*args, **kwargs):
"""Construct a new all-grants-in-one server.
:param request_validator: An implementation of
oauthlib.oauth2.RequestValidator.
:param token_expires_in: An int or a function to generate a token
expiration offset (in seconds) given a
oauthlib.common.Request object.
:param token_generator: A function to generate a token from a request.
:param refresh_token_generator: A function to generate a token from a
request for the refresh token.
:param kwargs: Extra parameters to pass to authorization-,
token-, resource-, and revocation-endpoint constructors.
"""
auth_grant = AuthorizationCodeGrant(request_validator)
implicit_grant = ImplicitGrant(request_validator)
password_grant = ResourceOwnerPasswordCredentialsGrant(
request_validator)
facebook_grant = FacebookGrant(request_validator)
credentials_grant = ClientCredentialsGrant(request_validator)
refresh_grant = RefreshTokenGrant(request_validator)
bearer = BearerToken(request_validator, token_generator,
token_expires_in, refresh_token_generator)
AuthorizationEndpoint.__init__(self, default_response_type='code',
response_types={
'code': auth_grant,
'token': implicit_grant,
},
default_token_type=bearer)
TokenEndpoint.__init__(self, default_grant_type='authorization_code',
grant_types={
'authorization_code': auth_grant,
'password': password_grant,
'facebook': facebook_grant,
'client_credentials': credentials_grant,
'refresh_token': refresh_grant,
},
default_token_type=bearer)
ResourceEndpoint.__init__(self, default_token='Bearer',
token_types={'Bearer': bearer})
RevocationEndpoint.__init__(self, request_validator)
def __init__(self, request_validator, token_expires_in=None,
token_generator=None, refresh_token_generator=None,
*args, **kwargs):
"""Construct a new all-grants-in-one server.
:param request_validator: An implementation of
oauthlib.oauth2.RequestValidator.
:param token_expires_in: An int or a function to generate a token
expiration offset (in seconds) given a
oauthlib.common.Request object.
:param token_generator: A function to generate a token from a request.
:param refresh_token_generator: A function to generate a token from a
request for the refresh token.
:param kwargs: Extra parameters to pass to authorization-,
token-, resource-, and revocation-endpoint constructors.
"""
auth_grant = AuthorizationCodeGrant(request_validator)
implicit_grant = ImplicitGrant(request_validator)
password_grant = ResourceOwnerPasswordCredentialsGrant(
request_validator)
credentials_grant = ClientCredentialsGrant(request_validator)
refresh_grant = RefreshTokenGrant(request_validator)
openid_connect_auth = OpenIDConnectAuthCode(request_validator)
openid_connect_implicit = OpenIDConnectImplicit(request_validator)
bearer = BearerToken(request_validator, token_generator,
token_expires_in, refresh_token_generator)
auth_grant_choice = AuthCodeGrantDispatcher(
default_auth_grant=auth_grant,
oidc_auth_grant=openid_connect_auth)
# See http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#Combinations for valid combinations # noqa
# internally our AuthorizationEndpoint will ensure they can appear in any order for any valid combination # noqa
AuthorizationEndpoint.__init__(
self,
default_response_type='code',
response_types={
'code': auth_grant_choice,
'token': implicit_grant,
'id_token': openid_connect_implicit,
'id_token token': openid_connect_implicit,
'code token': openid_connect_auth,
'code id_token': openid_connect_auth,
'code token id_token': openid_connect_auth,
'none': auth_grant
},
default_token_type=bearer)
TokenEndpoint.__init__(
self,
default_grant_type='authorization_code',
grant_types={
'authorization_code': openid_connect_auth,
'password': password_grant,
'client_credentials': credentials_grant,
'refresh_token': refresh_grant,
'openid': openid_connect_auth
},
default_token_type=bearer)
ResourceEndpoint.__init__(
self,
default_token='Bearer',
token_types={'Bearer': bearer})
RevocationEndpoint.__init__(self, request_validator)
