Exemplo n.º 1
0
def update_association(user_id, client_id, refresh_token_str):
    client = get_client(client_id)
    user = get_user(user_id)
    logging.warn('update_associations 1: ' + str(refresh_token_str))
    refresh_token = get_token(client_id, client.secret, refresh_token_str)
    #always check to see if it is confidential or not.
    #it shouldn't be if it's using update_association, but you never know
    #and it's good to have a log message to possible alert the admin that
    #this is going on.
    if client.type.lower() != 'confidential':
        raise ConfidentailError('Client ' + client_id + \
                                ' is not a confidentail client')

    db = DB()
    try:
        key = 'client_association_' + str(user.id)
        if db.contains(key):
            association = db.get(key)
            if client.id in association.clients:
                logging.warn('update_associations 2: ' + str(association.clients[client.id]))
                old_refresh = get_token(client.id, client.secret, association.clients[client.id])
                delete_token(old_refresh.access_token)
                delete_token(old_refresh.code)
                association.clients[client.id] = refresh_token.code
                logging.warn('update_associations 3: ' + str(refresh_token.code) + ', ' + str(association.clients[client.id]))
                db.update(key, association)
                db.commit()
    #except Exception, e:
    #    logging.error('update_associations: ' + str(e))
    #    db.abort()
    finally:
        db.close()

    return False
Exemplo n.º 2
0
def create_access_token_from_refresh_token(refresh_token):
    '''
    We assume that in the getting of the refresh_token,
    before calling this function, the authentication takes place there.
    '''
    
    #disconnect the data reference from the data stored in the DB
    #refresh_token_copy = deepcopy(refresh_token)
    db = DB()
    try:
        #refresh_token = get_token(refresh_token_str)

        #delete old access_token and create a new access_token
        #to replace the old one. refresh_token.access_token is
        #the string code not an AccessToken object
        delete_token(refresh_token.access_token)

    
    
        
        #use the info stored in the refresh_token copy to create a
        #new AccessToken
    
        token = AccessToken(refresh_token.client,
                            refresh_token.user,
                            refresh_token.scope)
        while db.contains(token.code):
            token = AccessToken(refresh_token.client,
                                refresh_token.user,
                                refresh_token.scope)

        
        db.put(token.code, token)
        logging.warn('is a token ' + str(token))
        refresh_token.access_token = token.code
        db.update(refresh_token.code, refresh_token)
        logging.warn('has changed ' + str(refresh_token._p_changed))
        db.commit()

        #return access token string not AccessToken object
        return token.code
    except Exception, e:
        logging.error(''.join(['create_access_token_from_refresh_token: ',
                               str(e)]))
        db.abort()
Exemplo n.º 3
0
                             scope=auth_code.scope)
        while db.contains(token.code):
            token = RefreshToken(access_token,
                                 auth_code.client,
                                 auth_code.user,
                                 scope=auth_code.scope)
        db.put(token.code, token)
        db.commit()
        
        return token.code
    except Exception, e:
        logging.error(''.join(['create_refresh_token_from_code ', str(e)]))
        db.abort()
    finally:
        db.close()
        delete_token(auth_code)

    return False


def create_refresh_token_from_user_pass(client_id,
                                        client_secret,
                                        user_id,
                                        password,
                                        scope,
                                        access_token):
    try:
        client = None
        if client_id != None:
            client = get_client(client_id)
        else: