def parse_token(self, data):
token = SocialToken(token=data["access_token"])
token.token_secret = data.get("refresh_token", "")
expires_in = data.get(self.expires_in_key, None)
if expires_in:
token.expires_at = timezone.now() + timedelta(seconds=int(expires_in))
return token
def parse_token(self, data):
token = SocialToken(token=data['access_token'])
token.token_secret = data.get('refresh_token', '')
expires_in = data.get(self.expires_in_key, None)
if expires_in:
token.expires_at = timezone.now() + timedelta(seconds=int(expires_in))
return token
def parse_token(self, data, app=None):
# parse token header and get relevant public key
unverified_header, unverified_claims = jwt.process_jwt(
data['id_token'])
public_key = self.get_public_key(unverified_header.get('kid'))
# verify signature, iat, exp
header, claims = jwt.verify_jwt(data['id_token'],
public_key, ['RS256'],
timedelta(minutes=1),
checks_optional=True)
# Verify we are the intended audience for the token
intended_audiences = [self.intended_aud]
if app is not None:
intended_audiences.append(app.client_id)
if claims.get('aud') is not None and claims.get(
'aud') not in intended_audiences:
raise OAuth2Error(
"JWT aud {} does not match intended audience {}".format(
claims.get('aud'), self.intended_aud))
social_token = SocialToken(token=data['id_token'])
social_token.expires_at = datetime.fromtimestamp(claims['iat'],
tz=timezone.utc)
return social_token
def post(self, request):
serializer = OAuthTokenSerializer(data=request.data)
non_field_error_key = getattr(
settings, "NON_FIELD_ERRORS_KEY", "non_field_errors"
)
provider = self.provider(request)
err_r = JsonResponse({non_field_error_key: {"error": "Access token invalid"}})
if not serializer.is_valid():
return err_r
data = serializer.validated_data
# Create the token
# from allauth.socialaccount.providers.oauth2.views.OAuth2Adapter.parse_token
token = SocialToken(token=data["access_token"])
token.token_secret = data.get("refresh_token", "")
token.app = provider.get_app(request)
expires_in = data.get(self.expires_in_key, None)
if expires_in:
token.expires_at = timezone.now() + timedelta(seconds=int(expires_in))
# Verify the access token works
resp = requests.get(
self.profile_url,
params={"access_token": token.token, "alt": "json"},
)
if resp.status_code > 299:
# We've got a problem
return err_r
extra_data = resp.json()
login = provider.sociallogin_from_response(request, extra_data)
login.lookup()
if not login.is_existing:
login.save(request)
# Create SimpleJWT tokens for consumer authentication purposes
simple_token = RefreshToken.for_user(login.user)
def save_info_in_simple_token(_token):
_token["provider_id"] = provider.id
_token["provider_access_token"] = data["access_token"]
_token["provider_refresh_token"] = token.token_secret
return str(_token)
return JsonResponse(
{
"access_token": save_info_in_simple_token(simple_token.access_token),
"refresh_token": save_info_in_simple_token(simple_token),
}
)
def parse_token(self, data):
token = SocialToken(token=data["access_token"], )
token.token_secret = data.get("refresh_token", "")
expires_in = data.get(self.expires_in_key)
if expires_in:
token.expires_at = timezone.now() + timedelta(
seconds=int(expires_in))
# `user_data` is a big flat dictionary with the parsed JWT claims
# access_tokens, and user info from the apple post.
identity_data = self.get_verified_identity_data(data["id_token"])
token.user_data = {**data, **identity_data}
return token
def parse_token(self, data):
"""
data: access_token data from line
"""
settings = app_settings.PROVIDERS.get(self.provider_id, {})
if "email" in settings.get("SCOPE", ""):
token = SocialToken(token=data["id_token"])
else:
token = SocialToken(token=data["access_token"])
token.token_secret = data.get("refresh_token", "")
expires_in = data.get(self.expires_in_key, None)
if expires_in:
token.expires_at = timezone.now() + timedelta(
seconds=int(expires_in))
return token
def parse_token(self, data):
token = SocialToken(token=data["access_token"])
token.token_secret = data.get("refresh_token", "")
public_key = self.get_public_key(data["id_token"])
provider = self.get_provider()
client_id = self.get_client_id(provider)
token.user_data = jwt.decode(
data["id_token"],
public_key,
algorithm="RS256",
verify=True,
audience=client_id,
)
token.user_data["first_name"] = data.get("first_name", "")
token.user_data["last_name"] = data.get("last_name", "")
expires_in = data.get(self.expires_in_key, None)
if expires_in:
token.expires_at = timezone.now() + timedelta(
seconds=int(expires_in))
return token