Пример #1
0
 def handle_request(self, auth, path, get_vars, post_vars):
     if path == "login":
         # WIP
         client_id = request.get("client_id")
         info = {}  # retrieve the user info upon login
         code = jwt.encode(info, self.secret + client_id, algorithm="HS256")
     elif path == "callback":
         db = self.auth.db
         code = (get_vars.get("code"),)
         client_id = (get_vars.get("client_id"),)
         client_secret = (get_vars.get("client_secret"),)
         redirect_uri = (get_vars.get("callback_url"),)
         grant_type = get_vars.get("grant_type")
         if (
             not grant_type == "authorization_code"
             or not hashlib.sha1(client_secret).hexdigest() == client_id
             or not db(db.oauth2.client_secret == client_secret).count()
         ):
             raise HTTP(404)
         info = jwt.decode(code, self.secret + client_id, algorithms=["HS256"])
         access_token = jwt.encode(info, self.secret, algorithm="HS256")
         return dict(access_token=access_token)
     elif path == "profile":
         access_token = request.environ.get("HTTP_AUTHORIZATION", "")[7:]
         info = jwt.decode(access_token, self.secret, algorithms=self.algorithms)
         return info
     else:
         raise HTTP(404)
Пример #2
0
 def handle_request(self, auth, path, get_vars, post_vars):
     if path == 'login':
         # WIP
         client_id = request.get('client_id')
         info = {}  # retrieve the user info upon login
         code = jwt.encode(info, self.secret + client_id, algorithm='HS256')
     elif path == 'callback':
         db = self.auth.db
         code = get_vars.get('code'),
         client_id = get_vars.get('client_id'),
         client_secret = get_vars.get('client_secret'),
         redirect_uri = get_vars.get('callback_url'),
         grant_type = get_vars.get('grant_type')
         if (not grant_type == 'authorization_code'
                 or not hashlib.sha1(client_secret).hexdigest() == client_id
                 or
                 not db(db.oauth2.client_secret == client_secret).count()):
             abort(404)
         info = jwt.decode(code,
                           self.secret + client_id,
                           algorithms=['HS256'])
         access_token = jwt.encode(info, self.secret, algorithm='HS256')
         return dict(access_token=access_token)
     elif path == 'profile':
         access_token = request.environ.get('HTTP_AUTHORIZATION', '')[7:]
         info = jwt.decode(access_token, self.secret, algorithms=['HS256'])
         return info
     else:
         abort(404)