def parse_token(self, data): token = SocialToken(token=data["access_token"]) token.token_secret = data.get("refresh_token", "") expires_in = data.get(self.expires_in_key, None) if expires_in: token.expires_at = timezone.now() + timedelta(seconds=int(expires_in)) return token
def parse_token(self, data): token = SocialToken(token=data['access_token']) token.token_secret = data.get('refresh_token', '') expires_in = data.get(self.expires_in_key, None) if expires_in: token.expires_at = timezone.now() + timedelta(seconds=int(expires_in)) return token
def parse_token(self, data, app=None): # parse token header and get relevant public key unverified_header, unverified_claims = jwt.process_jwt( data['id_token']) public_key = self.get_public_key(unverified_header.get('kid')) # verify signature, iat, exp header, claims = jwt.verify_jwt(data['id_token'], public_key, ['RS256'], timedelta(minutes=1), checks_optional=True) # Verify we are the intended audience for the token intended_audiences = [self.intended_aud] if app is not None: intended_audiences.append(app.client_id) if claims.get('aud') is not None and claims.get( 'aud') not in intended_audiences: raise OAuth2Error( "JWT aud {} does not match intended audience {}".format( claims.get('aud'), self.intended_aud)) social_token = SocialToken(token=data['id_token']) social_token.expires_at = datetime.fromtimestamp(claims['iat'], tz=timezone.utc) return social_token
def post(self, request): serializer = OAuthTokenSerializer(data=request.data) non_field_error_key = getattr( settings, "NON_FIELD_ERRORS_KEY", "non_field_errors" ) provider = self.provider(request) err_r = JsonResponse({non_field_error_key: {"error": "Access token invalid"}}) if not serializer.is_valid(): return err_r data = serializer.validated_data # Create the token # from allauth.socialaccount.providers.oauth2.views.OAuth2Adapter.parse_token token = SocialToken(token=data["access_token"]) token.token_secret = data.get("refresh_token", "") token.app = provider.get_app(request) expires_in = data.get(self.expires_in_key, None) if expires_in: token.expires_at = timezone.now() + timedelta(seconds=int(expires_in)) # Verify the access token works resp = requests.get( self.profile_url, params={"access_token": token.token, "alt": "json"}, ) if resp.status_code > 299: # We've got a problem return err_r extra_data = resp.json() login = provider.sociallogin_from_response(request, extra_data) login.lookup() if not login.is_existing: login.save(request) # Create SimpleJWT tokens for consumer authentication purposes simple_token = RefreshToken.for_user(login.user) def save_info_in_simple_token(_token): _token["provider_id"] = provider.id _token["provider_access_token"] = data["access_token"] _token["provider_refresh_token"] = token.token_secret return str(_token) return JsonResponse( { "access_token": save_info_in_simple_token(simple_token.access_token), "refresh_token": save_info_in_simple_token(simple_token), } )
def parse_token(self, data): token = SocialToken(token=data["access_token"], ) token.token_secret = data.get("refresh_token", "") expires_in = data.get(self.expires_in_key) if expires_in: token.expires_at = timezone.now() + timedelta( seconds=int(expires_in)) # `user_data` is a big flat dictionary with the parsed JWT claims # access_tokens, and user info from the apple post. identity_data = self.get_verified_identity_data(data["id_token"]) token.user_data = {**data, **identity_data} return token
def parse_token(self, data): """ data: access_token data from line """ settings = app_settings.PROVIDERS.get(self.provider_id, {}) if "email" in settings.get("SCOPE", ""): token = SocialToken(token=data["id_token"]) else: token = SocialToken(token=data["access_token"]) token.token_secret = data.get("refresh_token", "") expires_in = data.get(self.expires_in_key, None) if expires_in: token.expires_at = timezone.now() + timedelta( seconds=int(expires_in)) return token
def parse_token(self, data): token = SocialToken(token=data["access_token"]) token.token_secret = data.get("refresh_token", "") public_key = self.get_public_key(data["id_token"]) provider = self.get_provider() client_id = self.get_client_id(provider) token.user_data = jwt.decode( data["id_token"], public_key, algorithm="RS256", verify=True, audience=client_id, ) token.user_data["first_name"] = data.get("first_name", "") token.user_data["last_name"] = data.get("last_name", "") expires_in = data.get(self.expires_in_key, None) if expires_in: token.expires_at = timezone.now() + timedelta( seconds=int(expires_in)) return token