Python RevokedTokenError示例

示例#1

def verify_token_not_blacklisted(decoded_token, request_type):
    if not config.blacklist_enabled:
        return
    if not has_token_in_blacklist_callback():
        raise RuntimeError("A token_in_blacklist_callback must be provided via "
                           "the '@token_in_blacklist_loader' if "
                           "JWT_BLACKLIST_ENABLED is True")
    if config.blacklist_access_tokens and request_type == 'access':
        if token_in_blacklist(decoded_token):
            raise RevokedTokenError('Token has been revoked')
    if config.blacklist_refresh_tokens and request_type == 'refresh':
        if token_in_blacklist(decoded_token):
            raise RevokedTokenError('Token has been revoked')

示例#2

文件： view_decorators.py 项目： kozubulyana/SevenWondersRefactoring

def _decode_jwt_from_request(request_type):
    # We have three cases here, having jwts in both cookies and headers is
    # valid, or the jwt can only be saved in one of cookies or headers. Check
    # all cases here.
    if config.jwt_in_cookies and config.jwt_in_headers:
        try:
            decoded_token = _decode_jwt_from_cookies(request_type)
        except NoAuthorizationError:
            try:
                decoded_token = _decode_jwt_from_headers()
            except NoAuthorizationError:
                raise NoAuthorizationError(
                    "Missing JWT in headers and cookies")
    elif config.jwt_in_headers:
        decoded_token = _decode_jwt_from_headers()
    else:
        decoded_token = _decode_jwt_from_cookies(request_type)

    # Make sure the type of token we received matches the request type we expect
    if decoded_token['type'] != request_type:
        raise WrongTokenError(
            'Only {} tokens can access this endpoint'.format(request_type))

    # If blacklisting is enabled, see if this token has been revoked
    if _token_blacklisted(decoded_token, request_type):
        raise RevokedTokenError('Token has been revoked')

    return decoded_token

示例#3

def check_if_token_revoked(token):
    """
    Checks if the given token has been revoked.
    """
    store = config.blacklist_store
    check_type = config.blacklist_checks
    token_type = token['type']
    jti = token['jti']

    # Only check access tokens if BLACKLIST_TOKEN_CHECKS is set to 'all`
    if token_type == 'access' and check_type == 'all':
        stored_data = json.loads(store.get(jti).decode('utf-8'))
        if stored_data['revoked']:
            raise RevokedTokenError('Token has been revoked')

    # Always check refresh tokens
    if token_type == 'refresh':
        stored_data = json.loads(store.get(jti).decode('utf-8'))
        if stored_data['revoked']:
            raise RevokedTokenError('Token has been revoked')

示例#4

文件： internal_utils.py 项目： Yasir323/Python-Practice

def verify_token_not_blocklisted(jwt_header, jwt_data):
    jwt_manager = get_jwt_manager()
    if jwt_manager._token_in_blocklist_callback(jwt_header, jwt_data):
        raise RevokedTokenError(jwt_header, jwt_data)

示例#5

文件： test_errors.py 项目： NewAcropolis/api

 def revoked_token():
     raise RevokedTokenError("Revoked token error")