def test_validate_authorization_request_unsafe_query(self):
auth_headers = {
"HTTP_AUTHORIZATION": "Bearer " + "a_casual_token",
}
request = self.factory.get("/fake-resource?next=/fake", **auth_headers)
oauthlib_core = get_oauthlib_core()
oauthlib_core.verify_request(request, scopes=[])
def test_validate_authorization_request_unsafe_query(self):
auth_headers = {
"HTTP_AUTHORIZATION": "Bearer " + "a_casual_token",
}
request = self.factory.get("/fake-resource?next=/fake", **auth_headers)
oauthlib_core = get_oauthlib_core()
oauthlib_core.verify_request(request, scopes=[])
def authenticate(self, request):
"""
Returns two-tuple of (user, token) if authentication succeeds,
or None otherwise.
"""
if request.method == 'OPTIONS':
return None
oauthlib_core = get_oauthlib_core()
valid, r = oauthlib_core.verify_request(request, scopes=[])
if valid:
return r.user, r.access_token
else:
auth_header = get_authorization_header(request).split()
if not auth_header or len(auth_header) != 2:
return None
token = auth_header[1]
auth_cache = caches['auth']
key = 'auth:access_token:{token}:refresh_token'.format(token=token.decode("utf-8"))
cached_refresh_token = auth_cache.get(key)
if cached_refresh_token:
raise TokenExpire
return None
