def generate_refresh_token(context, duration=TWO_MINUTES):
refresh_token = AuthenticationToken(
context.client_config['REFRESH_SECRET'], duration)
account = context.accounts[context.username]
refresh_token.generate(account.id)
return refresh_token
def generate_access_token(context, duration=ONE_MINUTE):
access_token = AuthenticationToken(context.client_config['ACCESS_SECRET'],
duration)
account = context.accounts[context.username]
access_token.generate(account.id)
return access_token
def _validate_token(self):
auth_token = AuthenticationToken(self.config['RESET_SECRET'],
duration=0)
auth_token.jwt = self.request.json['token']
auth_token.validate()
return dict(account_id=auth_token.account_id,
token_expired=auth_token.is_expired,
token_invalid=not auth_token.is_valid)
def check_for_new_cookies(context):
validate_token_cookies(context)
assert_that(context.refresh_token,
is_not(equal_to(context.old_refresh_token)))
refresh_token = AuthenticationToken(
context.client_config["REFRESH_SECRET"], 0)
refresh_token.jwt = context.refresh_token
refresh_token.validate()
assert_that(refresh_token.is_valid, equal_to(True), "refresh token valid")
assert_that(refresh_token.is_expired, equal_to(False),
"refresh token expired")
assert_that(refresh_token.account_id, equal_to(context.accounts["foo"].id))
def _init_refresh_token(self):
return AuthenticationToken(
self.config['REFRESH_SECRET'],
ONE_MONTH
)
def _init_access_token(self):
return AuthenticationToken(
self.config['ACCESS_SECRET'],
FIFTEEN_MINUTES
)
def _generate_reset_token(self):
reset_token = AuthenticationToken(self.config['RESET_SECRET'],
ONE_HOUR)
reset_token.generate(self.account.id)
return reset_token.jwt