metaeducation: comparison oauth/oauth.py

equal deleted inserted replaced

-:8bc8b208441d
+:4407b131a70e
 class Client(db.Model):
 client_id = db.Column(db.String(40), primary_key=True)
 client_secret = db.Column(db.String(55), nullable=False)
+client_type = db.Column(db.String(12), nullable=False, default='public')
+user_id = db.Column(db.ForeignKey('user.id'))
+user = db.relationship('User')
 _redirect_uris = db.Column(db.Text)
 _default_scopes = db.Column(db.Text)
-@property
-def client_type(self):
-return 'public'
 @property
 def redirect_uris(self):
 if self._redirect_uris:
 return self._redirect_uris.split()
 # currently only bearer is supported
 token_type = db.Column(db.String(40))
 access_token = db.Column(db.String(255), unique=True)
-refresh_token = db.Column(db.String(255), unique=True)
+refresh_token = db.Column(db.String(255), unique=True, nullable=True)
 expires = db.Column(db.DateTime)
 _scopes = db.Column(db.Text)
 @property
 def scopes(self):
 def current_user():
 if 'id' in session:
 uid = session['id']
 return User.query.get(uid)
+print(session)
 return None
 @app.route('/', methods=('GET', 'POST'))
 def home():
 session['id'] = user.id
 return redirect('/')
 user = current_user()
 return render_template('oauth/home.html', user=user)
-def generate_credentials(redirect_uris):
-item = Client(
-client_id=gen_salt(40),
-client_secret=gen_salt(50),
-_redirect_uris=' '.join(redirect_uris),
-_default_scopes='basic',
-)
-db.session.add(item)
-db.session.commit()
-return jsonify(
-client_id=item.client_id,
-client_secret=item.client_secret,
-)
-@app.route('/get-client-credentials')
-def make_client_credentials():
-return generate_credentials(app.config.get("CLIENT_REDIRECT_URIS", []))
-@app.route('/get-renkan-credentials')
-def make_renkan_credentials():
-return generate_credentials(app.config.get("RENKAN_REDIRECT_URIS", []))
 @oauth.clientgetter
 def load_client(client_id):
 return Client.query.filter_by(client_id=client_id).first()
 expires_in = token.pop('expires_in')
 expires = datetime.utcnow() + timedelta(seconds=expires_in)
 tok = Token(
 access_token=token['access_token'],
-refresh_token=token['refresh_token'],
 token_type=token['token_type'],
 _scopes=token['scope'],
 expires=expires,
 client_id=request.client.client_id,
 user_id=request.user.id,
 db.session.add(tok)
 db.session.commit()
 return tok
-@app.route('/oauth/token', methods=['GET', 'POST'])
+@app.route('/oauth/oauth2/token', methods=['GET', 'POST'])
 @oauth.token_handler
 def access_token():
 return None
-@app.route('/oauth/authorize', methods=['GET', 'POST'])
+@app.route('/oauth/oauth2/authorize', methods=['GET', 'POST'])
 @oauth.authorize_handler
 def authorize(*args, **kwargs):
+print(request.headers)
 user = current_user()
 if not user:
 return redirect('/')
 if request.method == 'GET':
 client_id = kwargs.get('client_id')
 confirm = request.form.get('confirm', 'no')
 return confirm == 'yes'
-@app.route('/api/me')
+@app.route('/rest/user/InfoComplete')
 @oauth.require_oauth()
-def me():
+def user_info():
 user = request.oauth.user
 return jsonify(id=user.id, username=user.username)
+@app.route('/rest/oauth/validate/<token>')
+def validate_token(token):
+print(request.headers)
+database_token = Token.query.filter_by(access_token=token).first()
+related_client = database_token.client
+return jsonify(
+access_token=token,
+redirect_uri= related_client.redirect_uris,
+error=0,
+description= "",
+scope=database_token.scopes
+)
+def init_client(client_id, client_secret, redirect_uris, client_owner, confidential=False):
+client = Client.query.filter_by(client_id=client_id, client_secret=client_secret).first()
+if not client:
+print("Creating client for "+client_owner)
+user = User.query.filter_by(username=client_owner).first()
+if not user:
+user = User(username=username)
+db.session.add(user)
+db.session.commit()
+if confidential:
+type="confidential"
+else:
+type="public"
+client = Client(
+client_id=client_id,
+client_secret=client_secret,
+_redirect_uris=' '.join(redirect_uris),
+_default_scopes='basic',
+user_id=user.id,
+client_type=type
+)
+db.session.add(client)
+db.session.commit()
 if __name__ == '__main__':
 db.create_all()
+init_client(
+client_id=app.config["RENKAN_CLIENT_ID"],
+client_secret=app.config["RENKAN_CLIENT_SECRET"],
+redirect_uris=app.config["RENKAN_REDIRECT_URIS"],
+client_owner=app.config["RENKAN_SERVER_USER"]
+)
+init_client(
+client_id=app.config["MOCK_GED_CLIENT_ID"],
+client_secret=app.config["MOCK_GED_CLIENT_SECRET"],
+redirect_uris=app.config["MOCK_GED_REDIRECT_URIS"],
+client_owner=app.config["MOCK_GED_SERVER_USER"],
+confidential=True
+)
 app.run()

changeset 5	4407b131a70e
parent 1	5f50937893ac
child 7	cb21b50b7793