diff -r 8bc8b208441d -r 4407b131a70e oauth/oauth.py --- a/oauth/oauth.py Wed Feb 17 16:14:04 2016 +0100 +++ b/oauth/oauth.py Mon Feb 29 12:22:07 2016 +0100 @@ -28,15 +28,15 @@ class Client(db.Model): client_id = db.Column(db.String(40), primary_key=True) client_secret = db.Column(db.String(55), nullable=False) + client_type = db.Column(db.String(12), nullable=False, default='public') + user_id = db.Column(db.ForeignKey('user.id')) + user = db.relationship('User') + _redirect_uris = db.Column(db.Text) _default_scopes = db.Column(db.Text) @property - def client_type(self): - return 'public' - - @property def redirect_uris(self): if self._redirect_uris: return self._redirect_uris.split() @@ -103,7 +103,7 @@ token_type = db.Column(db.String(40)) access_token = db.Column(db.String(255), unique=True) - refresh_token = db.Column(db.String(255), unique=True) + refresh_token = db.Column(db.String(255), unique=True, nullable=True) expires = db.Column(db.DateTime) _scopes = db.Column(db.Text) @@ -118,6 +118,7 @@ if 'id' in session: uid = session['id'] return User.query.get(uid) + print(session) return None @@ -135,28 +136,6 @@ user = current_user() return render_template('oauth/home.html', user=user) -def generate_credentials(redirect_uris): - item = Client( - client_id=gen_salt(40), - client_secret=gen_salt(50), - _redirect_uris=' '.join(redirect_uris), - _default_scopes='basic', - ) - db.session.add(item) - db.session.commit() - return jsonify( - client_id=item.client_id, - client_secret=item.client_secret, - ) - -@app.route('/get-client-credentials') -def make_client_credentials(): - return generate_credentials(app.config.get("CLIENT_REDIRECT_URIS", [])) - -@app.route('/get-renkan-credentials') -def make_renkan_credentials(): - return generate_credentials(app.config.get("RENKAN_REDIRECT_URIS", [])) - @oauth.clientgetter def load_client(client_id): return Client.query.filter_by(client_id=client_id).first() @@ -207,7 +186,6 @@ tok = Token( access_token=token['access_token'], - refresh_token=token['refresh_token'], token_type=token['token_type'], _scopes=token['scope'], expires=expires, @@ -219,15 +197,16 @@ return tok -@app.route('/oauth/token', methods=['GET', 'POST']) +@app.route('/oauth/oauth2/token', methods=['GET', 'POST']) @oauth.token_handler def access_token(): return None -@app.route('/oauth/authorize', methods=['GET', 'POST']) +@app.route('/oauth/oauth2/authorize', methods=['GET', 'POST']) @oauth.authorize_handler def authorize(*args, **kwargs): + print(request.headers) user = current_user() if not user: return redirect('/') @@ -242,13 +221,62 @@ return confirm == 'yes' -@app.route('/api/me') +@app.route('/rest/user/InfoComplete') @oauth.require_oauth() -def me(): +def user_info(): user = request.oauth.user return jsonify(id=user.id, username=user.username) +@app.route('/rest/oauth/validate/') +def validate_token(token): + print(request.headers) + database_token = Token.query.filter_by(access_token=token).first() + related_client = database_token.client + return jsonify( + access_token=token, + redirect_uri= related_client.redirect_uris, + error=0, + description= "", + scope=database_token.scopes + ) + +def init_client(client_id, client_secret, redirect_uris, client_owner, confidential=False): + client = Client.query.filter_by(client_id=client_id, client_secret=client_secret).first() + if not client: + print("Creating client for "+client_owner) + user = User.query.filter_by(username=client_owner).first() + if not user: + user = User(username=username) + db.session.add(user) + db.session.commit() + if confidential: + type="confidential" + else: + type="public" + client = Client( + client_id=client_id, + client_secret=client_secret, + _redirect_uris=' '.join(redirect_uris), + _default_scopes='basic', + user_id=user.id, + client_type=type + ) + db.session.add(client) + db.session.commit() if __name__ == '__main__': db.create_all() + init_client( + client_id=app.config["RENKAN_CLIENT_ID"], + client_secret=app.config["RENKAN_CLIENT_SECRET"], + redirect_uris=app.config["RENKAN_REDIRECT_URIS"], + client_owner=app.config["RENKAN_SERVER_USER"] + ) + init_client( + client_id=app.config["MOCK_GED_CLIENT_ID"], + client_secret=app.config["MOCK_GED_CLIENT_SECRET"], + redirect_uris=app.config["MOCK_GED_REDIRECT_URIS"], + client_owner=app.config["MOCK_GED_SERVER_USER"], + confidential=True + ) app.run()