Skip to content
Permalink
Browse files
Finish support for updated gcloud
  • Loading branch information
brogand93 committed Jul 25, 2014
1 parent 34c685d commit 4219ecc23d63b44a6040004b8bb8d6a59b213fe8
Showing 6 changed files with 33 additions and 73 deletions.
@@ -47,4 +47,5 @@ def token():
res = make_response(response.text, response.status_code)
for k, v in response.headers.iteritems():
res.headers[k] = v

return res
@@ -24,11 +24,13 @@ class AccessToken(db.Model):
__tablename__ = 'accesstoken'
access_token = db.Column(db.String(100), primary_key=True, unique=True)
client_id = db.Column(db.String(100), unique=True)
expires_in = db.Column(db.Integer)
expires_in = db.Column(db.String(10))
id_token = db.Column(db.String(1000))
data = db.Column(db.String(500))

def __init__(self, access_token, client_id, expires_in, data):
def __init__(self, access_token, client_id, expires_in, id_token, data):
self.access_token = access_token
self.client_id = client_id
self.expires_in = expires_in
self.id_token = id_token
self.data = data
@@ -25,8 +25,10 @@ class RefreshToken(db.Model):
refresh_token = db.Column(db.String(100), primary_key=True, unique=True)
client_id = db.Column(db.String(100), unique=True)
data = db.Column(db.String(500))
id_token = db.Column(db.String(1000))

def __init__(self, refresh_token, client_id, data):
def __init__(self, refresh_token, client_id, id_token, data):
self.refresh_token = refresh_token
self.client_id = client_id
self.data = data
self.id_token = id_token
@@ -78,7 +78,7 @@ def persist_authorization_code(self, client_id, code, scope):
return

def persist_token_information(self, client_id, scope, access_token, token_type,
expires_in, refresh_token, data):
expires_in, refresh_token, id_token, data):
client = Client.query.get(client_id)
if client is not None:
existing_access_token = AccessToken.query.filter_by(
@@ -92,7 +92,7 @@ def persist_token_information(self, client_id, scope, access_token, token_type,
else:
db.session.add(
AccessToken(
access_token, client_id, expires_in, json.dumps(data)
access_token, client_id, expires_in, id_token, json.dumps(data)
)
)

@@ -101,7 +101,7 @@ def persist_token_information(self, client_id, scope, access_token, token_type,
existing_refresh_token.data = json.dumps(data)
else:
db.session.add(
RefreshToken(refresh_token, client_id, json.dumps(data)))
RefreshToken(refresh_token, client_id, id_token, json.dumps(data)))

db.session.commit()
return True
@@ -23,11 +23,15 @@ def upgrade():
nullable=True),
sa.Column(
'expires_in',
sa.String(length=255),
sa.String(length=10),
nullable=True),
sa.Column(
'id_token',
sa.String(length=1000),
nullable=True),
sa.Column(
'data',
sa.String(length=255),
sa.String(length=500),
nullable=True),
sa.PrimaryKeyConstraint('access_token'),
sa.UniqueConstraint('client_id')
@@ -47,9 +51,13 @@ def upgrade():
'client_id',
sa.String(length=255),
nullable=True),
sa.Column(
'id_token',
sa.String(length=1000),
nullable=True),
sa.Column(
'data',
sa.String(length=255),
sa.String(length=500),
nullable=True),
sa.PrimaryKeyConstraint('refresh_token'),
sa.UniqueConstraint('client_id')
@@ -1,4 +1,5 @@
import json
import jwt
from requests import Response
from cStringIO import StringIO
try:
@@ -100,61 +101,6 @@ class AuthorizationProvider(Provider):
"""OAuth 2.0 authorization provider. This class manages authorization
codes and access tokens. Certain methods MUST be overridden in a
subclass, thus this class cannot be directly used as a provider.
These are the methods that must be implemented in a subclass:
validate_client_id(self, client_id)
# Return True or False
validate_client_secret(self, client_id, client_secret)
# Return True or False
validate_scope(self, client_id, scope)
# Return True or False
validate_redirect_uri(self, client_id, redirect_uri)
# Return True or False
validate_access(self) # Use this to validate your app session user
# Return True or False
from_authorization_code(self, client_id, code, scope)
# Return mixed data or None on invalid
from_refresh_token(self, client_id, refresh_token, scope)
# Return mixed data or None on invalid
persist_authorization_code(self, client_id, code, scope)
# Return value ignored
persist_token_information(self, client_id, scope, access_token,
token_type, expires_in, refresh_token,
data)
# Return value ignored
discard_authorization_code(self, client_id, code)
# Return value ignored
discard_refresh_token(self, client_id, refresh_token)
# Return value ignored
Optionally, the following may be overridden to acheive desired behavior:
@property
token_length(self)
@property
token_type(self)
@property
token_expires_in(self)
generate_authorization_code(self)
generate_access_token(self)
generate_refresh_token(self)
"""

@property
@@ -179,14 +125,15 @@ def token_expires_in(self):
:rtype: int
"""
return 3600
return "3600"

def generate_id_token(self):
def generate_id_token(self, client_id, client_secret):
"""Generate a random authorization code.
:rtype: str
"""
return 'ryJhbGciOiJSUzI1NiIsImtpZCI6IjRiODZiNDQxMmE2MmRiOWRmY2JkYjg2MWZlZmRjM2YwMzgzYjFlNDIifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiaWQiOiIxMTc1NTA3MTAxNzk0MTI2NTQxNzkiLCJzdWIiOiIxMTc1NTA3MTAxNzk0MTI2NTQxNzkiLCJhenAiOiIzMjU1NTk0MDU1OS5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImVtYWlsIjoiYnJvZ2FuZDkzQGRhcnJlbmJyb2dhbi5pZSIsImF0X2hhc2giOiJzdmVrRzJlVmc3YnpiRW91a05xY3FRIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF1ZCI6IjMyNTU1OTQwNTU5LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiaGQiOiJkYXJyZW5icm9nYW4uaWUiLCJ0b2tlbl9oYXNoIjoic3Zla0cyZVZnN2J6YkVvdWtOcWNxUSIsInZlcmlmaWVkX2VtYWlsIjp0cnVlLCJjaWQiOiIzMjU1NTk0MDU1OS5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImlhdCI6MTQwNjIzMTczOCwiZXhwIjoxNDA2MjM1NjM4fQ.QpvqKU_GWtqBdZsazpJs4UnuwkpVlOhYk6tYNNXhJSnbbLgpg847vbuMUEBM_vP03JB7Ot5P3AuSzSiBtXXB4hd8IU8puR4NYUMkrMfSNLYSGTyy1qf39v3LM10wsaUC4trw9eWPNHZoVimxhblfs-ocAyfiyFFizK8kdvWlM9w'
return jwt.encode({"email": "user@gstack"}, client_secret)


def generate_authorization_code(self):
"""Generate a random authorization code.
@@ -324,7 +271,7 @@ def refresh_token(self,
token_type = self.token_type
expires_in = self.token_expires_in
refresh_token = self.generate_refresh_token()
id_token = self.generate_id_token()
id_token = self.generate_id_token(client_id, client_secret)

# Save information to be used to validate later requests
self.persist_token_information(client_id=client_id,
@@ -333,6 +280,7 @@ def refresh_token(self,
token_type=token_type,
expires_in=expires_in,
refresh_token=refresh_token,
id_token=id_token,
data=data)

# Return json response
@@ -400,7 +348,7 @@ def get_token(self,
token_type = self.token_type
expires_in = self.token_expires_in
refresh_token = self.generate_refresh_token()
id_token = self.generate_id_token()
id_token = self.generate_id_token(client_id, client_secret)

# Save information to be used to validate later requests
self.persist_token_information(client_id=client_id,
@@ -409,6 +357,7 @@ def get_token(self,
token_type=token_type,
expires_in=expires_in,
refresh_token=refresh_token,
id_token=id_token,
data=data)

# Return json response
@@ -487,9 +436,7 @@ def get_token_from_post_data(self, data):

# Catch missing parameters in request
return self._make_json_error_response('invalid_request')
except Exception as exc:
self._handle_exception(exc)
print exc
except Exception:
# Catch all other server errors
return self._make_json_error_response('server_error')

@@ -527,7 +474,7 @@ def persist_authorization_code(self, client_id, code, scope):

def persist_token_information(self, client_id, scope, access_token,
token_type, expires_in, refresh_token,
data):
id_token, data):
raise NotImplementedError('Subclasses must implement '
'persist_token_information.')

0 comments on commit 4219ecc

Please sign in to comment.