Commit 8184418a authored by Linus Lewandowski's avatar Linus Lewandowski

Remove dead refresh token implementation.

parent d21130d1
Pipeline #11347692 passed with stages
in 4 minutes 50 seconds
# -*- coding: utf-8 -*-
# Generated by Django 1.11.4 on 2017-08-31 17:29
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('openid_provider', '0008_remove_accesstoken'),
]
operations = [
migrations.RemoveField(
model_name='refreshtoken',
name='client',
),
migrations.RemoveField(
model_name='refreshtoken',
name='user',
),
migrations.DeleteModel(
name='RefreshToken',
),
]
from .code_sql import makeCode, expandCode
from .accesstoken import makeAccessToken, expandAccessToken
from .refreshtoken_sql import makeRefreshToken, expandRefreshToken
from .idtoken import makeIDToken
import os
from datetime import timedelta
from django.utils import timezone
from ._sql import SQLBaseModel
class RefreshToken(SQLBaseModel):
pass
def makeRefreshToken(client, user, scope):
expires_in = int(os.environ.get('EXPIRE_REFRESH_TOKEN', 10*24*60*60))
token = RefreshToken.objects.create(client=client, user=user, scope=scope, expires_at=timezone.now() + timedelta(seconds=expires_in))
return str(token.id)
def expandRefreshToken(token):
try:
return RefreshToken.objects.get(id=token)
except RefreshToken:
raise ValueError()
......@@ -28,19 +28,6 @@ def _auth_code(request):
return code
def _auth_refresh_token(request):
try:
rt = request.POST['refresh_token']
except KeyError:
raise invalid_request()
try:
rt = expandRefeshToken(rt)
except ValueError:
raise invalid_grant()
return rt
@method_decorator(csrf_exempt, name='dispatch')
@method_decorator(oauth_error_response(logger), name='dispatch')
......@@ -53,9 +40,6 @@ class TokenView(View):
if grant_type == 'authorization_code':
code = _auth_code(request)
elif grant_type == 'refresh_token':
code = _auth_refresh_token(request)
code.nonce = ''
else:
raise unsupported_grant_type()
......@@ -79,10 +63,6 @@ class TokenView(View):
else:
id_token = None
if 'offline_access' in code.scope and code.client.oauth_auth_method != 'none':
refresh_token = makeRefreshToken(client=code.client, user=code.user, scope=code.scope)
response['refresh_token'] = refresh_token
response = JsonResponse(response)
response['Cache-Control'] = 'no-store'
response['Pragma'] = 'no-cache'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment