diff options
author | Wiliam Souza <wiliamsouza83@gmail.com> | 2018-01-30 17:30:26 -0200 |
---|---|---|
committer | Omer Katz <omer.drow@gmail.com> | 2018-01-30 21:30:26 +0200 |
commit | 2fe1cdb88e076f624824496c4aba6a8665e991d9 (patch) | |
tree | 494c371a83c8d23b87d6ea97ba3933a2ca8f5cda /oauthlib/oauth2/rfc6749/tokens.py | |
parent | d7fc1336d81b39f3d2193eb3155ff66da6caadd9 (diff) | |
download | oauthlib-2fe1cdb88e076f624824496c4aba6a8665e991d9.tar.gz |
Openid connect jwt (#488)
* Add JWT token with it the server knows how to validate this new type of token in resource requests
* Change find_token_type sorted function to reverse result and choose the valued estimated token handler
* Add validate_id_token method to RequestValidator
* Added unittest for JWTToken model
* Updated version of Mock
* Add get_jwt_bearer_token and validate_jwt_bearer_token oauthlib.oauth2.RequestValidator and change oauthlib.oauth2.tokens JWTToken to use it
* Change to improve token type estimate test
* Add a note in RequestValidator.validate_jwt_bearer_token about error 5xx rather 4xx
Diffstat (limited to 'oauthlib/oauth2/rfc6749/tokens.py')
-rw-r--r-- | oauthlib/oauth2/rfc6749/tokens.py | 46 |
1 files changed, 44 insertions, 2 deletions
diff --git a/oauthlib/oauth2/rfc6749/tokens.py b/oauthlib/oauth2/rfc6749/tokens.py index e0ac431..e68ba59 100644 --- a/oauthlib/oauth2/rfc6749/tokens.py +++ b/oauthlib/oauth2/rfc6749/tokens.py @@ -24,8 +24,6 @@ except ImportError: from urllib.parse import urlparse - - class OAuth2Token(dict): def __init__(self, params, old_scope=None): @@ -303,3 +301,47 @@ class BearerToken(TokenBase): return 5 else: return 0 + + +class JWTToken(TokenBase): + __slots__ = ( + 'request_validator', 'token_generator', + 'refresh_token_generator', 'expires_in' + ) + + def __init__(self, request_validator=None, token_generator=None, + expires_in=None, refresh_token_generator=None): + self.request_validator = request_validator + self.token_generator = token_generator or random_token_generator + self.refresh_token_generator = ( + refresh_token_generator or self.token_generator + ) + self.expires_in = expires_in or 3600 + + def create_token(self, request, refresh_token=False, save_token=False): + """Create a JWT Token, using requestvalidator method.""" + + if callable(self.expires_in): + expires_in = self.expires_in(request) + else: + expires_in = self.expires_in + + request.expires_in = expires_in + + return self.request_validator.get_jwt_bearer_token(None, None, request) + + def validate_request(self, request): + token = None + if 'Authorization' in request.headers: + token = request.headers.get('Authorization')[7:] + else: + token = request.access_token + return self.request_validator.validate_jwt_bearer_token( + token, request.scopes, request) + + def estimate_type(self, request): + token = request.headers.get('Authorization', '')[7:] + if token.startswith('ey') and token.count('.') in (2, 4): + return 10 + else: + return 0 |