FormOrJsonParser api.views.oauth
This commit is contained in:
parent
5bc9ff39ac
commit
3404b155de
@ -8,6 +8,7 @@ from django.views.decorators.csrf import csrf_exempt
|
|||||||
from django.views.generic import TemplateView, View
|
from django.views.generic import TemplateView, View
|
||||||
|
|
||||||
from api.models import Application, Token
|
from api.models import Application, Token
|
||||||
|
from api.parser import FormOrJsonParser
|
||||||
|
|
||||||
|
|
||||||
class OauthRedirect(HttpResponseRedirect):
|
class OauthRedirect(HttpResponseRedirect):
|
||||||
@ -43,12 +44,13 @@ class AuthorizationView(LoginRequiredMixin, TemplateView):
|
|||||||
}
|
}
|
||||||
|
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
|
post_data = FormOrJsonParser().parse_body(request)
|
||||||
# Grab the application and other details again
|
# Grab the application and other details again
|
||||||
redirect_uri = self.request.POST["redirect_uri"]
|
redirect_uri = post_data["redirect_uri"]
|
||||||
scope = self.request.POST["scope"]
|
scope = post_data["scope"]
|
||||||
application = Application.objects.get(client_id=self.request.POST["client_id"])
|
application = Application.objects.get(client_id=post_data["client_id"])
|
||||||
# Get the identity
|
# Get the identity
|
||||||
identity = self.request.user.identities.get(pk=self.request.POST["identity"])
|
identity = self.request.user.identities.get(pk=post_data["identity"])
|
||||||
# Make a token
|
# Make a token
|
||||||
token = Token.objects.create(
|
token = Token.objects.create(
|
||||||
application=application,
|
application=application,
|
||||||
@ -65,18 +67,18 @@ class AuthorizationView(LoginRequiredMixin, TemplateView):
|
|||||||
@method_decorator(csrf_exempt, name="dispatch")
|
@method_decorator(csrf_exempt, name="dispatch")
|
||||||
class TokenView(View):
|
class TokenView(View):
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
grant_type = request.POST["grant_type"]
|
post_data = FormOrJsonParser().parse_body(request)
|
||||||
|
grant_type = post_data["grant_type"]
|
||||||
|
|
||||||
try:
|
try:
|
||||||
application = Application.objects.get(
|
application = Application.objects.get(client_id=post_data["client_id"])
|
||||||
client_id=self.request.POST["client_id"]
|
|
||||||
)
|
|
||||||
except (Application.DoesNotExist, KeyError):
|
except (Application.DoesNotExist, KeyError):
|
||||||
return JsonResponse({"error": "invalid_client_id"}, status=400)
|
return JsonResponse({"error": "invalid_client_id"}, status=400)
|
||||||
# TODO: Implement client credentials flow
|
# TODO: Implement client credentials flow
|
||||||
if grant_type == "client_credentials":
|
if grant_type == "client_credentials":
|
||||||
return JsonResponse({"error": "invalid_grant_type"}, status=400)
|
return JsonResponse({"error": "invalid_grant_type"}, status=400)
|
||||||
elif grant_type == "authorization_code":
|
elif grant_type == "authorization_code":
|
||||||
code = request.POST["code"]
|
code = post_data["code"]
|
||||||
# Retrieve the token by code
|
# Retrieve the token by code
|
||||||
# TODO: Check code expiry based on created date
|
# TODO: Check code expiry based on created date
|
||||||
try:
|
try:
|
||||||
|
Reference in New Issue
Block a user