django-esi 8.1.0__py3-none-any.whl

esi/tests/test_tasks.py

@@ -0,0 +1,116 @@
+from datetime import timedelta
+from unittest.mock import patch
+
+from celery import current_app as celery_app
+from django.utils.timezone import now
+
+from esi.models import CallbackRedirect, Token
+from esi.tasks import cleanup_callbackredirect, cleanup_token, cleanup_token_subset
+
+from . import NoSocketsTestCase
+from .factories_2 import TokenFactory, CallbackRedirectFactory
+
+from math import ceil
+
+MANAGERS_PATH = "esi.managers"
+MODELS_PATH = "esi.models"
+TASKS_PATH = "esi.tasks"
+
+
+class CeleryTestCase(NoSocketsTestCase):
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        celery_app.conf.task_always_eager = True
+        celery_app.conf.task_eager_propagates = True
+
+
+class TestCleanupCallbackredirect(CeleryTestCase):
+    def test_should_remove_expired(self) -> None:
+        # given
+        cb_valid = CallbackRedirectFactory()
+        with patch("django.utils.timezone.now") as m:
+            m.return_value = now() - timedelta(minutes=5, seconds=1)
+            cb_expired = CallbackRedirectFactory()
+        # when
+        cleanup_callbackredirect.delay(max_age=300)
+        # then
+        self.assertTrue(CallbackRedirect.objects.filter(pk=cb_valid.pk).exists())
+        self.assertFalse(CallbackRedirect.objects.filter(pk=cb_expired.pk).exists())
+
+
+@patch(MANAGERS_PATH + '.app_settings.ESI_TOKEN_VALID_DURATION', 120)
+@patch(MODELS_PATH + '.Token.refresh', spec=True)
+class TestCleanupToken(CeleryTestCase):
+    def test_should_delete_orphaned_tokens(self, mock_token_refresh) -> None:
+        # given
+        token_1 = TokenFactory(user=None)
+        token_2 = TokenFactory()
+        # when
+        cleanup_token.delay()
+        # then
+        self.assertFalse(Token.objects.filter(pk=token_1.pk).exists())
+        self.assertTrue(Token.objects.filter(pk=token_2.pk).exists())
+
+    def test_should_refresh_expired_tokens_only(self, mock_token_refresh) -> None:
+        # given
+        TokenFactory()
+        with patch("django.utils.timezone.now") as m:
+            m.return_value = now() - timedelta(minutes=3)
+            TokenFactory()
+        # when
+        cleanup_token.delay()
+        # then
+        self.assertEqual(mock_token_refresh.call_count, 1)
+
+
+class TestCleanupTokenSubset(CeleryTestCase):
+    @patch(MANAGERS_PATH + '.app_settings.ESI_TOKEN_VALID_DURATION', 120)
+    @patch(TASKS_PATH + ".refresh_or_delete_token.apply_async")
+    def test_should_delete_orphaned_tokens(self, mock_token_refresh) -> None:
+        # given
+        orphaned = TokenFactory(user=None)
+        valid = TokenFactory()
+        # when
+        cleanup_token_subset.delay()
+        # then
+        self.assertFalse(Token.objects.filter(pk=orphaned.pk).exists())
+        self.assertTrue(Token.objects.filter(pk=valid.pk).exists())
+
+    @patch(MANAGERS_PATH + '.app_settings.ESI_TOKEN_VALID_DURATION', 1)
+    @patch(TASKS_PATH + ".refresh_or_delete_token.apply_async")
+    def test_should_refresh_fraction_of_expired_tokens(self, mock_token_refresh) -> None:
+        # given
+        num_expired = 100
+        for _ in range(num_expired):
+            TokenFactory(refresh_token="some_token")
+        # patch time so all tokens are expired
+        with patch("django.utils.timezone.now") as m:
+            m.return_value = now() + timedelta(minutes=5)
+            # when
+            cleanup_token_subset.delay(fraction=10)
+        # then
+        expected_count = ceil(num_expired / 10)
+        self.assertEqual(mock_token_refresh.call_count, expected_count)
+
+    @patch(MANAGERS_PATH + '.app_settings.ESI_TOKEN_VALID_DURATION', 1)
+    @patch("esi.tasks.refresh_or_delete_token.apply_async")
+    def test_should_refresh_expired_tokens_only(self, mock_token_refresh) -> None:
+        # given
+        TokenFactory()
+        with patch("django.utils.timezone.now") as m:
+            m.return_value = now() - timedelta(minutes=3)
+            TokenFactory()
+        # when
+        cleanup_token_subset.delay()
+        # then
+        self.assertEqual(mock_token_refresh.call_count, 1)
+
+    @patch(MANAGERS_PATH + '.app_settings.ESI_TOKEN_VALID_DURATION', 1)
+    @patch(TASKS_PATH + ".refresh_or_delete_token.apply_async")
+    def test_should_log_and_exit_gracefully_with_no_tokens(self, mock_token_refresh) -> None:
+        # when
+        cleanup_token_subset.delay()
+        # then
+        self.assertEqual(Token.objects.count(), 0)
+        mock_token_refresh.assert_not_called()

esi/tests/test_templatetags.py

@@ -0,0 +1,22 @@
+"""unit tests for esi"""
+
+from django.test import TestCase
+from ..templatetags.scope_tags import scope_friendly_name
+
+
+class TestScope(TestCase):
+    """tests for template tag"""
+
+    def test_friendly_name_fail(self):
+        x = scope_friendly_name('dummy_scope')
+        self.assertEqual(
+            "dummy_scope",
+            x
+        )
+
+    def test_friendly_name_pass(self):
+        x = scope_friendly_name('test.dummy_scope.test')
+        self.assertEqual(
+            "dummy scope",
+            x
+        )

esi/tests/test_views.py

@@ -0,0 +1,331 @@
+from unittest.mock import patch
+
+from django.contrib.auth.models import User
+from django.contrib.sessions.middleware import SessionMiddleware
+from django.http import (
+    HttpResponse,
+    HttpResponseRedirect,
+    Http404,
+    HttpResponseBadRequest
+)
+from django.test import TestCase, RequestFactory
+
+from . import _generate_token, _store_as_Token
+from ..models import CallbackRedirect
+from ..views import sso_redirect, receive_callback, select_token
+
+
+ESI_SSO_CLIENT_ID = 'abc'
+ESI_SSO_CALLBACK_URL = 'https://www.example.com/callback/'
+ESI_OAUTH_LOGIN_URL = 'https://www.example.com/oauth/'
+
+redirect_sub_url = '/%s/' % ('x' * (2048 - 25))
+redirect_url = 'https://www.example.com' + redirect_sub_url
+
+
+class TestSsoCallbackView(TestCase):
+
+    def setUp(self):
+        self.user = User.objects.create_user(
+            'Bruce Wayne',
+            'abc@example.com',
+            'password'
+        )
+        self.token = _store_as_Token(
+            _generate_token(
+                character_id=99,
+                character_name=self.user.username,
+                scopes=['abc', 'xyz', '123']
+            ),
+            self.user
+        )
+        self.factory = RequestFactory()
+        CallbackRedirect.objects.all().delete()
+
+    @patch('esi.views.app_settings.ESI_SSO_CLIENT_ID', ESI_SSO_CLIENT_ID)
+    @patch('esi.views.app_settings.ESI_SSO_CALLBACK_URL', ESI_SSO_CALLBACK_URL)
+    @patch('esi.views.app_settings.ESI_OAUTH_LOGIN_URL', ESI_OAUTH_LOGIN_URL)
+    @patch('esi.views.OAuth2Session', autospec=True)
+    def test_redirect_to_url_no_scopes(self, mock_OAuth2Session):
+        state = 'my_awesome_state'
+        mock_OAuth2Session.return_value.authorization_url.return_value = \
+            (redirect_url, state)
+
+        request = self.factory.get(redirect_url)
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        http_response = sso_redirect(request)
+
+        self.assertTrue(mock_OAuth2Session.called)
+        args, kwargs = mock_OAuth2Session.call_args
+        self.assertEqual(kwargs['scope'], [])
+
+        self.assertEqual(http_response.url, redirect_url)
+
+        callback_redirects = (
+            CallbackRedirect.objects.filter(session_key=request.session.session_key)
+        )
+        self.assertEqual(len(callback_redirects), 1)
+        callback_redirect = callback_redirects.first()
+        self.assertEqual(callback_redirect.url, redirect_sub_url)
+        self.assertEqual(callback_redirect.session_key, request.session.session_key)
+        self.assertEqual(callback_redirect.state, state)
+
+    @patch('esi.views.app_settings.ESI_SSO_CLIENT_ID', ESI_SSO_CLIENT_ID)
+    @patch('esi.views.app_settings.ESI_SSO_CALLBACK_URL', ESI_SSO_CALLBACK_URL)
+    @patch('esi.views.app_settings.ESI_OAUTH_LOGIN_URL', ESI_OAUTH_LOGIN_URL)
+    @patch('esi.views.OAuth2Session', autospec=True)
+    def test_redirect_to_url_w_single_scope(self, mock_OAuth2Session):
+        state = 'my_awesome_state'
+        mock_OAuth2Session.return_value.authorization_url.return_value = \
+            (redirect_url, state)
+
+        request = self.factory.get(redirect_url)
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        http_response = sso_redirect(request, scopes='abc')
+        self.assertTrue(mock_OAuth2Session.called)
+        args, kwargs = mock_OAuth2Session.call_args
+        self.assertEqual(kwargs['scope'], ['abc'])
+
+        self.assertEqual(http_response.url, redirect_url)
+
+        callback_redirects = (
+            CallbackRedirect.objects.filter(session_key=request.session.session_key)
+        )
+        self.assertEqual(len(callback_redirects), 1)
+        callback_redirect = callback_redirects.first()
+        self.assertEqual(callback_redirect.url, redirect_sub_url)
+        self.assertEqual(callback_redirect.session_key, request.session.session_key)
+        self.assertEqual(callback_redirect.state, state)
+
+    @patch('esi.views.app_settings.ESI_SSO_CLIENT_ID', ESI_SSO_CLIENT_ID)
+    @patch('esi.views.app_settings.ESI_SSO_CALLBACK_URL', ESI_SSO_CALLBACK_URL)
+    @patch('esi.views.app_settings.ESI_OAUTH_LOGIN_URL', ESI_OAUTH_LOGIN_URL)
+    @patch('esi.views.OAuth2Session', autospec=True)
+    def test_redirect_to_url_w_multiple_scopes(self, mock_OAuth2Session):
+        state = 'my_awesome_state'
+        mock_OAuth2Session.return_value.authorization_url.return_value = \
+            (redirect_url, state)
+
+        request = self.factory.get(redirect_url)
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        http_response = sso_redirect(request, scopes=['abc', 'def'])
+        self.assertTrue(mock_OAuth2Session.called)
+        args, kwargs = mock_OAuth2Session.call_args
+        self.assertEqual(kwargs['scope'], ['abc', 'def'])
+
+        self.assertEqual(http_response.url, redirect_url)
+
+        callback_redirects = CallbackRedirect.objects\
+            .filter(session_key=request.session.session_key)
+        self.assertEqual(len(callback_redirects), 1)
+        callback_redirect = callback_redirects.first()
+        self.assertEqual(callback_redirect.url, redirect_sub_url)
+        self.assertEqual(callback_redirect.session_key, request.session.session_key)
+        self.assertEqual(callback_redirect.state, state)
+
+    @patch('esi.views.app_settings.ESI_SSO_CLIENT_ID', ESI_SSO_CLIENT_ID)
+    @patch('esi.views.app_settings.ESI_SSO_CALLBACK_URL', ESI_SSO_CALLBACK_URL)
+    @patch('esi.views.app_settings.ESI_OAUTH_LOGIN_URL', ESI_OAUTH_LOGIN_URL)
+    @patch('esi.views.reverse', autospec=True)
+    @patch('esi.views.OAuth2Session', autospec=True)
+    def test_redirect_to_view_no_scopes(self, mock_OAuth2Session, mock_reverse):
+        state = 'my_awesome_state'
+        mock_OAuth2Session.return_value.authorization_url.return_value = \
+            (redirect_url, state)
+        my_view_url = '/my_view/'
+        mock_reverse.return_value = my_view_url
+
+        request = self.factory.get('https://www.example.com/callback2/')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        http_response = sso_redirect(request, return_to='my_view')
+
+        self.assertTrue(mock_OAuth2Session.called)
+        args, kwargs = mock_OAuth2Session.call_args
+        self.assertEqual(kwargs['scope'], [])
+
+        self.assertEqual(http_response.url, redirect_url)
+
+        callback_redirects = (
+            CallbackRedirect.objects.filter(session_key=request.session.session_key)
+        )
+        self.assertEqual(len(callback_redirects), 1)
+        callback_redirect = callback_redirects.first()
+        self.assertEqual(callback_redirect.url, my_view_url)
+        self.assertEqual(callback_redirect.session_key, request.session.session_key)
+        self.assertEqual(callback_redirect.state, state)
+
+    @patch('esi.views.app_settings.ESI_SSO_CLIENT_ID', ESI_SSO_CLIENT_ID)
+    @patch('esi.views.app_settings.ESI_SSO_CALLBACK_URL', ESI_SSO_CALLBACK_URL)
+    @patch('esi.views.reverse')
+    def test_sso_redirect_return_to(self, mock_reverse):
+        mock_reverse.return_value = '/callback3/'
+
+        request = self.factory.get('https://www.example.com/callback2/')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        sso_redirect(request, return_to='callback3')
+
+        callback_redirects = (
+            CallbackRedirect.objects.filter(session_key=request.session.session_key)
+        )
+        self.assertEqual(len(callback_redirects), 1)
+        callback_redirect = callback_redirects.first()
+        self.assertEqual(callback_redirect.url, '/callback3/')
+        self.assertEqual(callback_redirect.session_key, request.session.session_key)
+
+    @patch('esi.views.app_settings.ESI_SSO_CLIENT_ID', ESI_SSO_CLIENT_ID)
+    @patch('esi.views.app_settings.ESI_SSO_CALLBACK_URL', ESI_SSO_CALLBACK_URL)
+    def test_sso_redirect_start_session(self):
+        request = self.factory.get('https://www.example.com/callback2/')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+
+        sso_redirect(request)
+
+        callback_redirects = (
+            CallbackRedirect.objects.filter(session_key=request.session.session_key)
+        )
+        self.assertEqual(len(callback_redirects), 1)
+        callback_redirect = callback_redirects.first()
+        self.assertEqual(callback_redirect.url, '/callback2/')
+        self.assertEqual(callback_redirect.session_key, request.session.session_key)
+
+
+class TesReceiveCallbackView(TestCase):
+
+    def setUp(self):
+        self.user = User.objects.create_user(
+            'Bruce Wayne',
+            'abc@example.com',
+            'password'
+        )
+
+        self.token = _store_as_Token(
+            _generate_token(
+                character_id=99,
+                character_name=self.user.username,
+                scopes=['abc', 'xyz', '123']
+            ),
+            self.user
+        )
+        self.factory = RequestFactory()
+        CallbackRedirect.objects.all().delete()
+
+    @patch('esi.managers.TokenManager.create_from_request')
+    def test_normal(self, mock_create_from_request):
+        mock_create_from_request.return_value = self.token
+
+        request = self.factory.get('https://www.example.com?code=abc&state=123')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        callback_redirect = CallbackRedirect.objects.create(
+            session_key=request.session.session_key,
+            state='123',
+            url=redirect_url
+        )
+        http_response = receive_callback(request)
+        callback_redirect.refresh_from_db()
+        self.assertIsInstance(http_response, HttpResponseRedirect)
+        self.assertEqual(http_response.url, redirect_url)
+        self.assertEqual(callback_redirect.token, self.token)
+
+    def test_missing_code(self):
+        request = self.factory.get('https://www.example.com?state=123')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        http_response = receive_callback(request)
+        self.assertIsInstance(http_response, HttpResponseBadRequest)
+
+    def test_missing_state(self):
+        request = self.factory.get('https://www.example.com?code=abc')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        http_response = receive_callback(request)
+        self.assertIsInstance(http_response, HttpResponseBadRequest)
+
+    def test_missing_callback(self):
+        request = self.factory.get('https://www.example.com?code=abc&state=123')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+
+        with self.assertRaises(Http404):
+            receive_callback(request)
+
+
+class TestSelectTokenView(TestCase):
+    def setUp(self):
+        self.user = User.objects.create_user(
+            'Bruce Wayne',
+            'abc@example.com',
+            'password'
+        )
+        self.token = _store_as_Token(
+            _generate_token(
+                character_id=99,
+                character_name=self.user.username,
+                scopes=['abc', 'xyz', '123']
+            ),
+            self.user
+        )
+        self.factory = RequestFactory()
+        CallbackRedirect.objects.all().delete()
+
+    def test_should_render_select_page_on_first_call(self):
+        # given
+        request = self.factory.get('https://www.example.com/my_view/')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+        # when
+        response = select_token(request, scopes='abc')
+        # then
+        self.assertIn("ESI Token Selection", response.content.decode("utf-8"))
+
+    def test_should_render_select_page_on_second_call(self):
+        # given
+        request = self.factory.get('https://www.example.com/my_view/')
+        request.user = self.user
+        middleware = SessionMiddleware(HttpResponse)
+        middleware.process_request(request)
+        request.session.save()
+        CallbackRedirect.objects.create(
+            session_key=request.session.session_key,
+            state='state123',
+            token=self.token
+        )
+        # when
+        response = select_token(request, scopes='abc', new=True)
+        # then
+        self.assertIn("ESI Token Selection", response.content.decode("utf-8"))

esi/tests/threading_pilot.py

@@ -0,0 +1,69 @@
+# flake8: noqa
+"""script for testing connection pool size with live requests to ESI
+
+Run this script directly. Make sure to also set the environment variable
+DJANGO_PROJECT_PATH and DJANGO_SETTINGS_MODULE to match your setup:
+
+You can see the result in your main log file of your Django installation.
+If your connection pool size is too small you will see the following warning in your
+log file: "Connection pool is full, discarding connection: esi.evetech.net"
+To pass this test successfully ESI_CONNECTION_POOL_MAXSIZE must equal to number
+of MAX_WORKER (e.g. 20)
+
+Example:
+export DJANGO_PROJECT_PATH="/home/erik997/dev/python/django-dev/mysite"
+export DJANGO_SETTINGS_MODULE="mysite.settings"
+
+"""
+
+# start django project
+import os
+import sys
+
+if not 'DJANGO_PROJECT_PATH' in os.environ:
+    print('DJANGO_PROJECT_PATH is not set')
+    exit(1)
+
+if not 'DJANGO_SETTINGS_MODULE' in os.environ:
+    print('DJANGO_SETTINGS_MODULE is not set')
+    exit(1)
+
+sys.path.insert(0, os.environ['DJANGO_PROJECT_PATH'])
+import django
+django.setup()
+
+# normal imports
+import concurrent.futures
+import logging
+
+from django.core.cache import cache
+from esi.clients import EsiClientProvider
+
+MAX_WORKER = 20
+
+cache.clear()
+esi = EsiClientProvider()
+
+logger = logging.getLogger('__name__')
+logger.level = logging.DEBUG
+logger.propagate = True
+
+
+def thread_func(type_id):
+    logger.info('Fetching type with ID %d from ESI', type_id)
+    esi.client.Universe.get_universe_types_type_id(type_id=type_id).result()
+
+def main():
+    print('Script started...')
+    entity_ids = esi.client.Universe.get_universe_types().results()[1000:2000]
+    logger.info('Start fetching %d types' , len(entity_ids))
+
+    with concurrent.futures.ThreadPoolExecutor(max_workers=MAX_WORKER) as executor:
+        executor.map(thread_func, entity_ids)
+
+    logger.info('Finished fetching %d types', len(entity_ids))
+    print('DONE')
+
+
+if __name__ == '__main__':
+    main()

esi/urls.py

@@ -0,0 +1,9 @@
+from django.urls import path
+
+from . import views
+
+app_name = 'esi'
+
+urlpatterns = [
+    path('callback/', views.receive_callback, name='callback'),
+]

esi/views.py

@@ -0,0 +1,129 @@
+import logging
+
+from requests_oauthlib import OAuth2Session
+
+from django.http.response import HttpResponseBadRequest
+from django.shortcuts import get_object_or_404, redirect, render
+from django.urls import reverse
+
+from esi import app_settings
+from esi.models import CallbackRedirect, Token
+
+from .decorators import tokens_required
+
+logger = logging.getLogger(__name__)
+
+
+def sso_redirect(request, scopes=None, return_to=None):
+    """
+    Generates a :model:`esi.CallbackRedirect` for the specified request.
+    Redirects to EVE for login.
+    Accepts a view or URL name as a redirect after SSO.
+    """
+    logger.debug(
+        "Initiating redirect of %s session %s",
+        request.user,
+        request.session.session_key[:5] if request.session.session_key else '[no key]'
+    )
+    if scopes is None:
+        scopes = list()
+    elif isinstance(scopes, str):
+        scopes = list([scopes])
+
+    # ensure only one callback redirect model per session
+    if request.session.session_key:
+        CallbackRedirect.objects\
+            .filter(session_key=request.session.session_key).delete()
+
+    # ensure we have a session
+    if not request.session.exists(request.session.session_key):
+        logger.debug("Creating new session before redirect.")
+        request.session.create()
+
+    if return_to:
+        url = reverse(return_to)
+    else:
+        url = request.get_full_path()
+
+    oauth = OAuth2Session(
+        app_settings.ESI_SSO_CLIENT_ID,
+        redirect_uri=app_settings.ESI_SSO_CALLBACK_URL,
+        scope=scopes
+    )
+    redirect_url, state = oauth.authorization_url(app_settings.ESI_OAUTH_LOGIN_URL)
+
+    CallbackRedirect.objects.create(
+        session_key=request.session.session_key, state=state, url=url
+    )
+    logger.debug(
+        "Redirecting %s session %s to SSO. Callback will be redirected to %s",
+        request.user,
+        request.session.session_key[:5],
+        url
+    )
+    return redirect(redirect_url)
+
+
+def receive_callback(request):
+    """
+    Parses SSO callback, validates, retrieves :model:`esi.Token`,
+    and internally redirects to the target url.
+    """
+    logger.debug(
+        "Received callback for %s session %s",
+        request.user,
+        request.session.session_key[:5]
+    )
+    # make sure request has required parameters
+    code = request.GET.get('code', None)
+    state = request.GET.get('state', None)
+    if not code or not state:
+        logger.warning("Missing parameters for code exchange.")
+        return HttpResponseBadRequest()
+
+    callback = get_object_or_404(
+        CallbackRedirect, state=state, session_key=request.session.session_key
+    )
+    token = Token.objects.create_from_request(request)
+    callback.token = token
+    callback.save()
+    logger.debug(
+        "Processed callback for %s session %s. Redirecting to %s",
+        request.user,
+        request.session.session_key[:5],
+        callback.url
+    )
+    return redirect(callback.url)
+
+
+def select_token(request, scopes='', new=False):
+    """
+    Presents the user with a selection of applicable tokens for the requested view.
+    """
+
+    @tokens_required(scopes=scopes, new=new)
+    def _token_list(r, tokens):
+        # Single Scope as string will break the Parser in the template
+        if isinstance(scopes, str):
+            scopes_output = [scopes]
+        else:
+            scopes_output = scopes
+
+        # fake distint on character_name to not show duplicates
+        # MySQL doesn't support distint on field.
+        token_output = []
+        _characters = set()
+        for t in tokens:
+            if t.character_name in _characters:
+                continue
+            token_output.append(t)
+            _characters.add(t.character_name)
+
+        context = {
+            'tokens': token_output,
+            'scopes': scopes_output
+        }
+
+        return render(r, 'esi/select_token.html', context=context)
+
+    return _token_list(request)