udata 9.1.4.dev31301__py2.py3-none-any.whl → 9.1.5.dev31332__py2.py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of udata might be problematic. Click here for more details.

Files changed (25) hide show
  1. udata/__init__.py +1 -1
  2. udata/api/oauth2.py +28 -13
  3. udata/static/chunks/{10.1d9b1714c0289863ba0a.js → 10.c1c9496ebfc8949f3de2.js} +3 -3
  4. udata/static/chunks/{10.1d9b1714c0289863ba0a.js.map → 10.c1c9496ebfc8949f3de2.js.map} +1 -1
  5. udata/static/chunks/{11.b6991d2651a318d28ccc.js → 11.16618d9eedd3f6a7a3c2.js} +3 -3
  6. udata/static/chunks/{11.b6991d2651a318d28ccc.js.map → 11.16618d9eedd3f6a7a3c2.js.map} +1 -1
  7. udata/static/chunks/{13.413af7c95ac0ab6c909a.js → 13.9cfb8ee33c4d62e33f8a.js} +2 -2
  8. udata/static/chunks/{13.413af7c95ac0ab6c909a.js.map → 13.9cfb8ee33c4d62e33f8a.js.map} +1 -1
  9. udata/static/chunks/{16.133ce8c70b1e42c9e717.js → 16.d1de045f4bc4b5acdf6b.js} +2 -2
  10. udata/static/chunks/{16.133ce8c70b1e42c9e717.js.map → 16.d1de045f4bc4b5acdf6b.js.map} +1 -1
  11. udata/static/chunks/{19.28f355064e529318c9b1.js → 19.f1ff6cd5816f2d9debc4.js} +3 -3
  12. udata/static/chunks/{19.28f355064e529318c9b1.js.map → 19.f1ff6cd5816f2d9debc4.js.map} +1 -1
  13. udata/static/chunks/{8.95c59b717494bac4ce43.js → 8.b50a30118e9e2e1ab436.js} +2 -2
  14. udata/static/chunks/{8.95c59b717494bac4ce43.js.map → 8.b50a30118e9e2e1ab436.js.map} +1 -1
  15. udata/static/chunks/{9.5009f558f2268bbe4094.js → 9.8ad948dd393d38f07a7a.js} +3 -3
  16. udata/static/chunks/{9.5009f558f2268bbe4094.js.map → 9.8ad948dd393d38f07a7a.js.map} +1 -1
  17. udata/static/common.js +1 -1
  18. udata/static/common.js.map +1 -1
  19. udata/tests/api/test_auth_api.py +40 -5
  20. {udata-9.1.4.dev31301.dist-info → udata-9.1.5.dev31332.dist-info}/METADATA +7 -2
  21. {udata-9.1.4.dev31301.dist-info → udata-9.1.5.dev31332.dist-info}/RECORD +25 -25
  22. {udata-9.1.4.dev31301.dist-info → udata-9.1.5.dev31332.dist-info}/LICENSE +0 -0
  23. {udata-9.1.4.dev31301.dist-info → udata-9.1.5.dev31332.dist-info}/WHEEL +0 -0
  24. {udata-9.1.4.dev31301.dist-info → udata-9.1.5.dev31332.dist-info}/entry_points.txt +0 -0
  25. {udata-9.1.4.dev31301.dist-info → udata-9.1.5.dev31332.dist-info}/top_level.txt +0 -0
udata/__init__.py CHANGED
@@ -4,5 +4,5 @@
4
4
  udata
5
5
  """
6
6
 
7
- __version__ = "9.1.4.dev"
7
+ __version__ = "9.1.5.dev"
8
8
  __description__ = "Open data portal"
udata/api/oauth2.py CHANGED
@@ -15,6 +15,7 @@ As well as a sample application:
15
15
  """
16
16
 
17
17
  import fnmatch
18
+ import time
18
19
  from datetime import datetime, timedelta
19
20
 
20
21
  from authlib.integrations.flask_oauth2 import AuthorizationServer, ResourceProtector
@@ -111,7 +112,7 @@ class OAuth2Client(ClientMixin, db.Datetimed, db.Document):
111
112
  def check_client_secret(self, client_secret):
112
113
  return self.secret == client_secret
113
114
 
114
- def check_token_endpoint_auth_method(self, method):
115
+ def check_endpoint_auth_method(self, method, _endpoint):
115
116
  if not self.has_client_secret():
116
117
  return method == "none"
117
118
  return method in ("client_secret_post", "client_secret_basic")
@@ -149,6 +150,9 @@ class OAuth2Token(db.Document):
149
150
  def __str__(self):
150
151
  return "<OAuth2Token({0.client.name})>".format(self)
151
152
 
153
+ def check_client(self, client):
154
+ return self.client == client
155
+
152
156
  def get_scope(self):
153
157
  return self.scope
154
158
 
@@ -161,6 +165,13 @@ class OAuth2Token(db.Document):
161
165
  def get_client_id(self):
162
166
  return str(self.client.id)
163
167
 
168
+ def is_expired(self):
169
+ now = time.time()
170
+ return self.get_expires_at() < now
171
+
172
+ def is_revoked(self):
173
+ return self.revoked
174
+
164
175
  def is_refresh_token_valid(self):
165
176
  if self.revoked:
166
177
  return False
@@ -238,6 +249,8 @@ class PasswordGrant(grants.ResourceOwnerPasswordCredentialsGrant):
238
249
 
239
250
 
240
251
  class RefreshTokenGrant(grants.RefreshTokenGrant):
252
+ INCLUDE_NEW_REFRESH_TOKEN = True
253
+
241
254
  def authenticate_refresh_token(self, refresh_token):
242
255
  item = OAuth2Token.objects(refresh_token=refresh_token).first()
243
256
  if item and item.is_refresh_token_valid():
@@ -252,17 +265,17 @@ class RefreshTokenGrant(grants.RefreshTokenGrant):
252
265
 
253
266
 
254
267
  class RevokeToken(RevocationEndpoint):
255
- def query_token(self, token, token_type_hint, client):
256
- qs = OAuth2Token.objects(client=client)
268
+ def query_token(self, token_string, token_type_hint):
269
+ qs = OAuth2Token.objects()
257
270
  if token_type_hint == "access_token":
258
- return qs.filter(access_token=token).first()
271
+ return qs.filter(access_token=token_string).first()
259
272
  elif token_type_hint == "refresh_token":
260
- return qs.filter(refresh_token=token).first()
273
+ return qs.filter(refresh_token=token_string).first()
261
274
  else:
262
- qs = qs(db.Q(access_token=token) | db.Q(refresh_token=token))
275
+ qs = qs(db.Q(access_token=token_string) | db.Q(refresh_token=token_string))
263
276
  return qs.first()
264
277
 
265
- def revoke_token(self, token):
278
+ def revoke_token(self, token, _request):
266
279
  token.revoked = True
267
280
  token.save()
268
281
 
@@ -295,7 +308,7 @@ def revoke_token():
295
308
  def authorize(*args, **kwargs):
296
309
  if request.method == "GET":
297
310
  try:
298
- grant = oauth.validate_consent_request(end_user=current_user)
311
+ grant = oauth.get_consent_grant(end_user=current_user)
299
312
  except OAuth2Error as error:
300
313
  return error.error
301
314
  # Bypass authorization screen for internal clients
@@ -324,13 +337,15 @@ def query_client(client_id):
324
337
 
325
338
  def save_token(token, request):
326
339
  scope = token.pop("scope", "")
340
+ client = request.client
341
+ user = request.user or client.owner
327
342
  if request.grant_type == "refresh_token":
328
- credential = request.credential
329
- credential.update(scope=scope, **token)
343
+ old_token = OAuth2Token.objects(
344
+ refresh_token=request.refresh_token.refresh_token, client=client, user=user, scope=scope
345
+ ).first()
346
+ old_token.update(**token)
330
347
  else:
331
- client = request.client
332
- user = request.user or client.owner
333
- OAuth2Token.objects.create(client=client, user=user.id, scope=scope, **token)
348
+ OAuth2Token.objects.create(client=client, user=user, scope=scope, **token)
334
349
 
335
350
 
336
351
  def check_credentials():