49 lines
1.5 KiB
Python
49 lines
1.5 KiB
Python
from django.contrib.auth import get_user_model
|
|
from django.views import View
|
|
from django.utils.decorators import method_decorator
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
from urllib.parse import urljoin
|
|
|
|
from .. import tokens
|
|
from lemoncurry import utils
|
|
|
|
|
|
@method_decorator(csrf_exempt, name='dispatch')
|
|
class TokenView(View):
|
|
def get(self, req):
|
|
token = tokens.auth(req)
|
|
if hasattr(token, 'content'):
|
|
return token
|
|
res = {
|
|
'me': token.me,
|
|
'client_id': token.client,
|
|
'scope': token.scope,
|
|
}
|
|
return utils.choose_type(req, res)
|
|
|
|
def post(self, req):
|
|
post = req.POST
|
|
try:
|
|
code = tokens.decode(post.get('code'))
|
|
except Exception:
|
|
return utils.forbid('invalid auth code')
|
|
|
|
if code['typ'] != 'code':
|
|
return utils.bad_req(
|
|
'this endpoint only supports response_type=code'
|
|
)
|
|
if code['cid'] != post.get('client_id'):
|
|
return utils.forbid('client id did not match')
|
|
if code['uri'] != post.get('redirect_uri'):
|
|
return utils.forbid('redirect uri did not match')
|
|
|
|
user = get_user_model().objects.get(pk=code['uid'])
|
|
me = urljoin(utils.origin(req), user.url)
|
|
if me != post.get('me'):
|
|
return utils.forbid('me did not match')
|
|
|
|
return utils.choose_type(req, {
|
|
'access_token': tokens.gen_token(code),
|
|
'me': me,
|
|
'scope': code['sco'],
|
|
})
|