diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-07-12 11:29:50 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-07-13 15:18:16 +0300 |
commit | 23bc19647ec6fac6906ceea66041bc75602612e1 (patch) | |
tree | 9265222d8a44be1f9eb2dacddd76fa2c089f3e8d | |
parent | 33b21c676584f7a1cf584b0aeb0127e45ca0d443 (diff) | |
download | qvisqve-23bc19647ec6fac6906ceea66041bc75602612e1.tar.gz |
Refactor: code cleanup
-rw-r--r-- | qvisqve/token_router.py | 92 | ||||
-rw-r--r-- | without-tests | 2 |
2 files changed, 59 insertions, 35 deletions
diff --git a/qvisqve/token_router.py b/qvisqve/token_router.py index f87037e..b5f30fe 100644 --- a/qvisqve/token_router.py +++ b/qvisqve/token_router.py @@ -28,8 +28,11 @@ class TokenRouter(qvisqve.Router): def __init__(self, token_generator, clients): super().__init__() - self._generator = token_generator - self._clients = Clients(clients) + args = (Clients(clients), token_generator) + self._grants = { + 'client_credentials': ClientCredentialsGrant(*args), + 'authorization_code': AuthorizationCodeGrant(*args), + } def get_routes(self): return [ @@ -48,25 +51,39 @@ class TokenRouter(qvisqve.Router): return qvisqve.bad_request_response('Wrong content type') params = self._get_form_params(body) - grant_type = self._get_grant_type(params) - if grant_type == 'client_credentials': - client_id, client_secret = bottle.request.auth - if not self._clients.is_correct_secret(client_id, client_secret): - return qvisqve.unauthorized_response('Unauthorized') - elif grant_type == 'authorization_code': - code = self._get_code(params) - # FIXME - if code is None or code != '123': - return qvisqve.unauthorized_response('Unauthorized') - empty_token = self._generator.new_token('', '') - return qvisqve.ok_response({ - 'access_token': empty_token, - 'token_type': 'bearer', - 'scope': '', - }) - else: + grant = self._get_grant(grant_type) + if grant is None: return qvisqve.bad_request_response('Wrong grant type') + return grant.get_token(bottle.request, params) + + def _get_form_params(self, body): + body = body.decode('UTF-8') + return urllib.parse.parse_qs(body) + + def _get_grant_type(self, params): + grant_type = params.get('grant_type') + if len(grant_type) == 1: + return grant_type[0] + return None + + def _get_grant(self, grant_type): + return self._grants.get(grant_type) + + +class Grant: + + def __init__(self, clients, generator): + self._clients = clients + self._generator = generator + + +class ClientCredentialsGrant(Grant): + + def get_token(self, request, params): + client_id, client_secret = request.auth + if not self._clients.is_correct_secret(client_id, client_secret): + return qvisqve.unauthorized_response('Unauthorized') scope = self._get_scope(params) if scope is None: @@ -86,22 +103,6 @@ class TokenRouter(qvisqve.Router): 'scope': scope, }) - def _get_form_params(self, body): - body = body.decode('UTF-8') - return urllib.parse.parse_qs(body) - - def _get_grant_type(self, params): - grant_type = params.get('grant_type') - if len(grant_type) == 1: - return grant_type[0] - return None - - def _get_code(self, params): - code = params.get('code') - if len(code) == 1: - return code[0] - return None - def _get_scope(self, params): scope = params.get('scope', []) if len(scope) > 1: @@ -111,6 +112,27 @@ class TokenRouter(qvisqve.Router): return '' +class AuthorizationCodeGrant(Grant): + + def get_token(self, request, params): + code = self._get_code(params) + # FIXME + if code is None or code != '123': + return qvisqve.unauthorized_response('Unauthorized') + empty_token = self._generator.new_token('', '') + return qvisqve.ok_response({ + 'access_token': empty_token, + 'token_type': 'bearer', + 'scope': '', + }) + + def _get_code(self, params): + code = params.get('code') + if len(code) == 1: + return code[0] + return None + + class Clients: def __init__(self, clients): diff --git a/without-tests b/without-tests index 45ab43b..1fc97eb 100644 --- a/without-tests +++ b/without-tests @@ -3,8 +3,10 @@ doc/build.py qvisqve/__init__.py qvisqve/api.py qvisqve/app.py +qvisqve/auth_router.py qvisqve/backend.py qvisqve/log_setup.py +qvisqve/login_router.py qvisqve/responses.py qvisqve/router.py qvisqve/token.py |