D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
usr
/
lib
/
python3.6
/
site-packages
/
oauthlib
/
oauth2
/
rfc6749
/
endpoints
/
Filename :
revocation.py
back
Copy
# -*- coding: utf-8 -*- """ oauthlib.oauth2.rfc6749.endpoint.revocation ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ An implementation of the OAuth 2 `Token Revocation`_ spec (draft 11). .. _`Token Revocation`: https://tools.ietf.org/html/draft-ietf-oauth-revocation-11 """ from __future__ import absolute_import, unicode_literals import logging from oauthlib.common import Request from ..errors import (InvalidClientError, InvalidRequestError, OAuth2Error, UnsupportedTokenTypeError) from .base import BaseEndpoint, catch_errors_and_unavailability log = logging.getLogger(__name__) class RevocationEndpoint(BaseEndpoint): """Token revocation endpoint. Endpoint used by authenticated clients to revoke access and refresh tokens. Commonly this will be part of the Authorization Endpoint. """ valid_token_types = ('access_token', 'refresh_token') def __init__(self, request_validator, supported_token_types=None, enable_jsonp=False): BaseEndpoint.__init__(self) self.request_validator = request_validator self.supported_token_types = ( supported_token_types or self.valid_token_types) self.enable_jsonp = enable_jsonp @catch_errors_and_unavailability def create_revocation_response(self, uri, http_method='POST', body=None, headers=None): """Revoke supplied access or refresh token. The authorization server responds with HTTP status code 200 if the token has been revoked sucessfully or if the client submitted an invalid token. Note: invalid tokens do not cause an error response since the client cannot handle such an error in a reasonable way. Moreover, the purpose of the revocation request, invalidating the particular token, is already achieved. The content of the response body is ignored by the client as all necessary information is conveyed in the response code. An invalid token type hint value is ignored by the authorization server and does not influence the revocation response. """ request = Request( uri, http_method=http_method, body=body, headers=headers) try: self.validate_revocation_request(request) log.debug('Token revocation valid for %r.', request) except OAuth2Error as e: log.debug('Client error during validation of %r. %r.', request, e) response_body = e.json if self.enable_jsonp and request.callback: response_body = '%s(%s);' % (request.callback, response_body) return {}, response_body, e.status_code self.request_validator.revoke_token(request.token, request.token_type_hint, request) response_body = '' if self.enable_jsonp and request.callback: response_body = request.callback + '();' return {}, response_body, 200 def validate_revocation_request(self, request): """Ensure the request is valid. The client constructs the request by including the following parameters using the "application/x-www-form-urlencoded" format in the HTTP request entity-body: token (REQUIRED). The token that the client wants to get revoked. token_type_hint (OPTIONAL). A hint about the type of the token submitted for revocation. Clients MAY pass this parameter in order to help the authorization server to optimize the token lookup. If the server is unable to locate the token using the given hint, it MUST extend its search accross all of its supported token types. An authorization server MAY ignore this parameter, particularly if it is able to detect the token type automatically. This specification defines two such values: * access_token: An Access Token as defined in [RFC6749], `section 1.4`_ * refresh_token: A Refresh Token as defined in [RFC6749], `section 1.5`_ Specific implementations, profiles, and extensions of this specification MAY define other values for this parameter using the registry defined in `Section 4.1.2`_. The client also includes its authentication credentials as described in `Section 2.3`_. of [`RFC6749`_]. .. _`section 1.4`: https://tools.ietf.org/html/rfc6749#section-1.4 .. _`section 1.5`: https://tools.ietf.org/html/rfc6749#section-1.5 .. _`section 2.3`: https://tools.ietf.org/html/rfc6749#section-2.3 .. _`Section 4.1.2`: https://tools.ietf.org/html/draft-ietf-oauth-revocation-11#section-4.1.2 .. _`RFC6749`: https://tools.ietf.org/html/rfc6749 """ if not request.token: raise InvalidRequestError(request=request, description='Missing token parameter.') if self.request_validator.client_authentication_required(request): if not self.request_validator.authenticate_client(request): log.debug('Client authentication failed, %r.', request) raise InvalidClientError(request=request) elif not self.request_validator.authenticate_client_id(request.client_id, request): log.debug('Client authentication failed, %r.', request) raise InvalidClientError(request=request) if (request.token_type_hint and request.token_type_hint in self.valid_token_types and request.token_type_hint not in self.supported_token_types): raise UnsupportedTokenTypeError(request=request)
Name
Size
Last Modified
Owner
Permissions
Actions
__pycache__
Dir
July 28 2023 2:56:41
root
0755
__init__.py
0.633
KB
May 22 2018 10:17:16
root
0644
authorization.py
4.557
KB
May 22 2018 10:17:16
root
0644
base.py
1.692
KB
May 22 2018 10:17:16
root
0644
pre_configured.py
12.038
KB
May 22 2018 10:17:16
root
0644
resource.py
3.238
KB
May 22 2018 10:17:16
root
0644
revocation.py
5.666
KB
May 22 2018 10:17:16
root
0644
token.py
4.411
KB
May 22 2018 10:17:16
root
0644
2017 © D7net | D704T team