Access Token Generation¶
TokenGenerator¶
The TokenGenerator is used by the oauth2app.token.handler method to generate access tokens. It responds to several grant types, specified through the grant_type request parameter.
- authorization_code: Grants an access token based on an authorization code issued via Authorization.
- refresh_token: Refreshes an access token.
- password: Grants an access token based on a POST containing a username and password.
- client_credentials: Grants an access token based specific to the client to access internal resources.
Connect the handler method to the access endpoint.
from django.conf.urls.defaults import patterns
urlpatterns = patterns('',
(r'^oauth2/token/?$', 'oauth2app.token.handler'),
)
To set token handler parameters, you can also use the TokenGenerator callable.
from django.conf.urls.defaults import patterns
from oauth2app.token import TokenGenerator
from oauth2app.consts import MAC
oauth2_token_generator = TokenGenerator(authentication_method=MAC, refreshable=False)
urlpatterns = patterns('',
(r'^token/?$', oauth2_token_generator)
)
Module Reference¶
OAuth 2.0 Token Generation
-
exception
oauth2app.token.
InvalidClient
[source]¶ Client authentication failed (e.g. unknown client, no client credentials included, multiple client credentials included, or unsupported credentials type).
-
error
= 'invalid_client'¶
-
-
exception
oauth2app.token.
InvalidGrant
[source]¶ The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
-
error
= 'invalid_grant'¶
-
-
exception
oauth2app.token.
InvalidRequest
[source]¶ The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
-
error
= 'invalid_request'¶
-
-
exception
oauth2app.token.
InvalidScope
[source]¶ The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner.
-
error
= 'invalid_scope'¶
-
-
class
oauth2app.token.
TokenGenerator
(scope=None, authentication_method=1, refreshable=True)[source]¶ Token access handler. Validates authorization codes, refresh tokens, username/password pairs, and generates a JSON formatted authorization code.
Args:
- request: Django HttpRequest object.
Kwargs:
- scope: An iterable of oauth2app.models.AccessRange objects representing the scope the token generator will grant. Default None
- authentication_method: Type of token to generate. Possible values are: oauth2app.consts.MAC and oauth2app.consts.BEARER Default oauth2app.consts.BEARER
- refreshable: Boolean value indicating whether issued tokens are refreshable. Default True
-
access_token
= None¶
-
client
= None¶
-
code
= None¶
-
error
= None¶
-
error_response
()[source]¶ In the event of an error, return a Django HttpResponse with the appropriate JSON encoded error parameters.
Returns HttpResponse
-
request
= None¶
-
user
= None¶
-
valid
= False¶
The client is not authorized to request an authorization code using this method.
-
exception
oauth2app.token.
UnsupportedGrantType
[source]¶ The authorization grant type is not supported by the authorization server.
-
error
= 'unsupported_grant_type'¶
-