Access Token Generation¶
TokenGenerator¶
The TokenGenerator is used by the oauth2app.token.handler method to generate access tokens. It responds to several grant types, specified through the grant_type request parameter.
- authorization_code: Grants an access token based on an authorization code issued via Authorization.
- refresh_token: Refreshes an access token.
- password: Grants an access token based on a POST containing a username and password.
- client_credentials: Grants an access token based specific to the client to access internal resources.
Connect the handler method to the access endpoint.
from django.conf.urls.defaults import patterns
urlpatterns = patterns('',
(r'^oauth2/token/?$', 'oauth2app.token.handler'),
)
To set token handler parameters, you can also use the TokenGenerator callable.
from django.conf.urls.defaults import patterns
from oauth2app.token import TokenGenerator
from oauth2app.consts import MAC
oauth2_token_generator = TokenGenerator(authentication_method=MAC, refreshable=False)
urlpatterns = patterns('',
(r'^token/?$', oauth2_token_generator)
)
Module Reference¶
OAuth 2.0 Token Generation
- exception oauth2app.token.InvalidClient[source]¶
Client authentication failed (e.g. unknown client, no client credentials included, multiple client credentials included, or unsupported credentials type).
- exception oauth2app.token.InvalidGrant[source]¶
The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
- exception oauth2app.token.InvalidRequest[source]¶
The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
- exception oauth2app.token.InvalidScope[source]¶
The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner.
- class oauth2app.token.TokenGenerator(scope=None, authentication_method=1, refreshable=True)[source]¶
Token access handler. Validates authorization codes, refresh tokens, username/password pairs, and generates a JSON formatted authorization code.
Args:
- request: Django HttpRequest object.
Kwargs:
- scope: An iterable of oauth2app.models.AccessRange objects representing the scope the token generator will grant. Default None
- authentication_method: Type of token to generate. Possible values are: oauth2app.consts.MAC and oauth2app.consts.BEARER Default oauth2app.consts.BEARER
- refreshable: Boolean value indicating whether issued tokens are refreshable. Default True
The client is not authorized to request an authorization code using this method.
- exception oauth2app.token.UnsupportedGrantType[source]¶
The authorization grant type is not supported by the authorization server.