Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if not user_id:
user_id = self.env.user.id
access_token = self.env['oauth.access_token'].sudo().search(
[('user_id', '=', user_id)], order='id DESC', limit=1)
if access_token:
access_token = access_token[0]
if access_token.is_expired():
access_token = None
if not access_token and create:
expires = datetime.now() + timedelta(seconds=int(self.env.ref('rest_api.oauth2_access_token_expires_in').sudo().value))
vals = {
'user_id': user_id,
'scope': 'userinfo',
'expires': expires.strftime(DEFAULT_SERVER_DATETIME_FORMAT),
'token': oauthlib_common.generate_token(),
}
access_token = self.env['oauth.access_token'].sudo().create(vals)
# we have to commit now, because /oauth2/tokeninfo could
# be called before we finish current transaction.
self._cr.commit()
if not access_token:
return None
return access_token.token
def authorization_url(self):
state = generate_token()
return (
self.oauth_client.prepare_request_uri(
self.authorization_base_url,
redirect_uri=self.redirect_uri,
scope=self.scope,
state=state,
access_type='offline',
prompt='select_account'
)
def create_authorization_code(self, request):
"""Generates an authorization grant represented as a dictionary."""
grant = {'code': common.generate_token()}
if hasattr(request, 'state') and request.state:
grant['state'] = request.state
log.debug('Created authorization code grant %r for request %r.',
grant, request)
return grant
if not request.user.is_authenticated:
return None
# Try to find an existing token that will work.
token = local.model.find_oauth2_token(
CLIENT_ID,
request.user.user_id,
datetime.utcnow() + timedelta(minutes=5))
if token is not None:
return token.access_token
# Otherwise, generate a new one.
token = OAuth2Token(
local.model,
access_token=generate_token(),
refresh_token=None,
scopes='',
expires=datetime.utcnow() + timedelta(hours=10),
client_id=CLIENT_ID,
user_id=request.user.user_id,
)
local.model.save_oauth2_token(token)
return token.access_token
return (wanted_perms & actual_perms) == wanted_perms
def has_perm(self, perm):
"""Return True if the service has the specified permission."""
if not self.is_active:
return False
return perm.value in self._get_permissions()
class ServiceAccountToken(models.Model):
service_account = models.ForeignKey(
ServiceAccount, on_delete=models.CASCADE, related_name="tokens"
)
name = models.CharField(blank=True, default="", max_length=128)
auth_token = models.CharField(default=generate_token, unique=True, max_length=30)
class CustomerNote(models.Model):
user = models.ForeignKey(
settings.AUTH_USER_MODEL, blank=True, null=True, on_delete=models.SET_NULL
)
date = models.DateTimeField(db_index=True, auto_now_add=True)
content = models.TextField()
is_public = models.BooleanField(default=True)
customer = models.ForeignKey(
settings.AUTH_USER_MODEL, related_name="notes", on_delete=models.CASCADE
)
class Meta:
ordering = ("date",)
def random_token_generator(request, refresh_token=False):
return common.generate_token()
def request_token(self):
"""Create an OAuth request token for a valid client request.
Defaults to /request_token. Invoked by client applications.
"""
client_key = request.oauth.client_key
realm = request.oauth.realm
# TODO: fallback on default realm?
callback = request.oauth.callback_uri
request_token = generate_token(length=self.request_token_length[1])
token_secret = generate_token(length=self.secret_length)
self.save_request_token(client_key, request_token, callback,
realm=realm, secret=token_secret)
return urlencode([(u'oauth_token', request_token),
(u'oauth_token_secret', token_secret),
(u'oauth_callback_confirmed', u'true')])
def generate_client_secret(self):
return generate_token(length=self.secret_length)