Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/rfc7662 oauth2 token introspection #36

Merged
merged 2 commits into from
Mar 10, 2018
Merged

Feature/rfc7662 oauth2 token introspection #36

merged 2 commits into from
Mar 10, 2018

Conversation

jimmy-lt
Copy link
Contributor

@jimmy-lt jimmy-lt commented Mar 6, 2018
edited
Loading

What kind of change does this PR introduce? (check at least one)

  • Bugfix
  • Feature
  • Code style update
  • Refactor
  • Other, please describe:
  • You consent that the copyright of your pull request source code belongs to Authlib's author.

Implementation of RFC7662 (#33).

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated
self._client = None
self._token = None

def authenticate_revocation_endpoint_client(self):
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

method name should be authenticate_ introspection_endpoint_client

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7009/__init__.py Outdated
@@ -14,3 +14,4 @@
from .parameters import prepare_revoke_token_request
from .errors import UnsupportedTokenTypeError
from .revocation import RevocationEndpoint
from .registry import *
Copy link
Owner

@lepture lepture Mar 6, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

from .registry import OAUTH_TOKEN_TYPE_HINTS

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather not make any changes in revocation spec. You can add a SUPPORTED_TOKEN_TYPES in IntrospectionEndpoint itself. In this way, people can custom the SUPPORTED_TOKEN_TYPES with a subclass.

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated
def introspect_token(self, token):
"""Read given token and return its introspection metadata as a
dictionary following RFC7662 keys.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove blank line

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated

:returns: (status_code, body, headers)

"""
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove blank line

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated
"""Constructor for
:class:`authlib.specs.rfc7662.IntrospectionEndpoint`.

"""
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no doc string in __init__

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated
:class:`~authlib.specs.rfc6749.ClientMixin`.

.. _RFC7662: https://tools.ietf.org/html/rfc7662

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove blank line

lepture
lepture reviewed Mar 6, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated
"""Get the token from database/storage by the given token string.
Developers should implement this method::

def query_token(self, token, token_type_hint, client):
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

example doesn't match the method interface.

@lepture
Copy link
Owner

lepture commented Mar 6, 2018

I'd rather not make any changes in revocation spec. You can add a SUPPORTED_TOKEN_TYPES in IntrospectionEndpoint itself. In this way, people can custom the SUPPORTED_TOKEN_TYPES with a subclass.

lepture
lepture reviewed Mar 7, 2018
View reviewed changes
authlib/specs/rfc7662/introspection.py Outdated

self._token = self.query_token(
params['token'],
{k: v for k, v in params.items() if k != 'token'}
Copy link
Owner

@lepture lepture Mar 7, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems that query_token need a client parameter.

@jimmy-lt
rfc7662: Implement token introspection endpoint
b0b37ed 
First implementation of the token introspection endpoint as defined in
RFC7662. The implementation is mostly a copy paste of the
implementation of RFC7009.

Signed-off-by: Jimmy Thrasibule <[email protected]>
@lepture lepture added this to the Version 0.6 milestone Mar 8, 2018
@lepture
Copy link
Owner

lepture commented Mar 8, 2018

This will hold on for a while. I'm planning a lot of things in v0.6. It will get merged when I get things ready.

Thank you.

@jimmy-lt
Copy link
Contributor Author

jimmy-lt commented Mar 8, 2018

OK. Anything else I can do?

@lepture lepture mentioned this pull request Mar 9, 2018
Closed
@lepture lepture merged commit 5d8c417 into lepture:master Mar 10, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lepture lepture lepture left review comments

Assignees
No one assigned
Labels
feature request spec
Projects
None yet
Milestone
Version 0.6
Development

Successfully merging this pull request may close these issues.
2 participants
@jimmy-lt @lepture