API - add refresh token

This commit is contained in:
Sam 2022-05-27 14:18:50 +02:00
parent 64b813a44b
commit 887553dd5d
5 changed files with 10 additions and 4 deletions

View File

@ -65,6 +65,7 @@ class TestingConfig(BaseConfig):
TOKEN_EXPIRATION_DAYS = 0
TOKEN_EXPIRATION_SECONDS = 3
PASSWORD_TOKEN_EXPIRATION_SECONDS = 3
OAUTH2_REFRESH_TOKEN_GENERATOR = True
UI_URL = 'http://0.0.0.0:5000'
SENDER_EMAIL = 'fittrackee@example.com'

View File

@ -19,7 +19,7 @@ def create_oauth_client(metadata: Dict, user: User) -> OAuth2Client:
'client_uri': metadata['client_uri'],
'redirect_uris': metadata['redirect_uris'],
'scope': metadata['scope'],
'grant_types': ['authorization_code'],
'grant_types': ['authorization_code', 'refresh_token'],
'response_types': ['code'],
'token_endpoint_auth_method': 'client_secret_post',
}

View File

@ -1,7 +1,7 @@
from authlib.oauth2.rfc7636 import CodeChallenge
from flask import Flask
from .grants import AuthorizationCodeGrant
from .grants import AuthorizationCodeGrant, RefreshTokenGrant
from .server import authorization_server
@ -12,3 +12,4 @@ def config_oauth(app: Flask) -> None:
authorization_server.register_grant(
AuthorizationCodeGrant, [CodeChallenge(required=True)]
)
authorization_server.register_grant(RefreshTokenGrant)

View File

@ -72,7 +72,10 @@ class TestCreateOAuth2Client:
) -> None:
oauth_client = create_oauth_client(TEST_METADATA, user_1)
assert oauth_client.grant_types == ['authorization_code']
assert oauth_client.grant_types == [
'authorization_code',
'refresh_token',
]
def test_oauth_client_has_expected_redirect_uris(
self, app: Flask, user_1: User

View File

@ -153,7 +153,7 @@ class TestOAuthClientCreation(OAuth2TestCase):
@pytest.mark.parametrize(
'input_key,expected_value',
[
('grant_types', ['authorization_code']),
('grant_types', ['authorization_code', 'refresh_token']),
('response_types', ['code']),
('token_endpoint_auth_method', 'client_secret_post'),
],
@ -271,6 +271,7 @@ class TestOAuthIssueToken(OAuth2TestCase):
data = json.loads(response.data.decode())
assert data.get('access_token') is not None
assert data.get('expires_in') is not None
assert data.get('refresh_token') is not None
assert data.get('token_type') == 'Bearer'
@staticmethod