Age | Commit message (Collapse) | Author |
|
Register the RefreshTokenGrant with the server to enable refreshing of
the tokens.
|
|
|
|
Have each JWT token have a `jti` claim (JWT ID) to help with tracking
refreshes, and therefore validity of the JWTs.
If a refresh token is used more than once, then that refresh token,
and all its progeny/descendants are considered invalid, since that
token could have been stolen.
|
|
This shim enables us to have a refresh token with the JWT. This might
not be the way to refresh JWTs - this is because the
`authlib.oauth2.rfc7523.token.JWTBearerTokenGenerator.__call__(…)`
method has a comment that states:
# there is absolutely no refresh token in JWT format
Searching on the internet, however, seems to indicate that JWTs can be
used in conjunction with refresh tokens... We need to verify this and
fix this if necessary.
|
|
|
|
|
|
|
|
Authenticate with the usual authentication code flow.
Do not inherit AuthenticationCodeGrant in JWTBearerGrant, instead, use
the JWTBearerGrant to generate the token after the user has already
been successfully authenticated.
|
|
|
|
|
|
* gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
(__query_authorization_code__): Rename the_code -> _code.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
This improves readability.
* gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
(AuthorisationCodeGrant.save_authorization_code): Use keyword arguments.
* gn_auth/auth/authentication/oauth2/models/authorization_code.py
(authorisation_code): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
|
|
Change from gn3 to gn_auth
|
|
|