From a295d21a42a6ae9c463f7661b32df7de11095835 Mon Sep 17 00:00:00 2001
From: Munyoki Kilyungi
Date: Mon, 11 Mar 2024 21:05:57 +0300
Subject: Define OAuth2Token using a frozen dataclass.

* gn_auth/auth/authentication/oauth2/endpoints/introspection.py
(IntrospectionEndpoint.introspect_token): Replace token.get_scope()
with token.scope.
* gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import
dataclass, TokenMixin and cached_property.  Delete NamedTuple import.
(OAuth2Token): Use a frozen dataclass and explicitly inherit from
TokenMixin.
(OAuth2Token.expires_at): Make this a cached_property.
(OAuth2Token.check_client): Add the "# pylint ..." in it's own line.

Tested-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
---
 .../authentication/oauth2/endpoints/introspection.py   |  5 +++--
 .../auth/authentication/oauth2/models/oauth2token.py   | 18 ++++++++++++------
 2 files changed, 15 insertions(+), 8 deletions(-)

(limited to 'gn_auth/auth/authentication/oauth2')

diff --git a/gn_auth/auth/authentication/oauth2/endpoints/introspection.py b/gn_auth/auth/authentication/oauth2/endpoints/introspection.py
index 222ddcb..572324e 100644
--- a/gn_auth/auth/authentication/oauth2/endpoints/introspection.py
+++ b/gn_auth/auth/authentication/oauth2/endpoints/introspection.py
@@ -24,12 +24,13 @@ class IntrospectionEndpoint(_IntrospectionEndpoint):
         """Query the token."""
         return _query_token(self, token_string, token_type_hint)
 
-    def introspect_token(self, token: OAuth2Token) -> dict:# pylint: disable=[no-self-use]
+    # pylint: disable=[no-self-use]
+    def introspect_token(self, token: OAuth2Token) -> dict:
         """Return the introspection information."""
         url = urlparse(flask_request.url)
         return {
             "active": True,
-            "scope": token.get_scope(),
+            "scope": token.scope,
             "client_id": token.client.client_id,
             "username": token.user.name,
             "token_type": token.token_type,
diff --git a/gn_auth/auth/authentication/oauth2/models/oauth2token.py b/gn_auth/auth/authentication/oauth2/models/oauth2token.py
index f539a07..45962cd 100644
--- a/gn_auth/auth/authentication/oauth2/models/oauth2token.py
+++ b/gn_auth/auth/authentication/oauth2/models/oauth2token.py
@@ -1,19 +1,24 @@
 """OAuth2 Token"""
 import uuid
 import datetime
-from typing import NamedTuple, Optional
+from dataclasses import dataclass
+from functools import cached_property
+from typing import Optional
 
+from authlib.oauth2.rfc6749 import TokenMixin
 from pymonad.tools import monad_from_none_or_value
 from pymonad.maybe import Just, Maybe, Nothing
 
 from gn_auth.auth.db import sqlite3 as db
 from gn_auth.auth.authentication.users import User, user_by_id
-
 from gn_auth.auth.authorisation.errors import NotFoundError
 
 from .oauth2client import client, OAuth2Client
 
-class OAuth2Token(NamedTuple):
+
+# pylint: disable=[too-many-instance-attributes]
+@dataclass(frozen=True)
+class OAuth2Token(TokenMixin):
     """Implement Tokens for OAuth2."""
     token_id: uuid.UUID
     client: OAuth2Client
@@ -26,12 +31,13 @@ class OAuth2Token(NamedTuple):
     expires_in: int
     user: User
 
-    @property
-    def expires_at(self) -> datetime.datetime:
+    @cached_property
+    def expires_at(self):
         """Return the time when the token expires."""
         return self.issued_at + datetime.timedelta(seconds=self.expires_in)
 
-    def check_client(self, client: OAuth2Client) -> bool:# pylint: disable=[redefined-outer-name]
+    # pylint: disable=[redefined-outer-name]
+    def check_client(self, client: OAuth2Client) -> bool:
         """Check whether the token is issued to given `client`."""
         return client.client_id == self.client.client_id
 
-- 
cgit v1.2.3