Models¶
-
class
oauth2_provider.models.
AbstractApplication
(*args, **kwargs)¶ An Application instance represents a Client on the Authorization server. Usually an Application is created manually by client’s developers after logging in on an Authorization Server.
Fields:
client_id
The client identifier issued to the client during the- registration process as described in RFC6749 Section 2.2
user
ref to a Django userredirect_uris
The list of allowed redirect uri. The string- consists of valid URLs separated by space
client_type
Client type as described in RFC6749 Section 2.1authorization_grant_type
Authorization flows available to the- Application
client_secret
Confidential secret issued to the client during- the registration process as described in RFC6749 Section 2.2
name
Friendly name for the Application
-
default_redirect_uri
¶ Returns the default redirect_uri extracting the first item from the
redirect_uris
string
-
redirect_uri_allowed
(uri)¶ Checks if given url is one of the items in
redirect_uris
stringParameters: uri – Url to check
-
class
oauth2_provider.models.
AccessToken
(*args, **kwargs)¶ An AccessToken instance represents the actual access token to access user’s resources, as in RFC6749 Section 5.
Fields:
user
The Django user representing resources’ ownertoken
Access tokenapplication
Application instanceexpires
Date and time of token expiration, in DateTime formatscope
Allowed scopes
-
allow_scopes
(scopes)¶ Check if the token allows the provided scopes
Parameters: scopes – An iterable containing the scopes to check
-
is_expired
()¶ Check token expiration with timezone awareness
-
is_valid
(scopes=None)¶ Checks if the access token is valid.
Parameters: scopes – An iterable containing the scopes to check or None
-
revoke
()¶ Convenience method to uniform tokens’ interface, for now simply remove this token from the database in order to revoke it.
-
scopes
¶ Returns a dictionary of allowed scope names (as keys) with their descriptions (as values)
-
class
oauth2_provider.models.
Application
(id, client_id, user, redirect_uris, client_type, authorization_grant_type, client_secret, name, skip_authorization)¶
-
class
oauth2_provider.models.
Grant
(*args, **kwargs)¶ A Grant instance represents a token with a short lifetime that can be swapped for an access token, as described in RFC6749 Section 4.1.2
Fields:
user
The Django user who requested the grantcode
The authorization code generated by the authorization serverapplication
Application instance this grant was asked forexpires
Expire time in seconds, defaults tosettings.AUTHORIZATION_CODE_EXPIRE_SECONDS
redirect_uri
Self explainedscope
Required scopes, optional
-
is_expired
()¶ Check token expiration with timezone awareness
-
class
oauth2_provider.models.
RefreshToken
(*args, **kwargs)¶ A RefreshToken instance represents a token that can be swapped for a new access token when it expires.
Fields:
user
The Django user representing resources’ ownertoken
Token valueapplication
Application instanceaccess_token
AccessToken instance this refresh token is- bounded to
-
revoke
()¶ Delete this refresh token along with related access token
-
oauth2_provider.models.
get_application_model
()¶ Return the Application model that is active in this project.