providers/oauth2: make exp optional on jwt client_credentials flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
f8f8a9bbb9
commit
f977bf61eb
|
@ -60,6 +60,8 @@ def clean_temporary_users(self: MonitoredTask):
|
||||||
messages = []
|
messages = []
|
||||||
deleted_users = 0
|
deleted_users = 0
|
||||||
for user in User.objects.filter(**{f"attributes__{USER_ATTRIBUTE_GENERATED}": True}):
|
for user in User.objects.filter(**{f"attributes__{USER_ATTRIBUTE_GENERATED}": True}):
|
||||||
|
if USER_ATTRIBUTE_EXPIRES not in user.attributes:
|
||||||
|
continue
|
||||||
delta: timedelta = _now - datetime.fromtimestamp(
|
delta: timedelta = _now - datetime.fromtimestamp(
|
||||||
user.attributes.get(USER_ATTRIBUTE_EXPIRES)
|
user.attributes.get(USER_ATTRIBUTE_EXPIRES)
|
||||||
)
|
)
|
||||||
|
|
|
@ -280,6 +280,7 @@ class TokenParams:
|
||||||
if not token:
|
if not token:
|
||||||
raise TokenError("invalid_grant")
|
raise TokenError("invalid_grant")
|
||||||
|
|
||||||
|
if "exp" in token:
|
||||||
exp = datetime.fromtimestamp(token["exp"])
|
exp = datetime.fromtimestamp(token["exp"])
|
||||||
# Non-timezone aware check since we assume `exp` is in UTC
|
# Non-timezone aware check since we assume `exp` is in UTC
|
||||||
if datetime.now() >= exp:
|
if datetime.now() >= exp:
|
||||||
|
@ -298,7 +299,7 @@ class TokenParams:
|
||||||
defaults={
|
defaults={
|
||||||
"attributes": {
|
"attributes": {
|
||||||
USER_ATTRIBUTE_GENERATED: True,
|
USER_ATTRIBUTE_GENERATED: True,
|
||||||
USER_ATTRIBUTE_EXPIRES: token["exp"],
|
USER_ATTRIBUTE_EXPIRES: token.get("exp"),
|
||||||
},
|
},
|
||||||
"last_login": now(),
|
"last_login": now(),
|
||||||
"name": f"Autogenerated user from application {app.name} (client credentials JWT)",
|
"name": f"Autogenerated user from application {app.name} (client credentials JWT)",
|
||||||
|
|
Reference in New Issue