providers/oauth2: only set expiry on user when it was freshly created
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
0e0dd2437b
commit
5da47b69dd
|
@ -333,18 +333,7 @@ class TokenParams:
|
||||||
raise TokenError("invalid_grant")
|
raise TokenError("invalid_grant")
|
||||||
|
|
||||||
self.__check_policy_access(app, request, oauth_jwt=token)
|
self.__check_policy_access(app, request, oauth_jwt=token)
|
||||||
|
self.__create_user_from_jwt(token, app)
|
||||||
self.user, _ = User.objects.update_or_create(
|
|
||||||
username=f"{self.provider.name}-{token.get('sub')}",
|
|
||||||
defaults={
|
|
||||||
"attributes": {
|
|
||||||
USER_ATTRIBUTE_GENERATED: True,
|
|
||||||
USER_ATTRIBUTE_EXPIRES: token.get("exp"),
|
|
||||||
},
|
|
||||||
"last_login": now(),
|
|
||||||
"name": f"Autogenerated user from application {app.name} (client credentials JWT)",
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
method_args = {
|
method_args = {
|
||||||
"jwt": token,
|
"jwt": token,
|
||||||
|
@ -360,6 +349,23 @@ class TokenParams:
|
||||||
PLAN_CONTEXT_APPLICATION=app,
|
PLAN_CONTEXT_APPLICATION=app,
|
||||||
).from_http(request, user=self.user)
|
).from_http(request, user=self.user)
|
||||||
|
|
||||||
|
def __create_user_from_jwt(self, token: dict[str, Any], app: Application):
|
||||||
|
"""Create user from JWT"""
|
||||||
|
exp = token.get("exp")
|
||||||
|
self.user, created = User.objects.update_or_create(
|
||||||
|
username=f"{self.provider.name}-{token.get('sub')}",
|
||||||
|
defaults={
|
||||||
|
"attributes": {
|
||||||
|
USER_ATTRIBUTE_GENERATED: True,
|
||||||
|
},
|
||||||
|
"last_login": now(),
|
||||||
|
"name": f"Autogenerated user from application {app.name} (client credentials JWT)",
|
||||||
|
},
|
||||||
|
)
|
||||||
|
if created and exp:
|
||||||
|
self.user.attributes[USER_ATTRIBUTE_EXPIRES] = exp
|
||||||
|
self.user.save()
|
||||||
|
|
||||||
|
|
||||||
class TokenView(View):
|
class TokenView(View):
|
||||||
"""Generate tokens for clients"""
|
"""Generate tokens for clients"""
|
||||||
|
|
Reference in a new issue