Allow expired app specific tokens to be deleted

2018-01-23 11:40:51 -05:00 · 2018-01-23 11:40:51 -05:00 · 208dc38d25
commit 208dc38d25
parent b29e8202e5
3 changed files with 25 additions and 3 deletions
--- a/data/model/appspecifictoken.py
+++ b/data/model/appspecifictoken.py
@ -39,6 +39,17 @@ def revoke_token(token):
  token.delete_instance()


+def revoke_token_by_uuid(uuid, owner):
+  """ Revokes an app specific token by deleting it. """
+  try:
+    token = AppSpecificAuthToken.get(uuid=uuid, user=owner)
+  except AppSpecificAuthToken.DoesNotExist:
+    return None
+
+  revoke_token(token)
+  return token
+
+
 def get_expiring_tokens(user, soon):
  """ Returns all tokens owned by the given user that will be expiring "soon", where soon is defined
      by the soon parameter (a timedelta from now).
--- a/endpoints/api/appspecifictokens.py
+++ b/endpoints/api/appspecifictokens.py
@ -122,12 +122,10 @@ class AppToken(ApiResource):
  @nickname('revokeAppToken')
  def delete(self, token_uuid):
    """ Revokes a specific app token for the user. """
-    token = model.appspecifictoken.get_token_by_uuid(token_uuid, owner=get_authenticated_user())
+    token = model.appspecifictoken.revoke_token_by_uuid(token_uuid, owner=get_authenticated_user())
    if token is None:
      raise NotFound()

-    model.appspecifictoken.revoke_token(token)
-
    log_action('revoke_app_specific_token', get_authenticated_user().username,
               {'app_specific_token_title': token.title,
                'app_specific_token': token.uuid})
--- a/endpoints/api/test/test_appspecifictoken.py
+++ b/endpoints/api/test/test_appspecifictoken.py
@ -1,3 +1,6 @@
+from datetime import datetime, timedelta
+
+from data import model
 from endpoints.api.appspecifictokens import AppTokens, AppToken
 from endpoints.api.test.shared import conduct_api_call
 from endpoints.test.shared import client_with_identity
@ -35,3 +38,13 @@ def test_app_specific_tokens(app, client):
    assert token_uuid not in set([token['uuid'] for token in resp['tokens']])

    conduct_api_call(cl, AppToken, 'GET', {'token_uuid': token_uuid}, None, 404)
+
+
+def test_delete_expired_app_token(app, client):
+  user = model.user.get_user('devtable')
+  expiration = datetime.now() - timedelta(seconds=10)
+  token = model.appspecifictoken.create_token(user, 'some token', expiration)
+
+  with client_with_identity('devtable', client) as cl:
+    # Delete the token.
+    conduct_api_call(cl, AppToken, 'DELETE', {'token_uuid': token.uuid}, None, 204)