Allow expired app specific tokens to be deleted
This commit is contained in:
		
							parent
							
								
									b29e8202e5
								
							
						
					
					
						commit
						208dc38d25
					
				
					 3 changed files with 25 additions and 3 deletions
				
			
		|  | @ -39,6 +39,17 @@ def revoke_token(token): | |||
|   token.delete_instance() | ||||
| 
 | ||||
| 
 | ||||
| def revoke_token_by_uuid(uuid, owner): | ||||
|   """ Revokes an app specific token by deleting it. """ | ||||
|   try: | ||||
|     token = AppSpecificAuthToken.get(uuid=uuid, user=owner) | ||||
|   except AppSpecificAuthToken.DoesNotExist: | ||||
|     return None | ||||
| 
 | ||||
|   revoke_token(token) | ||||
|   return token | ||||
| 
 | ||||
| 
 | ||||
| def get_expiring_tokens(user, soon): | ||||
|   """ Returns all tokens owned by the given user that will be expiring "soon", where soon is defined | ||||
|       by the soon parameter (a timedelta from now). | ||||
|  |  | |||
|  | @ -122,12 +122,10 @@ class AppToken(ApiResource): | |||
|   @nickname('revokeAppToken') | ||||
|   def delete(self, token_uuid): | ||||
|     """ Revokes a specific app token for the user. """ | ||||
|     token = model.appspecifictoken.get_token_by_uuid(token_uuid, owner=get_authenticated_user()) | ||||
|     token = model.appspecifictoken.revoke_token_by_uuid(token_uuid, owner=get_authenticated_user()) | ||||
|     if token is None: | ||||
|       raise NotFound() | ||||
| 
 | ||||
|     model.appspecifictoken.revoke_token(token) | ||||
| 
 | ||||
|     log_action('revoke_app_specific_token', get_authenticated_user().username, | ||||
|                {'app_specific_token_title': token.title, | ||||
|                 'app_specific_token': token.uuid}) | ||||
|  |  | |||
|  | @ -1,3 +1,6 @@ | |||
| from datetime import datetime, timedelta | ||||
| 
 | ||||
| from data import model | ||||
| from endpoints.api.appspecifictokens import AppTokens, AppToken | ||||
| from endpoints.api.test.shared import conduct_api_call | ||||
| from endpoints.test.shared import client_with_identity | ||||
|  | @ -35,3 +38,13 @@ def test_app_specific_tokens(app, client): | |||
|     assert token_uuid not in set([token['uuid'] for token in resp['tokens']]) | ||||
| 
 | ||||
|     conduct_api_call(cl, AppToken, 'GET', {'token_uuid': token_uuid}, None, 404) | ||||
| 
 | ||||
| 
 | ||||
| def test_delete_expired_app_token(app, client): | ||||
|   user = model.user.get_user('devtable') | ||||
|   expiration = datetime.now() - timedelta(seconds=10) | ||||
|   token = model.appspecifictoken.create_token(user, 'some token', expiration) | ||||
| 
 | ||||
|   with client_with_identity('devtable', client) as cl: | ||||
|     # Delete the token. | ||||
|     conduct_api_call(cl, AppToken, 'DELETE', {'token_uuid': token.uuid}, None, 204) | ||||
|  |  | |||
		Reference in a new issue