Models¶
-
class
oauth2_provider.models.
AbstractAccessToken
(*args, **kwargs)¶ An AccessToken instance represents the actual access token to access user’s resources, as in RFC6749 Section 5.
Fields:
user
The Django user representing resources” ownersource_refresh_token
If from a refresh, the consumed RefeshTokentoken
Access tokenapplication
Application instanceexpires
Date and time of token expiration, in DateTime formatscope
Allowed scopes
-
allow_scopes
(scopes)¶ Check if the token allows the provided scopes
Parameters: scopes – An iterable containing the scopes to check
-
is_expired
()¶ Check token expiration with timezone awareness
-
is_valid
(scopes=None)¶ Checks if the access token is valid.
Parameters: scopes – An iterable containing the scopes to check or None
-
revoke
()¶ Convenience method to uniform tokens” interface, for now simply remove this token from the database in order to revoke it.
-
scopes
¶ Returns a dictionary of allowed scope names (as keys) with their descriptions (as values)
-
class
oauth2_provider.models.
AbstractApplication
(*args, **kwargs)¶ An Application instance represents a Client on the Authorization server. Usually an Application is created manually by client’s developers after logging in on an Authorization Server.
Fields:
client_id
The client identifier issued to the client during the- registration process as described in RFC6749 Section 2.2
user
ref to a Django userredirect_uris
The list of allowed redirect uri. The string- consists of valid URLs separated by space
client_type
Client type as described in RFC6749 Section 2.1authorization_grant_type
Authorization flows available to the- Application
client_secret
Confidential secret issued to the client during- the registration process as described in RFC6749 Section 2.2
name
Friendly name for the Application
-
clean
()¶ Hook for doing any extra model-wide validation after clean() has been called on every field by self.clean_fields. Any ValidationError raised by this method will not be associated with a particular field; it will have a special-case association with the field defined by NON_FIELD_ERRORS.
-
default_redirect_uri
¶ Returns the default redirect_uri extracting the first item from the
redirect_uris
string
-
get_allowed_schemes
()¶ Returns the list of redirect schemes allowed by the Application. By default, returns ALLOWED_REDIRECT_URI_SCHEMES.
-
is_usable
(request)¶ Determines whether the application can be used.
Parameters: request – The oauthlib.common.Request being processed.
-
redirect_uri_allowed
(uri)¶ Checks if given url is one of the items in
redirect_uris
stringParameters: uri – Url to check
-
class
oauth2_provider.models.
AbstractGrant
(*args, **kwargs)¶ A Grant instance represents a token with a short lifetime that can be swapped for an access token, as described in RFC6749 Section 4.1.2
Fields:
user
The Django user who requested the grantcode
The authorization code generated by the authorization serverapplication
Application instance this grant was asked forexpires
Expire time in seconds, defaults tosettings.AUTHORIZATION_CODE_EXPIRE_SECONDS
redirect_uri
Self explainedscope
Required scopes, optionalcode_challenge
PKCE code challengecode_challenge_method
PKCE code challenge transform algorithm
-
is_expired
()¶ Check token expiration with timezone awareness
-
class
oauth2_provider.models.
AbstractRefreshToken
(*args, **kwargs)¶ A RefreshToken instance represents a token that can be swapped for a new access token when it expires.
Fields:
user
The Django user representing resources” ownertoken
Token valueapplication
Application instanceaccess_token
AccessToken instance this refresh token is- bounded to
revoked
Timestamp of when this refresh token was revoked
-
revoke
()¶ Mark this refresh token revoked and revoke related access token
-
class
oauth2_provider.models.
AccessToken
(id, user, source_refresh_token, token, application, expires, scope, created, updated)¶ -
exception
DoesNotExist
¶
-
exception
MultipleObjectsReturned
¶
-
exception
-
class
oauth2_provider.models.
Application
(id, client_id, user, redirect_uris, client_type, authorization_grant_type, client_secret, name, skip_authorization, created, updated)¶ -
exception
DoesNotExist
¶
-
exception
MultipleObjectsReturned
¶
-
exception
-
class
oauth2_provider.models.
Grant
(id, user, code, application, expires, redirect_uri, scope, created, updated, code_challenge, code_challenge_method)¶ -
exception
DoesNotExist
¶
-
exception
MultipleObjectsReturned
¶
-
exception
-
class
oauth2_provider.models.
RefreshToken
(id, user, token, application, access_token, created, updated, revoked)¶ -
exception
DoesNotExist
¶
-
exception
MultipleObjectsReturned
¶
-
exception
-
oauth2_provider.models.
get_access_token_model
()¶ Return the AccessToken model that is active in this project.
-
oauth2_provider.models.
get_application_model
()¶ Return the Application model that is active in this project.
-
oauth2_provider.models.
get_grant_model
()¶ Return the Grant model that is active in this project.
-
oauth2_provider.models.
get_refresh_token_model
()¶ Return the RefreshToken model that is active in this project.