summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEleni Lixourioti <contact@eleni.co>2014-03-17 13:57:48 (GMT)
committerEleni Lixourioti <contact@eleni.co>2014-03-17 13:58:13 (GMT)
commit3a6a8442591c8a7dd25918cf037d88d1e875ad9f (patch)
tree45db8f2cbd257f64a5858756cab277c21f1cc39d
parent9ae7e652aff7410cc6f22427025fb508f6928880 (diff)
downloaddjango-oauth2-provider-3a6a8442591c8a7dd25918cf037d88d1e875ad9f.zip
django-oauth2-provider-3a6a8442591c8a7dd25918cf037d88d1e875ad9f.tar.gz
django-oauth2-provider-3a6a8442591c8a7dd25918cf037d88d1e875ad9f.tar.bz2
Fix get_access_token failing on single tracker mode after token refresh (#70).
-rw-r--r--provider/oauth2/tests.py17
-rw-r--r--provider/oauth2/views.py3
2 files changed, 19 insertions, 1 deletions
diff --git a/provider/oauth2/tests.py b/provider/oauth2/tests.py
index 4a2a764..b7931af 100644
--- a/provider/oauth2/tests.py
+++ b/provider/oauth2/tests.py
@@ -296,6 +296,23 @@ class AccessTokenTest(BaseOAuth2TestCase):
constants.SINGLE_ACCESS_TOKEN = False
+ def test_fetching_single_access_token_after_refresh(self):
+ constants.SINGLE_ACCESS_TOKEN = True
+
+ token = self._login_authorize_get_token()
+
+ self.client.post(self.access_token_url(), {
+ 'grant_type': 'refresh_token',
+ 'refresh_token': token['refresh_token'],
+ 'client_id': self.get_client().client_id,
+ 'client_secret': self.get_client().client_secret,
+ })
+
+ new_token = self._login_authorize_get_token()
+ self.assertNotEqual(token['access_token'], new_token['access_token'])
+
+ constants.SINGLE_ACCESS_TOKEN = False
+
def test_fetching_access_token_multiple_times(self):
self._login_authorize_get_token()
code = self.get_grant().code
diff --git a/provider/oauth2/views.py b/provider/oauth2/views.py
index d0de51d..048a4f6 100644
--- a/provider/oauth2/views.py
+++ b/provider/oauth2/views.py
@@ -95,7 +95,8 @@ class AccessTokenView(AccessTokenView):
def get_access_token(self, request, user, scope, client):
try:
# Attempt to fetch an existing access token.
- at = AccessToken.objects.get(user=user, client=client, scope=scope)
+ at = AccessToken.objects.get(user=user, client=client,
+ scope=scope, expires__gt=now())
except AccessToken.DoesNotExist:
# None found... make a new one!
at = self.create_access_token(request, user, scope, client)