idp_oidc: use sesssion accessor in Token.is_valid() (#85643)
This commit is contained in:
parent
62a9500192
commit
aa554eccea
|
@ -339,6 +339,11 @@ class SessionMixin:
|
|||
self.session_key = ''
|
||||
self._session = None
|
||||
|
||||
def refresh_from_db(self, *args, **kwargs):
|
||||
if hasattr(self, '_session'):
|
||||
del self._session
|
||||
return super().refresh_from_db(*args, **kwargs)
|
||||
|
||||
|
||||
class OIDCCode(SessionMixin, models.Model):
|
||||
CODE_CHALLENGE_METHOD_PLAIN = 1
|
||||
|
@ -419,10 +424,9 @@ class OIDCAccessToken(SessionMixin, models.Model):
|
|||
return False
|
||||
if not self.session_key:
|
||||
return True
|
||||
session = get_session(self.session_key)
|
||||
if session is None:
|
||||
if self.session is None:
|
||||
return False
|
||||
if session.get('_auth_user_id') != str(self.user_id):
|
||||
if self.session.get('_auth_user_id') != str(self.user_id):
|
||||
return False
|
||||
return True
|
||||
|
||||
|
|
|
@ -98,6 +98,7 @@ def test_access_token_is_valid_session(simple_oidc_client, simple_user, session)
|
|||
|
||||
assert token.is_valid()
|
||||
session.flush()
|
||||
token.refresh_from_db()
|
||||
assert not token.is_valid()
|
||||
|
||||
|
||||
|
@ -111,8 +112,10 @@ def test_access_token_is_valid_expired(simple_oidc_client, simple_user, freezer)
|
|||
|
||||
assert token.is_valid()
|
||||
freezer.move_to(expired)
|
||||
token.refresh_from_db()
|
||||
assert token.is_valid()
|
||||
freezer.move_to(expired + datetime.timedelta(seconds=1))
|
||||
token.refresh_from_db()
|
||||
assert not token.is_valid()
|
||||
|
||||
|
||||
|
@ -130,12 +133,16 @@ def test_access_token_is_valid_session_and_expired(simple_oidc_client, simple_us
|
|||
|
||||
assert token.is_valid()
|
||||
freezer.move_to(expired)
|
||||
token.refresh_from_db()
|
||||
assert token.is_valid()
|
||||
freezer.move_to(expired + datetime.timedelta(seconds=1))
|
||||
token.refresh_from_db()
|
||||
assert not token.is_valid()
|
||||
freezer.move_to(start)
|
||||
token.refresh_from_db()
|
||||
assert token.is_valid()
|
||||
session.flush()
|
||||
token.refresh_from_db()
|
||||
assert not token.is_valid()
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue