def generate_token(self):
"""Generate a delegate token"""
self.validate_grant()
self.validate_scope()
# Assuming delegation always requires write access
# should change it to a param
client = yield Service.get(self.assertion['client']['id'])
has_access = client.authorized('w', self.request.client)
if not has_access:
raise Unauthorized('Client "{}" may not delegate to service "{}"'.format(
self.assertion['client']['id'],
self.request.client_id
))
token, expiry = generate_token(client,
self.requested_scope,
self.grant_type,
delegate_id=self.request.client_id)
raise Return((token, expiry))
评论列表
文章目录
