From 9c08524e98f9fdb68d5f083588dcedf409547658 Mon Sep 17 00:00:00 2001 From: Paul Wilkinson Date: Mon, 6 Apr 2020 14:57:31 +1000 Subject: [PATCH 1/2] Check expiration of token --- rest_framework_social_oauth2/oauth2_grants.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/rest_framework_social_oauth2/oauth2_grants.py b/rest_framework_social_oauth2/oauth2_grants.py index ebbc9c5..740296e 100644 --- a/rest_framework_social_oauth2/oauth2_grants.py +++ b/rest_framework_social_oauth2/oauth2_grants.py @@ -1,4 +1,5 @@ import logging +import time try: from django.urls import reverse @@ -90,6 +91,11 @@ def validate_token_request(self, request): try: user = backend.do_auth(access_token=request.token) + user_data = backend.user_data(access_token=request.token) + exp = user_data['exp'] + if exp is not None and exp <= int(time.time()): + raise errors.InvalidTokenError('Token has expired', request=request) + except requests.HTTPError as e: raise errors.InvalidRequestError( description="Backend responded with HTTP{0}: {1}.".format(e.response.status_code, From 3d2dd41d3f3442b375e6e675fdc969d00c8b44cf Mon Sep 17 00:00:00 2001 From: Paul Wilkinson Date: Tue, 14 Apr 2020 11:33:11 +1000 Subject: [PATCH 2/2] Update rest_framework_social_oauth2/oauth2_grants.py Co-Authored-By: Wagner de Lima --- rest_framework_social_oauth2/oauth2_grants.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework_social_oauth2/oauth2_grants.py b/rest_framework_social_oauth2/oauth2_grants.py index 740296e..1550c60 100644 --- a/rest_framework_social_oauth2/oauth2_grants.py +++ b/rest_framework_social_oauth2/oauth2_grants.py @@ -93,7 +93,7 @@ def validate_token_request(self, request): user = backend.do_auth(access_token=request.token) user_data = backend.user_data(access_token=request.token) exp = user_data['exp'] - if exp is not None and exp <= int(time.time()): + if not exp and exp <= datetime.now(): raise errors.InvalidTokenError('Token has expired', request=request) except requests.HTTPError as e: