djblets.webapi.resources.mixins.oauth2_tokens¶
Web API resource support for OAuth2 token access.
- class ResourceOAuth2TokenMixin[source]¶
Bases:
objectAugments a WebAPIResource to support OAuth2 tokens.
Any WebAPIResource subclass making use of this mixin can accept requests backed by an OAuth2 token and will restrict the request to that token’s allowed scopes.
It is recommended that all resources in a project inherit from a base resource that inherits both from this mixin and from WebAPIResource.
- oauth2_token_access_allowed = True[source]¶
Whether or not this resource is accessible when using an OAuth2 token.
- HTTP_SCOPE_METHOD_MAP = {'DELETE': 'destroy', 'GET': 'read', 'HEAD': 'read', 'OPTIONS': 'read', 'POST': 'write', 'PUT': 'write'}[source]¶
A mapping of HTTP methods to the type of scope required.
These will be used with
scope_nameto generate the full required scope, e.g.scope_name:read.
- property scope_name[source]¶
The ID used for required scopes.
This defaults to the name of the resource, but can be overridden in case the name is not specific enough or there’s a conflict.
If the resource allows WebAPI tokens in addition to OAuth2 tokens, this will default to the resource’s policy ID (which defaults to its name).
- call_method_view(request, method, view, *args, **kwargs)[source]¶
Check token scopes and call the API method handler.
- Parameters:
request (
django.http.HttpRequest) – The current HTTP request.method (
unicode) – The HTTP method of the request.view (
callable) – The view function to call.*args (
tuple) – Additional positional arguments.**kwargs (
dict) – Additional keyword arguments.
- Returns:
One of the following:
An error (
djblets.webapi.errors.WebAPIError).A web API response (
djblets.webapi.responces.WebAPIResponse).A tuple containing an HTTP status code and a body to serialize (
tuple).
- Return type: