How to generate an AccessToken programmatically in Django?

Question

I'm setting up an API. Everything is working. I'm creating a token via OAuth2 python lib. I'm using TastyPie for my API.

The problem I'm facing.. is that there is no "create" token method in the AccessToken or Client models.

I can create an accessToken via the Django admin, and I can create one by doing a curl to:

myhost.com/oauth2/access_token (with all the info, secret key, client id, user & pass)

my goal is to upon successful registration of a user with my API, the oAuth client is automatically created (working) but I also want to generate the AccessToken. I cannot cURL my own server as its giving me a redirect/connection refused error so I want to do it programmatically in Python. Anyway to do this? Here's a snippet:

try:
        user = User.objects.create_user(username, password)
        user.save()

        if user:
            oauth_client = Client(user=user, name="api account", client_type=1, url="http://example.com")
            oauth_client.save()

            oauth_client_id = oauth_client.pk
            oauth_client_secret = oauth_client.client_secret

        if oauth_client:
            print user
            print oauth_client_id
            print AccessToken.objects.all()
            print '........'
            token = AccessToken(user=user, client=oauth_client_id, scope=6)
            token.save()

the last two lines above, while giving NO errors.. will NOT save a new AccessToken.

What exact library do you use? hiidef.github.io/oauth2app or code.google.com/p/django-oauth2 or some other? — twil
github.com/caffeinehit/django-oauth2-provider <-- This one. I installed it via PIP (django-oauth2-provider==0.2.6). Is that the problem, am I using the wrong library? — virtuexru
Not the wrong one. They all the same but a little different;). — twil
Ah OK. I might have to try this one instead: github.com/brosner/python-oauth2 I just spent all day on this library so it will suck to start over :(. Any other ideas @twil ? Hi to Russia btw! I'm originally from Rostov :P — virtuexru
What happens if you change client=client=oauth_client_id with client=client=oauth_client in AccessToken(...)? — twil

Ugur Ugur · Accepted Answer · 2014-08-02T13:09:39

I'm using https://github.com/caffeinehit/django-oauth2-provider. I managed to create access token and refresh token by using models. I might be bypassing grant flow. I haven't used this code in production but in development server i can perform API calls using the access token generated this way. I think it should be well tested before going to production.

#settings.py
OAUTH2_PROVIDER = {
# this is the list of available scopes
'SCOPES': {'read': 'Read scope'},
'ACCESS_TOKEN_EXPIRE_SECONDS': 36000,
} 

#views.py
expire_seconds = oauth2_settings.user_settings['ACCESS_TOKEN_EXPIRE_SECONDS']
scopes = oauth2_settings.user_settings['SCOPES']

application = Application.objects.get(name="ApplicationName")
expires = datetime.now() + timedelta(seconds=expire_seconds)
access_token = AccessToken.objects.create(
                user=user,
                application=application,
                token=random_token_generator(request),
                expires=expires,
                scope=scopes)

refresh_token = RefreshToken.objects.create(
                user=user,
                token=random_token_generator(request),
                access_token=access_token,
                application=application)

token = {
                'access_token': access_token.token,
                'token_type': 'Bearer',
                'expires_in': expire_seconds,
                'refresh_token': refresh_token.token,
                'scope': scopes}

return Response(token, status=200)

How to generate an AccessToken programmatically in Django?

6 Answers