simplify oauth2 refresh token rest api

zoe_api/auth/oauth2/postgresql.py

@@ -50,6 +50,12 @@ class AccessTokenStore(AccessTokenStore):
         res = sql.delete_refresh_token(refresh_token)
         return res
 
+    def get_client_id_by_refresh_token(self, refresh_token):
+        sql = zoe_lib.state.SQLManager(get_conf())
+        data = sql.get_client_id_by_refresh_token(refresh_token)
+
+        return data
+
     def get_client_id_by_access_token(self, access_token):
         sql = zoe_lib.state.SQLManager(get_conf())
         data = sql.get_client_id_by_access_token(access_token)

zoe_api/rest_api/oauth.py

@@ -42,7 +42,7 @@ Input: curl -u 'admin:admin' http://localhost:5001/api/0.6/oauth/token -X POST -
 Output: {"token_type": "Bearer", "access_token": "3ddbe9ba-6a21-4e4d-993b-70556390c5d3", "refresh_token": "9bab190f-e211-42aa-917e-20ce987e355e", "expires_in": 36000}
 
 *To refresh a token
-Input: curl -u 'admin:admin' http://localhost:5001/api/0.6/oauth/token -X POST -H 'Content-Type: application/json' -d '{"grant_type": "refresh_token", "refresh_token": "9bab190f-e211-42aa-917e-20ce987e355e"}'
+Input: curl  -H 'Authorization: Bearer 9bab190f-e211-42aa-917e-20ce987e355e' http://localhost:5001/api/0.6/oauth/token -X POST -H 'Content-Type: application/json' -d '{"grant_type": "refresh_token", "refresh_token": "9bab190f-e211-42aa-917e-20ce987e355e"}'
 Output: {"token_type": "Bearer", "access_token": "378f8d5f-2eb5-4181-b632-ad23c4534d32", "expires_in": 36000}
 
 *To revoke a token, the passed token could be the access token or refresh token
@@ -80,6 +80,12 @@ class OAuthGetAPI(RequestHandler):
         request = self.request
         params = json.loads(request.body.decode())
 
+        if params['grant_type'] == 'refresh_token':
+            auth_header = self.request.headers.get('Authorization')
+            refresh_token = auth_header[7:]
+            params['refresh_token'] = refresh_token
+
+
         params['password'] = ''
         params['username'] = ''
         params['client_secret'] = ''

zoe_api/rest_api/utils.py

@@ -86,7 +86,11 @@ def get_auth(handler: tornado.web.RequestHandler):
     if "Bearer" in auth_header:
         token = auth_header[7:]
 
-        data = token_store.get_client_id_by_access_token(token)
+        if 'token' in handler.request.uri:
+            data = token_store.get_client_id_by_refresh_token(token)
+        else:
+            data = token_store.get_client_id_by_access_token(token)
+
         if data:
             uid = data["client_id"]
             role = client_store.get_role_by_client_id(uid)

zoe_lib/state/sql_manager.py

@@ -216,6 +216,13 @@ class SQLManager:
 
         return cur.fetchone()
 
+    def get_client_id_by_refresh_token(self, refresh_token):
+        cur = self._cursor()
+        query = 'SELECT * FROM oauth_token WHERE refresh_token = %s'
+        cur.execute(query, (refresh_token,))
+
+        return cur.fetchone()
+
     def save_token(self, client_id, grant_type, token, data, expires_at, refresh_token, refresh_expires_at, scopes, user_id):
         cur = self._cursor()
         expires_at = datetime.datetime.fromtimestamp(expires_at)