Commits

Joel Rivera  committed bedffd0

Add support to refresh the token in case that has expired, currently is not really necessary but the required logic is already in place.

  • Participants
  • Parent commits 3aafc81
  • Branches gauth

Comments (0)

Files changed (1)

File lib/galaxy/web/framework/ext/globus/middleware.py

+import time
 import pwd
 import logging
 import subprocess
 from Cookie import BaseCookie
 from cgi import parse_qs
+from datetime import datetime
 
 import nexus
+from nexus import token_utils
 from nexus.go_rest_client import GlobusOnlineRestClient
 
 
         self.app = app
         if nexserver is None:
             nexserver = self.default_nexus_server
-        self.nexus_client = nc = nexus.Client({'server': nexserver,
-                                               'client': nexclient,
-                                               'client_secret': nexsecret})
+        self.config = {'server': nexserver,
+                       'client': nexclient,
+                       'client_secret': nexsecret}
+        self.nexus_client = nc = nexus.Client(self.config)
         self.active_users = actu = {}
         self.handlers = {
             self.LOGOUT: Logout(app, nc, active_users=actu),
             self.NOT_AUTHORIZED: NotAuthorized(app, nc),
             self.NOT_ALLOWED: NotAllowed(app, nc)
         }
+        # currently is not required to verify for the expiration time
+        # it gives by default an expiration date of 1 year and
+        # apparently is not publicaly implemented at nexux.api...
+        self.check_expired_tokens = False 
         
     def __call__(self, environ, start_response):
         session = self._session(environ)
         if session is not None and \
                session in self.active_users:
             user, tokens = self.active_users[session]
-            log.debug('Logged in user %s with tokens %s' % (user, tokens))
+            if self.check_expired_tokens: 
+                 utc_seconds = time.mktime(datetime.utcnow().timetuple())
+                 if utc_seconds + 60 >= tokens['exp']: # 60s for padding.
+                     tokens = self._refresh_tokens(tokens['refresh'])
+                     self.active_users[session] = user, tokens
             return user, tokens['access']
         return None
 
+    def _refresh_tokens(self, refresh_token):
+        """Returns a dictionary with keys 'access', 'exp', 'refresh' 
+        of the refreshed tokens.
+
+        NOTICE: <May 2013>
+           **This method is not required given that the current expiration
+           time that globusonline returns is 1 year and the current 
+           public nexus implementation gives Internal Server Error
+           when we try lo refresh the token.
+           **
+        """
+        authurl = 'https://%s/goauth/authorize' % self.config['server']
+        response = token_utils.get_token_refresh(self.config['client'],
+                                                 self.config['client_secret'],
+                                                 refresh_token,
+                                                 authurl)
+        expires = time.mktime(datetime.utcnow().timetuple()) + \
+                        response.expires_in
+        return {'access': response.access_token,
+                'refresh': response.refresh_token,
+                'exp': expires}
+
+
     def _req_cookie(self, environ):
         cookie = BaseCookie()
         cookie.load(environ.get('HTTP_COOKIE', ''))