kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Validate expiration of access_token in UserInfo.

Browse source
This commit is contained in:
juanifioren 2015-04-21 17:14:26 -03:00
parent 0f03bdfb67
commit 180e0183c5
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
oidc_provider/lib/endpoints/userinfo.py
View file

@ -45,6 +45,9 @@ class UserInfoEndpoint(object):
try: try:
self.token = Token.objects.get(access_token=self.params.access_token) self.token = Token.objects.get(access_token=self.params.access_token)
if self.token.has_expired():
raise UserInfoError('invalid_token')
except Token.DoesNotExist: except Token.DoesNotExist:
raise UserInfoError('invalid_token') raise UserInfoError('invalid_token')