A few changes in settings. Add more variables to it.

README.rst

@@ -54,13 +54,22 @@ Add required variables to your project settings.
 
 .. code:: python
 
-    # REQUIRED. Your server provider url.
+    # REQUIRED.
+
+    # Your server provider url.
     SITE_URL = 'http://localhost:8000'
 
-    # REQUIRED. 
+    # Used to log the user in.
     # See: https://docs.djangoproject.com/en/1.7/ref/settings/#login-url
     LOGIN_URL = '/accounts/login/'
 
+    # OPTIONAL.
+
+    DOP_CODE_EXPIRE = 60*10 # 10 min.
+    DOP_IDTOKEN_EXPIRE = 60*10, # 10 min.
+    DOP_TOKEN_EXPIRE = 60*60 # 1 hour.
+
+
 ********************
 Create User & Client
 ********************

openid_provider/lib/endpoints/authorize.py

@@ -1,13 +1,11 @@
-import uuid
-
 from datetime import timedelta
-
 from django.utils import timezone
-
 from openid_provider.lib.errors import *
 from openid_provider.lib.utils.params import *
 from openid_provider.lib.utils.token import *
 from openid_provider.models import *
+from openid_provider import settings
+import uuid
 
 
 class AuthorizeEndpoint(object):
@@ -20,7 +18,8 @@ class AuthorizeEndpoint(object):
 
         # Because in this endpoint we handle both GET
         # and POST request.
-        self.query_dict = (self.request.POST if self.request.method == 'POST' else self.request.GET)
+        self.query_dict = (self.request.POST if self.request.method == 'POST'
+                           else self.request.GET)
 
         self._extract_params()
 
@@ -91,14 +90,15 @@ class AuthorizeEndpoint(object):
 
         try:
             self.validate_params()
-            
+
             if self.grant_type == 'authorization_code':
 
                 code = Code()
                 code.user = self.request.user
                 code.client = self.client
                 code.code = uuid.uuid4().hex
-                code.expires_at = timezone.now() + timedelta(seconds=60*10)  # TODO: Add this into settings.
+                code.expires_at = timezone.now() + timedelta(
+                    seconds=settings.get('DOP_CODE_EXPIRE'))
                 code.scope = self.params.scope
                 code.save()
 
@@ -108,7 +108,7 @@ class AuthorizeEndpoint(object):
 
                 id_token_dic = create_id_token_dic(
                     self.request.user,
-                    'http://localhost:8000',  # TODO: Add this into settings.
+                    settings.get('SITE_URL'),
                     self.client.client_id)
 
                 token = create_token(
@@ -120,14 +120,15 @@ class AuthorizeEndpoint(object):
                 # Store the token.
                 token.save()
 
-                id_token = encode_id_token(id_token_dic, self.client.client_secret)
-                
+                id_token = encode_id_token(
+                    id_token_dic, self.client.client_secret)
+
                 # TODO: Check if response_type is 'id_token token' then
                 # add access_token to the fragment.
                 uri = self.params.redirect_uri + '#token_type={0}&id_token={1}&expires_in={2}'.format(
                     'bearer',
                     id_token,
-                    60*10
+                    60 * 10
                 )
         except:
             raise AuthorizeError(
@@ -136,6 +137,8 @@ class AuthorizeEndpoint(object):
                 self.grant_type)
 
         # Add state if present.
-        uri = uri + ('&state={0}'.format(self.params.state) if self.params.state else '')
+        uri = uri + \
+            ('&state={0}'.format(self.params.state)
+             if self.params.state else '')
 
-        return uri
+        return uri

openid_provider/lib/endpoints/token.py

@@ -1,12 +1,10 @@
-import urllib
-
 from django.http import JsonResponse
-
 from openid_provider.lib.errors import *
 from openid_provider.lib.utils.params import *
 from openid_provider.lib.utils.token import *
 from openid_provider.models import *
 from openid_provider import settings
+import urllib
 
 
 class TokenEndpoint(object):
@@ -23,7 +21,8 @@ class TokenEndpoint(object):
 
         self.params.client_id = query_dict.get('client_id', '')
         self.params.client_secret = query_dict.get('client_secret', '')
-        self.params.redirect_uri = urllib.unquote(query_dict.get('redirect_uri', ''))
+        self.params.redirect_uri = urllib.unquote(
+            query_dict.get('redirect_uri', ''))
         self.params.grant_type = query_dict.get('grant_type', '')
         self.params.code = query_dict.get('code', '')
         self.params.state = query_dict.get('state', '')
@@ -44,7 +43,8 @@ class TokenEndpoint(object):
 
             self.code = Code.objects.get(code=self.params.code)
 
-            if not (self.code.client == self.client) and not self.code.has_expired():
+            if not (self.code.client == self.client) and \
+               not self.code.has_expired():
                 raise TokenError('invalid_grant')
 
         except Client.DoesNotExist:
@@ -77,7 +77,7 @@ class TokenEndpoint(object):
         dic = {
             'access_token': token.access_token,
             'token_type': 'bearer',
-            'expires_in': 60*60,  # TODO: Add this into settings.
+            'expires_in': settings.get('DOP_TOKEN_EXPIRE'),
             'id_token': id_token,
         }
 

openid_provider/lib/utils/token.py

@@ -1,11 +1,10 @@
-import time
-import jwt
-import uuid
-
 from datetime import timedelta
-
 from django.utils import timezone
 from openid_provider.models import *
+from openid_provider import settings
+import jwt
+import time
+import uuid
 
 
 def create_id_token_dic(user, iss, aud):
@@ -16,7 +15,7 @@ def create_id_token_dic(user, iss, aud):
 
     Return a dic.
     """
-    expires_in = 60*10
+    expires_in = settings.get('DOP_IDTOKEN_EXPIRE')
 
     now = timezone.now()
 
@@ -62,7 +61,8 @@ def create_token(user, client, id_token_dic, scope):
     token.id_token = id_token_dic
 
     token.refresh_token = uuid.uuid4().hex
-    token.expires_at = timezone.now() + timedelta(seconds=60*60)  # TODO: Add this into settings.
+    token.expires_at = timezone.now() + timedelta(
+        seconds=settings.get('DOP_TOKEN_EXPIRE'))
     token.scope = scope
 
-    return token
+    return token

openid_provider/settings.py

@@ -1,20 +1,21 @@
 from django.conf import settings
 
 
-class default_settings(object):
-
-	# Here goes all the package default settings.
-
-	LOGIN_URL = None
-
-	SITE_URL = None
+# Here goes all the package default settings.
+default_settings = {
+	'DOP_CODE_EXPIRE': 60*10, # 10 min.
+	'DOP_IDTOKEN_EXPIRE': 60*10, # 10 min.
+	'DOP_TOKEN_EXPIRE': 60*60, # 1 hour.
+	'LOGIN_URL': None,
+	'SITE_URL': None,
+}
 
 def get(name):
 	'''
 	Helper function to use inside the package.
 	'''
 	try:
-		value = getattr(default_settings, name)
+		value = default_settings[name]
 		value = getattr(settings, name)
 	except AttributeError:
 		if value == None:

openid_provider/views.py

@@ -5,7 +5,6 @@ from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
 from django.shortcuts import render
 from django.views.decorators.http import require_http_methods
 from django.views.generic import View
-
 from openid_provider.lib.errors import *
 from openid_provider.lib.endpoints.authorize import *
 from openid_provider.lib.endpoints.token import *