documentation给出了一个示例,说明如何从登录过程转换用户已拥有的Azure access_token,但我没有看到有关如何刷新该令牌的任何信息。我设法使用adal,即用于python的Azure AD库,但我想知道是否有更好的方法使用DRF social oauth 2或其他django oauth包中包含的工具我只是没找到。请指教。以下是刷新我的Azure AD令牌的功能。
def refresh_social_access_token(self, request):
"""
This function leverages adal
https://github.com/AzureAD/azure-activedirectory-library-for-python
to refresh an expired access token.
.acquire_token_with_refresh_token(self, refresh_token, azure_ad_app_key,
resource, azure_ad_app_secret)
"""
user_social_auth = request.user.social_auth.filter(user=request.user) \
.values('provider', 'extra_data')[0]
context = AuthenticationContext(f'https://login.microsoftonline.com/{self.TENANT_ID}')
token = context.acquire_token_with_refresh_token(
user_social_auth['extra_data']['refresh_token'],
SOCIAL_AUTH_AZUREAD_OAUTH2_KEY,
user_social_auth['extra_data']['resource'],
client_secret=SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET
)
try:
expiry = convert_iso_to_epoch(token["expiresOn"])
user_social_auth = request.user.social_auth.get(user=request.user)
user_social_auth.extra_data['expires_on'] = expiry
user_social_auth.save()
except KeyError:
HttpError('Oauth2 token could not be refreshed as configured.')