From 884e980526daffc6bd9b81acffc063b0e64e03a2 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Mon, 27 Nov 2023 12:04:29 +0530 Subject: [PATCH] fix: Simpler oauth token validity checks The code is currently 1. Getting token expiry time (in system tz) 2. Adding system tz to make it tz aware 3. Converting it to UTC 4. Getting current UTC time and comparing. We can just get current system tz time and compare directly. --- frappe/oauth.py | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/frappe/oauth.py b/frappe/oauth.py index ebd6b91ae7..bf7abeb424 100644 --- a/frappe/oauth.py +++ b/frappe/oauth.py @@ -11,7 +11,7 @@ from oauthlib.openid import RequestValidator import frappe from frappe.auth import LoginManager -from frappe.utils.data import get_system_timezone +from frappe.utils.data import get_system_timezone, now_datetime class OAuthWebRequestValidator(RequestValidator): @@ -240,13 +240,7 @@ class OAuthWebRequestValidator(RequestValidator): def validate_bearer_token(self, token, scopes, request): # Remember to check expiration and scope membership otoken = frappe.get_doc("OAuth Bearer Token", token) - token_expiration_local = otoken.expiration_time.replace( - tzinfo=pytz.timezone(get_system_timezone()) - ) - token_expiration_utc = token_expiration_local.astimezone(pytz.utc) - is_token_valid = ( - datetime.datetime.now(pytz.UTC) < token_expiration_utc - ) and otoken.status != "Revoked" + is_token_valid = (now_datetime() < otoken.expiration_time) and otoken.status != "Revoked" client_scopes = frappe.db.get_value("OAuth Client", otoken.client, "scopes").split( get_url_delimiter() )