aboutsummaryrefslogtreecommitdiff
path: root/gn2/wqflask/oauth2
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-05-14 09:27:25 +0300
committerFrederick Muriuki Muriithi2024-05-14 09:31:30 +0300
commitd80bf00d16048c0f1dbc5635ce6bf52411d44346 (patch)
treefde16390d583a77ac3e1a8b023e1392b5b0e3666 /gn2/wqflask/oauth2
parentea5de4da71b3cb876410136a097041387ab5d227 (diff)
downloadgenenetwork2-d80bf00d16048c0f1dbc5635ce6bf52411d44346.tar.gz
Enable client to automatically request a refresh token.
Diffstat (limited to 'gn2/wqflask/oauth2')
-rw-r--r--gn2/wqflask/oauth2/client.py20
1 files changed, 16 insertions, 4 deletions
diff --git a/gn2/wqflask/oauth2/client.py b/gn2/wqflask/oauth2/client.py
index c16b705d..f4ad4f00 100644
--- a/gn2/wqflask/oauth2/client.py
+++ b/gn2/wqflask/oauth2/client.py
@@ -6,6 +6,7 @@ from urllib.parse import urljoin
from flask import current_app as app
from pymonad.either import Left, Right, Either
+from authlib.jose import jwt
from authlib.integrations.requests_client import OAuth2Session
from gn2.wqflask.oauth2 import session
@@ -39,11 +40,22 @@ def user_logged_in():
def oauth2_client():
+ def __update_token__(token, refresh_token=None, access_token=None):
+ """Update the token when refreshed."""
+ session.set_user_token(token)
+
def __client__(token) -> OAuth2Session:
- return OAuth2Session(
- oauth2_clientid(), oauth2_clientsecret(),
- scope=SCOPE, token_endpoint_auth_method="client_secret_post",
- token=token)
+ _jwt = jwt.decode(token["access_token"],
+ app.config["AUTH_SERVER_SSL_PUBLIC_KEY"])
+ client = OAuth2Session(
+ oauth2_clientid(),
+ oauth2_clientsecret(),
+ scope=SCOPE,
+ token_endpoint=urljoin(authserver_uri(), "/auth/token"),
+ token_endpoint_auth_method="client_secret_post",
+ token=token,
+ update_token=__update_token__)
+ return client
return session.user_token().either(
lambda _notok: __client__(None),
lambda token: __client__(token))