From a1b4e9a245158a9735f5f49b5f12d6df3f8d53c5 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 18 Apr 2024 20:35:26 +0300
Subject: Use the JWT Bearer grant type

---
 gn2/wqflask/oauth2/toplevel.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/gn2/wqflask/oauth2/toplevel.py b/gn2/wqflask/oauth2/toplevel.py
index dffc0a7c..a120fe9b 100644
--- a/gn2/wqflask/oauth2/toplevel.py
+++ b/gn2/wqflask/oauth2/toplevel.py
@@ -18,6 +18,7 @@ def register_client():
     """Register an OAuth2 client."""
     return "USER IS LOGGED IN AND SUCCESSFULLY ACCESSED THIS ENDPOINT!"
 
+
 @toplevel.route("/code", methods=["GET"])
 def authorisation_code():
     """Use authorisation code to get token."""
@@ -42,12 +43,13 @@ def authorisation_code():
     if bool(code):
         base_url = urlparse(request.base_url, scheme=request.scheme)
         request_data = {
-            "grant_type": "authorization_code",
+            "grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer",
             "code": code,
             "scope": SCOPE,
             "redirect_uri": urljoin(
                 urlunparse(base_url),
                 url_for("oauth2.toplevel.authorisation_code")),
+            "assertion": request.args["jwt"],
             "client_id": app.config["OAUTH2_CLIENT_ID"]
         }
         return no_token_post(
-- 
cgit v1.2.3