From c2c8d8298e3f10492cc26f76fe9d8e3053bcd4ef Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Mon, 5 Aug 2024 17:19:34 -0500 Subject: Override 'client_secret_post' auth with a JSON equivalent In order to use JSON consistently across the board, we make even the authentication method use JSON rather than FORMDATA. --- gn2/wqflask/oauth2/client.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'gn2/wqflask/oauth2') diff --git a/gn2/wqflask/oauth2/client.py b/gn2/wqflask/oauth2/client.py index 6f137f52..89d8a57e 100644 --- a/gn2/wqflask/oauth2/client.py +++ b/gn2/wqflask/oauth2/client.py @@ -9,8 +9,9 @@ from datetime import datetime, timedelta from flask import current_app as app from pymonad.either import Left, Right, Either -from authlib.jose import KeySet, JsonWebKey, JsonWebToken +from authlib.common.urls import url_decode from authlib.jose.errors import BadSignatureError +from authlib.jose import KeySet, JsonWebKey, JsonWebToken from authlib.integrations.requests_client import OAuth2Session from gn2.wqflask.oauth2 import session @@ -137,6 +138,16 @@ def oauth2_client(): return token + def __json_auth__(client, method, uri, headers, body): + return ( + uri, + {**headers, "Content-Type": "application/json"}, + json.dumps({ + **dict(url_decode(body)), + "client_id": oauth2_clientid(), + "client_secret": oauth2_clientsecret() + })) + def __client__(token) -> OAuth2Session: client = OAuth2Session( oauth2_clientid(), @@ -146,6 +157,8 @@ def oauth2_client(): token_endpoint_auth_method="client_secret_post", token=token, update_token=__update_token__) + client.register_client_auth_method( + ("client_secret_post", __json_auth__)) return client __update_auth_server_jwks__() -- cgit v1.2.3