aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth/authentication/oauth2/server.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-05-08 16:31:38 +0300
committerFrederick Muriuki Muriithi2023-05-09 13:15:47 +0300
commit5526f0316c2714d30e47a90f81e0ff686a29042f (patch)
tree64b6422984a6e3ce8bee3850b47a16c822677073 /gn3/auth/authentication/oauth2/server.py
parentf2c09dc2dc2528c75fcf5b80aa4b530a0b5eef08 (diff)
downloadgenenetwork3-auth/implement-authorization-code-flow.tar.gz
auth: Implement "Authorization Code Flow"auth/implement-authorization-code-flow
Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types.
Diffstat (limited to 'gn3/auth/authentication/oauth2/server.py')
-rw-r--r--gn3/auth/authentication/oauth2/server.py11
1 files changed, 7 insertions, 4 deletions
diff --git a/gn3/auth/authentication/oauth2/server.py b/gn3/auth/authentication/oauth2/server.py
index 73c9340..e9946b4 100644
--- a/gn3/auth/authentication/oauth2/server.py
+++ b/gn3/auth/authentication/oauth2/server.py
@@ -5,8 +5,7 @@ from typing import Callable
from flask import Flask, current_app
from authlib.integrations.flask_oauth2 import AuthorizationServer
-# from authlib.integrations.sqla_oauth2 import (
-# create_save_token_func, create_query_client_func)
+# from authlib.oauth2.rfc7636 import CodeChallenge
from gn3.auth import db
@@ -14,7 +13,7 @@ from .models.oauth2client import client
from .models.oauth2token import OAuth2Token, save_token
from .grants.password_grant import PasswordGrant
-# from .grants.authorisation_code_grant import AuthorisationCodeGrant
+from .grants.authorisation_code_grant import AuthorisationCodeGrant
from .endpoints.revocation import RevocationEndpoint
from .endpoints.introspection import IntrospectionEndpoint
@@ -49,7 +48,11 @@ def setup_oauth2_server(app: Flask) -> None:
"""Set's up the oauth2 server for the flask application."""
server = AuthorizationServer()
server.register_grant(PasswordGrant)
- # server.register_grant(AuthorisationCodeGrant)
+
+ # Figure out a common `code_verifier` for GN2 and GN3 and set
+ # server.register_grant(AuthorisationCodeGrant, [CodeChallenge(required=False)])
+ # below
+ server.register_grant(AuthorisationCodeGrant)
# register endpoints
server.register_endpoint(RevocationEndpoint)