diff options
| author | Frederick Muriuki Muriithi | 2023-05-08 16:31:38 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-05-09 13:15:47 +0300 |
| commit | 5526f0316c2714d30e47a90f81e0ff686a29042f (patch) | |
| tree | 64b6422984a6e3ce8bee3850b47a16c822677073 /gn3/auth/authentication/oauth2/server.py | |
| parent | f2c09dc2dc2528c75fcf5b80aa4b530a0b5eef08 (diff) | |
| download | genenetwork3-5526f0316c2714d30e47a90f81e0ff686a29042f.tar.gz | |
auth: Implement "Authorization Code Flow"auth/implement-authorization-code-flow
Implement the "Authorization Code Flow" for the authentication of users.
* gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and
save the authorisation code.
* gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the
`AuthorisationCode` model
* gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo
* gn3/auth/authentication/oauth2/server.py: Register the
`AuthorisationCodeGrant` grant with the server.
* gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint
* gn3/templates/base.html: New HTML Templates of authorisation UI
* gn3/templates/common-macros.html: New HTML Templates of authorisation UI
* gn3/templates/oauth2/authorise-user.html: New HTML Templates of
authorisation UI
* main.py: Allow both "code" and "token" response types.
Diffstat (limited to 'gn3/auth/authentication/oauth2/server.py')
| -rw-r--r-- | gn3/auth/authentication/oauth2/server.py | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/gn3/auth/authentication/oauth2/server.py b/gn3/auth/authentication/oauth2/server.py index 73c9340..e9946b4 100644 --- a/gn3/auth/authentication/oauth2/server.py +++ b/gn3/auth/authentication/oauth2/server.py @@ -5,8 +5,7 @@ from typing import Callable from flask import Flask, current_app from authlib.integrations.flask_oauth2 import AuthorizationServer -# from authlib.integrations.sqla_oauth2 import ( -# create_save_token_func, create_query_client_func) +# from authlib.oauth2.rfc7636 import CodeChallenge from gn3.auth import db @@ -14,7 +13,7 @@ from .models.oauth2client import client from .models.oauth2token import OAuth2Token, save_token from .grants.password_grant import PasswordGrant -# from .grants.authorisation_code_grant import AuthorisationCodeGrant +from .grants.authorisation_code_grant import AuthorisationCodeGrant from .endpoints.revocation import RevocationEndpoint from .endpoints.introspection import IntrospectionEndpoint @@ -49,7 +48,11 @@ def setup_oauth2_server(app: Flask) -> None: """Set's up the oauth2 server for the flask application.""" server = AuthorizationServer() server.register_grant(PasswordGrant) - # server.register_grant(AuthorisationCodeGrant) + + # Figure out a common `code_verifier` for GN2 and GN3 and set + # server.register_grant(AuthorisationCodeGrant, [CodeChallenge(required=False)]) + # below + server.register_grant(AuthorisationCodeGrant) # register endpoints server.register_endpoint(RevocationEndpoint) |