From 5526f0316c2714d30e47a90f81e0ff686a29042f Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Mon, 8 May 2023 16:31:38 +0300 Subject: auth: Implement "Authorization Code Flow" Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types. --- main.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'main.py') diff --git a/main.py b/main.py index 6890b33..3c4b146 100644 --- a/main.py +++ b/main.py @@ -74,10 +74,11 @@ def init_dev_clients(): "token_endpoint_auth_method": [ "client_secret_post", "client_secret_basic"], "client_type": "confidential", - "grant_types": ["password", "authorisation_code", "refresh_token"], + "grant_types": ["password", "authorization_code", "refresh_token"], "default_redirect_uri": "http://localhost:5033/oauth2/code", - "redirect_uris": ["http://localhost:5033/oauth2/code"], - "response_type": "token", # choices: ["code", "token"] + "redirect_uris": ["http://localhost:5033/oauth2/code", + "http://localhost:5033/oauth2/token"], + "response_type": ["code", "token"], "scope": ["profile", "group", "role", "resource", "register-client", "user", "migrate-data", "introspect"] }), -- cgit v1.2.3