Separate authentication from token generation

Authenticate with the usual authentication code flow.

Do not inherit AuthenticationCodeGrant in JWTBearerGrant, instead, use
the JWTBearerGrant to generate the token after the user has already
been successfully authenticated.

1 files changed, 11 insertions, 0 deletions

diff --git a/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py b/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
index 02a876b..ae604df 100644
--- a/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
+++ b/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
@@ -26,6 +26,17 @@ class AuthorisationCodeGrant(grants.AuthorizationCodeGrant):
     GRANT_TYPE = "authorization_code"
     RESPONSE_TYPES = {'code'}
 
+    def create_authorization_response(self, redirect: str, grant_user):
+        """Add some data to the URI"""
+        response = super().create_authorization_response(redirect, grant_user)
+        headers = dict(response[-1])
+        headers = {
+            **headers,
+            "Location": f"{headers['Location']}&user_id={grant_user.user_id}"
+        }
+        return (response[0], response[1], [
+            (header, value) for header, value in headers.items()])
+
     def save_authorization_code(self, code, request):
         """Persist the authorisation code to database."""
         client = request.client