From 115d98a1022dc57fee5895ac335c4aca9f7acdf5 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Sat, 20 Apr 2024 21:11:26 +0300
Subject: Separate authentication from token generation

Authenticate with the usual authentication code flow.

Do not inherit AuthenticationCodeGrant in JWTBearerGrant, instead, use
the JWTBearerGrant to generate the token after the user has already
been successfully authenticated.
---
 .../authentication/oauth2/grants/authorisation_code_grant.py  | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py')

diff --git a/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py b/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
index 02a876b..ae604df 100644
--- a/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
+++ b/gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
@@ -26,6 +26,17 @@ class AuthorisationCodeGrant(grants.AuthorizationCodeGrant):
     GRANT_TYPE = "authorization_code"
     RESPONSE_TYPES = {'code'}
 
+    def create_authorization_response(self, redirect: str, grant_user):
+        """Add some data to the URI"""
+        response = super().create_authorization_response(redirect, grant_user)
+        headers = dict(response[-1])
+        headers = {
+            **headers,
+            "Location": f"{headers['Location']}&user_id={grant_user.user_id}"
+        }
+        return (response[0], response[1], [
+            (header, value) for header, value in headers.items()])
+
     def save_authorization_code(self, code, request):
         """Persist the authorisation code to database."""
         client = request.client
-- 
cgit v1.2.3