Ejemplo n.º 1
0
def exchange_for_token():
    # Issues access token
    authorization_code = request.form.get('authorization_code')
    client_id = request.form.get('client_id')
    client_secret = request.form.get('client_secret')
    redirect_url = request.form.get('redirect_url')
    scopes = request.form.get('scopes')

    if None in [authorization_code, client_id, client_secret, redirect_url]:
        return json.dumps({
            "error": "invalid_request"
        }), 400

    if not authenticate_client(client_id, client_secret):
        return json.dumps({
            "error": "invalid_client"
        }), 400

    if not verify_authorization_code(authorization_code, client_id, redirect_url):
        return json.dumps({
            "error": "access_denied"
        }), 400

    access_token = generate_access_token()
    id_token = generate_id_token(client_id, client_secret)
    logger.debug('id_token: {}'.format(id_token))
    return json.dumps({
        "access_token": access_token.decode(),
        "id_token": id_token.decode(),
        "token_type": "JWT",
        "expires_in": JWT_LIFE_SPAN
    })
Ejemplo n.º 2
0
def exchange_for_token():
    # Issues access token
    authorization_code = request.form.get("authorization_code")
    client_id = request.form.get("client_id")
    client_secret = request.form.get("client_secret")
    redirect_url = request.form.get("redirect_url")

    if None in [authorization_code, client_id, client_secret, redirect_url]:
        return json.dumps({"error": "invalid_request"}), 400

    if not authenticate_client(client_id, client_secret):
        return json.dumps({"error": "invalid_client"}), 400

    if not verify_authorization_code(authorization_code, client_id, redirect_url):
        return json.dumps({"error": "access_denied"}), 400

    access_token = generate_access_token()

    return json.dumps(
        {
            "access_token": access_token.decode(),
            "token_type": "JWT",
            "expires_in": JWT_LIFE_SPAN,
        }
    )
def exchange_for_token():
    # Issues access token
    authorization_code = request.form.get('authorization_code')
    client_id = request.form.get('client_id')
    code_verifier = request.form.get('code_verifier')
    redirect_url = request.form.get('redirect_url')

    if None in [authorization_code, client_id, code_verifier, redirect_url]:
        return json.dumps({"error": "invalid_request"}), 400

    if not verify_authorization_code(authorization_code, client_id,
                                     redirect_url, code_verifier):
        return json.dumps({"error": "access_denied"}), 400

    access_token = generate_access_token()
    return json.dumps({
        "access_token": access_token,
        "token_type": "JWT",
        "expires_in": JWT_LIFE_SPAN
    })
Ejemplo n.º 4
0
def exchange_for_token():
    # Issues access token
    authorization_code = request.form.get('authorization_code')
    client_id = request.form.get('client_id')
    client_secret = request.form.get('client_secret')
    redirect_url = request.form.get('redirect_url')

    if None in [authorization_code, client_id, client_secret, redirect_url]:
        return json.dumps({"error": "invalid_request"}), 400

    if not authenticate_client(client_id, client_secret):
        return json.dumps({"error": "invalid_client"}), 400

    data = verify_authorization_code(authorization_code, client_id)
    if data == "False":
        return json.dumps({"error": "access_denied"}), 400
    access_token = generate_access_token(data)

    return json.dumps({
        "access_token": access_token.decode(),
        "token_type": "JWT",
        "expires_in": JWT_LIFE_SPAN
    })