def signin():
# Issues authorization code
username = request.form.get('username')
password = request.form.get('password')
client_id = request.form.get('client_id')
redirect_url = request.form.get('redirect_url')
if None in [username, password, client_id, redirect_url]:
return json.dumps({"error": "invalid_request"}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({"error": "invalid_client"})
if not authenticate_user_credentials(username, password):
return json.dumps({'error': 'access_denied'}), 401
access_token = generate_access_token()
print(process_redirect_url(redirect_url, {"1": "2"}))
return redirect(process_redirect_url(
redirect_url, {
'access_token': access_token,
'token_type': 'JWT',
'expires_in': JWT_LIFE_SPAN
}),
code=303)
def signin():
# Issues authorization code
username = request.form.get("username")
password = request.form.get("password")
client_id = request.form.get("client_id")
redirect_url = request.form.get("redirect_url")
if None in [username, password, client_id, redirect_url]:
return json.dumps({"error": "invalid_request"}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({"error": "invalid_client"})
if not authenticate_user_credentials(username, password):
return json.dumps({"error": "access_denied"}), 401
access_token = generate_access_token()
print(process_redirect_url(redirect_url, {"1": "2"}))
return redirect(
process_redirect_url(
redirect_url,
{
"access_token": access_token,
"token_type": "JWT",
"expires_in": JWT_LIFE_SPAN,
},
),
code=303,
)
def signin():
# Issues authorization code
username = request.form.get('username')
password = request.form.get('password')
client_id = request.form.get('client_id')
redirect_url = request.form.get('redirect_url')
code_challenge = request.form.get('code_challenge')
state = request.form.get('state')
if None in [
username, password, client_id, redirect_url, code_challenge, state
]:
return json.dumps({"error": "invalid_request"}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({"error": "invalid_client"})
# Do the database check over here
if not authenticate_user_credentials(username, password):
return json.dumps({'error': 'access_denied'}), 401
authorization_code = generate_authorization_code(client_id, redirect_url,
code_challenge, state)
url = process_redirect_url(redirect_url, authorization_code, state)
return redirect(url, code=303)
def auth():
# Describe the access request of the client and ask user for approval
client_id = request.args.get("client_id")
redirect_url = request.args.get("redirect_url")
if None in [client_id, redirect_url]:
return json.dumps({"error": "invalid_request"}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({"error": "invalid_client"})
return render_template(
"Implicit_grant_access.html", client_id=client_id, redirect_url=redirect_url
)
def auth():
# Describe the access request of the client and ask user for approval
client_id = request.args.get('client_id')
redirect_url = request.args.get('redirect_url')
code_challenge = request.args.get('code_challenge')
if None in [client_id, redirect_url, code_challenge]:
return json.dumps({"error": "invalid_request"}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({"error": "invalid_client"})
return render_template('AC_PKCE_grant_access.html',
client_id=client_id,
redirect_url=redirect_url,
code_challenge=code_challenge)
def auth():
client_id = request.args.get('client_id')
redirect_url = request.args.get('redirect_url')
code_challenge = request.args.get('code_challenge')
if None in [ client_id, redirect_url, code_challenge ]:
return json.dumps({
"error": "invalid_request"
}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({
"error": "invalid_client"
})
return render_template('PKCE_grant_access.html',
client_id = client_id,
redirect_url = redirect_url,
code_challenge = code_challenge)
def signin():
# Issues authorization code
username = request.form.get("username")
password = request.form.get("password")
client_id = request.form.get("client_id")
redirect_url = request.form.get("redirect_url")
if None in [username, password, client_id, redirect_url]:
return json.dumps({"error": "invalid_request"}), 400
if not verify_client_info(client_id, redirect_url):
return json.dumps({"error": "invalid_client"})
if not authenticate_user_credentials(username, password):
return json.dumps({"error": "access_denied"}), 401
authorization_code = generate_authorization_code(client_id, redirect_url)
url = process_redirect_url(redirect_url, authorization_code)
return redirect(url, code=303)