def save_session(self, session: Session, user: User) -> None: with connect(self.__db_path) as db: c = db.cursor() OAuthSqlite.__insert_update_user(db, user.get_sub(), user.get_email()) c.execute("INSERT INTO session VALUES (?, ?)", (session.get_id(), str(session)))
def redirect_uri_handler(): token_is_valid = False if 'state' not in session or session['state'] != request.args['state']: raise BadRequest('Missing or invalid state') if 'code' not in request.args: raise BadRequest('No code in response') try: token_data = _client.get_token(request.args['code']) if "error" in token_data: err_response = jsonify({ "success": False, "message": token_data["error"], "detail": "" if "error_description" not in token_data else token_data["error_description"], "status_code": 500 }) err_response.status_code = 500 return err_response except Exception as e: raise BadRequest('Could not fetch token(s): ' + str(e)) session.pop('state', None) # Store in basic server session, since flask session use cookie for storage user_session = Session() if 'access_token' in token_data: user_session.set_access_token(token_data['access_token']) if _jwt_validator and 'id_token' in token_data: # validate JWS; signature, aud and iss. # Token type, access token, ref-token and JWT if 0 == len(_config.get_issuer()): raise BadRequest('Could not validate token: no issuer configured') try: _jwt_validator.validate(token_data['id_token'], _config.get_issuer(), _config.get_client_id()) token_is_valid = True except JwtValidatorException as bs: raise BadRequest('Could not validate token: ' + str(bs)) except Exception as ve: raise BadRequest('Unexpected exception: ' + str(ve)) user_session.set_id_token(token_data['id_token']) if not token_is_valid: raise BadRequest('Forbidden', status_code=403) if 'refresh_token' in token_data: user_session.set_refresh_token(token_data['refresh_token']) user_info = _client.get_user_info(user_session.get_access_token()) if "email" not in user_info: user = User(email=None, sub=user_info["sub"]) else: user = User(email=user_info["email"], sub=user_info["sub"]) user_session.set_user_sub(user.get_sub()) _db.save_session(user_session, user) session['session_id'] = user_session.get_id() return redirect('/')