def _parse_authz(self, query="", **kwargs):
_log_info = logger.info
# Might be an error response
_log_info("Expect Authorization Response")
aresp = self.parse_response(
AuthorizationResponse, info=query, sformat="urlencoded", keyjar=self.keyjar
)
if isinstance(aresp, ErrorResponse):
_log_info("ErrorResponse: %s" % sanitize(aresp))
raise AuthzError(aresp.get("error"), aresp)
_log_info("Aresp: %s" % sanitize(aresp))
_state = aresp["state"]
try:
self.update(_state)
except KeyError:
raise UnknownState(_state, aresp)
self.redirect_uris = [self.sdb[_state]["redirect_uris"]]
return aresp, _state
def parse_authz(self, query="", **kwargs):
"""
This is where we get redirect back to after authorization at the
authorization server has happened.
:return: A AccessTokenResponse instance
"""
_log_info = logger.info
logger.debug("- authorization -")
if not query:
return http_util.BadRequest("Missing query")
_log_info("response: %s" % query)
if "code" in self.config["response_type"]:
# Might be an error response
_log_info("Expect Authorization Response")
aresp = self.parse_response(AuthorizationResponse,
info=query,
sformat="urlencoded",
keyjar=self.keyjar)
if aresp.type() == "ErrorResponse":
_log_info("ErrorResponse: %s" % aresp)
raise AuthzError(aresp.error, aresp)
_log_info("Aresp: %s" % aresp)
_state = aresp["state"]
try:
self.update(_state)
except KeyError:
raise UnknownState(_state, aresp)
self.redirect_uris = [self.sdb[_state]["redirect_uris"]]
# May have token and id_token information too
if "access_token" in aresp:
atr = clean_response(aresp)
self.access_token = atr
# update the grant object
self.get_grant(state=_state).add_token(atr)
else:
atr = None
self._backup(_state)
try:
idt = aresp["id_token"]
except KeyError:
idt = None
return aresp, atr, idt
else: # implicit flow
_log_info("Expect Access Token Response")
atr = self.parse_response(AccessTokenResponse,
info=query,
sformat="urlencoded",
keyjar=self.keyjar)
if atr.type() == "ErrorResponse":
raise TokenError(atr["error"], atr)
idt = None
return None, atr, idt