Python AuthorizeRequest.from_dictionary Examples

Example #1

    def process_authentication_request(client_store):
        """
        Processes POST /authorize endpoint, verifies posted credentials and other form variables,
        issues authorization code if all is correct and user has already given consent, displays
        consent page otherwise.
        """
        authorize_request = AuthorizeRequest.from_dictionary(
            request.form).process(client_store)
        session = create_session_token(authorize_request)
        logger.info("Added auth request for: " + authorize_request.code)
        if authorize_request.consent_given(authorize_request.scope):
            if authorize_request.form_post_response:
                resp = make_response(
                    render_template(
                        'form_post.html',
                        redirect_uri=authorize_request.redirect_uri,
                        state=authorize_request.state,
                        code=authorize_request.code))
            else:
                resp = redirect(authorize_request.redirection_url())
            resp.set_cookie('session', session)
        else:
            return show_consent_page(authorize_request, session)

        return resp

Example #2

def process_consent_request(client_store):
    """
      Processes POST /consent endpoint, verifies posted form variables,
      issues authorization code if all is correct
    """
    try:
        # get id from form vars
        id = request.form['id']
        # look up auth code by id
        auth_code = consent_store.get(id)
        # look up auth request by code
        authorize_request = AuthorizeRequest.from_dictionary(
            authorization_requests.get(auth_code))
        # check if consent granted
        if request.form.get('approve'):
            # store consent in user store
            user_store.update_scopes(authorize_request.id,
                                     request.form.get('scopes'))
            if authorize_request.form_post_response:
                return make_response(
                    render_template(
                        'form_post.html',
                        redirect_uri=authorize_request.redirect_uri,
                        state=authorize_request.state,
                        code=authorize_request.code))

            # redirect to client with query parameters
            return redirect(authorize_request.redirection_url())
        else:
            # denied
            return redirect(authorize_request.redirect_error('access_denied'))
    except Exception as ex:
        logger.exception("Exception occurred")
        return "Error occurred: " + str(ex), 500

Example #3

    def process_authorization_request(client_store):
        """
        Processes GET /authorize endpoint, verifies query paramters, returns login page if all
        is correct
        """
        authorize_request = AuthorizeRequest.from_dictionary(
            request.args).validate(client_store)
        session = authenticated_session(request.cookies.get('session'))
        if session:
            authorize_request = AuthorizeRequest.from_dictionary(
                request.args).process(client_store, session=session)
            if not authorize_request.consent_given(authorize_request.scope):
                return show_consent_page(authorize_request,
                                         request.cookies.get('session'))
            return redirect(authorize_request.redirection_url())

        return make_response(
            render_template('login.html', req=authorize_request.__dict__))