def _jwt_auth(cls): """JSON Web Token authorization""" api_client = ApiClient() api_client.set_base_path(DS_JWT["authorization_server"]) if EXAMPLES_API_TYPE["Rooms"]: use_scopes = ROOMS_SCOPES elif EXAMPLES_API_TYPE["Click"]: use_scopes = CLICK_SCOPES else: use_scopes = SCOPES use_scopes.append("impersonation") # Catch IO error try: private_key = cls._get_private_key().encode("ascii").decode( "utf-8") except (OSError, IOError) as err: return render_template("error.html", err=err) try: cls.ds_app = api_client.request_jwt_user_token( client_id=DS_JWT["ds_client_id"], user_id=DS_JWT["ds_impersonated_user_id"], oauth_host_name=DS_JWT["authorization_server"], private_key_bytes=private_key, expires_in=3600, scopes=use_scopes) return redirect(url_for("ds.ds_callback")) except ApiException as err: body = err.body.decode('utf8') # Grand explicit consent for the application if "consent_required" in body: consent_scopes = " ".join(use_scopes) redirect_uri = DS_CONFIG["app_url"] + url_for("ds.ds_callback") consent_url = f"{DS_CONFIG['authorization_server']}/oauth/auth?response_type=code&" \ f"scope={consent_scopes}&client_id={DS_JWT['ds_client_id']}&redirect_uri={redirect_uri}" return redirect(consent_url) else: process_error(err)
def _write_token(cls, scopes): api_client = ApiClient() api_client.set_base_path(DS_JWT["authorization_server"]) api_client.set_oauth_host_name(DS_JWT["authorization_server"]) private_key = cls._get_private_key().encode("ascii").decode("utf-8") cls.ds_app = api_client.request_jwt_user_token( client_id=DS_JWT["ds_client_id"], user_id=DS_JWT["ds_impersonated_user_id"], oauth_host_name=DS_JWT["authorization_server"], private_key_bytes=private_key, expires_in=3600, scopes=scopes) access_token = open("./config/ds_access_token.txt", "w") access_token.write(cls.ds_app.access_token) access_token.close() user_info = api_client.get_user_info(cls.ds_app.access_token) accounts = user_info.get_accounts() api_account_id = open("./config/API_ACCOUNT_ID", "w") api_account_id.write(accounts[0].account_id) api_account_id.close()