def authorize_return(self):
"""Authorization code redirect endpoint.
At this point the server verifies an OpenId and retrieves user's
e-mail and full name from request
The client may already use both the e-mail and the fullname in the
templates, even though there was no token request so far.
"""
# This will raise an exception if it's not valid
openid_client.verify_openid(request)
headers, body, code = SERVER.create_authorization_response(
uri=request.url,
http_method=request.method,
body=request.body,
scopes=request.params.get("scope"),
headers=request.headers)
response.headers = dict((str(k), str(v))
for k, v in six.iteritems(headers))
response.status_code = code
body = body or ''
response.body = body.encode('utf-8')
return response
def authorize_return(self):
"""Authorization code redirect endpoint.
At this point the server verifies an OpenId and retrieves user's
e-mail and full name from request
The client may already use both the e-mail and the fullname in the
templates, even though there was no token request so far.
"""
# This will raise an exception if it's not valid
openid_client.verify_openid(request)
headers, body, code = SERVER.create_authorization_response(
uri=request.url,
http_method=request.method,
body=request.body,
scopes=request.params.get("scope"),
headers=request.headers)
response.headers = dict(
(str(k), str(v)) for k, v in six.iteritems(headers))
response.status_code = code
body = body or ''
response.body = body.encode('utf-8')
return response
def _access_token_by_code(self):
auth_code = request.params.get("code")
code_info = auth_api.authorization_code_get(auth_code)
headers, body, code = SERVER.create_token_response(
uri=request.url,
http_method=request.method,
body=request.body,
headers=request.headers)
response.headers = dict(
(str(k), str(v)) for k, v in six.iteritems(headers))
response.status_code = code
json_body = json.loads(body)
# Update a body with user_id only if a response is 2xx
if code / 100 == 2:
json_body.update({'id_token': code_info.user_id})
response.json = json_body
return response
def _access_token_by_code(self):
auth_code = request.params.get("code")
code_info = auth_api.authorization_code_get(auth_code)
headers, body, code = SERVER.create_token_response(
uri=request.url,
http_method=request.method,
body=request.body,
headers=request.headers)
response.headers = dict((str(k), str(v))
for k, v in six.iteritems(headers))
response.status_code = code
json_body = json.loads(body)
# Update a body with user_id only if a response is 2xx
if code / 100 == 2:
json_body.update({
'id_token': code_info.user_id
})
response.json = json_body
return response
def _access_token_by_refresh_token(self):
refresh_token = request.params.get("refresh_token")
refresh_token_info = \
refresh_token_api.refresh_token_get_by_token(refresh_token)
headers, body, code = SERVER.create_token_response(
uri=request.url,
http_method=request.method,
body=request.body,
headers=request.headers)
response.headers = dict(
(str(k), str(v)) for k, v in six.iteritems(headers))
response.status_code = code
json_body = json.loads(body)
# Update a body with user_id only if a response is 2xx
if code / 100 == 2:
json_body.update({'id_token': refresh_token_info.user_id})
response.json = json_body
return response
def _access_token_by_refresh_token(self):
refresh_token = request.params.get("refresh_token")
refresh_token_info = \
refresh_token_api.refresh_token_get_by_token(refresh_token)
headers, body, code = SERVER.create_token_response(
uri=request.url,
http_method=request.method,
body=request.body,
headers=request.headers)
response.headers = dict((str(k), str(v))
for k, v in six.iteritems(headers))
response.status_code = code
json_body = json.loads(body)
# Update a body with user_id only if a response is 2xx
if code / 100 == 2:
json_body.update({
'id_token': refresh_token_info.user_id
})
response.json = json_body
return response
