def config_oauth(app): authorization.init_app( app, query_client=query_client, save_token=save_token ) # support all grants authorization.register_grant(grants.ImplicitGrant) authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(AuthorizationCodeGrant, [ CodeChallenge(required=True), OpenIDCode(require_nonce=True) ]) authorization.register_grant(PasswordGrant) authorization.register_grant(RefreshTokenGrant) authorization.register_grant(OpenIDImplicitGrant) authorization.register_grant(OpenIDHybridGrant) # OAuth2 server configurations with app.app_context(): AuthorizationCodeGrant.TOKEN_ENDPOINT_AUTH_METHODS = app.config.get('TOKEN_ENDPOINT_AUTH_METHODS', []) RefreshTokenGrant.INCLUDE_NEW_REFRESH_TOKEN = app.config.get('INCLUDE_NEW_REFRESH_TOKEN', False) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls)
def config_oauth(app): query_client = create_query_client_func(db.session, OAuth2Client) save_token = create_save_token_func(db.session, OAuth2Token) authorization.init_app(app, query_client=query_client, save_token=save_token) # support all openid grants authorization.register_grant(AuthorizationCodeGrant, [ OpenIDCode(require_nonce=True), ]) #authorization.register_grant(ImplicitGrant) #authorization.register_grant(OpenIDImplicitGrant) #authorization.register_grant(HybridGrant) #authorization.register_grant(grants.ClientCredentialsGrant) #authorization.register_grant(RefreshTokenGrant) #authorization.register_grant(PasswordGrant) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls()) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls)
def configure_oauth(app): authorization.init_app(app) authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(RefreshTokenGrant) revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
def config_oauth(app): authorization.init_app(app) authorization.register_grant(AuthorizationCodeGrant, [CodeChallenge(required=True)]) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
def config_oauth(app): authorization.init_app(app) authorization.register_grant(grants.ImplicitGrant) authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(AuthorizationCodeGrant, [CodeChallenge(required=True)]) authorization.register_grant(PasswordGrant) authorization.register_grant(RefreshTokenGrant) revocation_cls = create_revocation_endpoint(db.session, OAuth2TokenModel) authorization.register_endpoint(revocation_cls) bearer_cls = create_bearer_token_validator(db.session, OAuth2TokenModel) require_oauth.register_token_validator(bearer_cls())
def configOauth2(app): authorization.init_app(app) # support all grants authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(PasswordGrant) authorization.register_grant(RefreshTokenGrant) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
def config_oauth(app): authorization.init_app(app) authorization.register_client_auth_method( 'client_secret_json', authenticate_client_secret_json) # supported grant types authorization.register_grant(ClientCredentialsGrant) authorization.register_grant(AuthorizationCodeGrant, [CodeChallenge(required=False)]) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
def config_oauth(app): authorization.init_app(app, query_client=query_client, save_token=save_token) # support all grants authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(AuthorizationCodeGrant, [CodeChallenge(required=True)]) authorization.register_grant(RefreshTokenGrant) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
def config_oauth(app): '''Setup the application configuration''' query_client = create_query_client_func(db, OAuth2Client) save_token = create_save_token_func(db, OAuth2Token) authorization.init_app(app, query_client=query_client, save_token=save_token) authorization.register_grant(AuthorizationCodeGrant, [ OpenIDCode(require_nonce=True), ]) authorization.register_grant(RefreshTokenGrant) authorization.register_endpoint(IntrospectionEndpoint) revocation_cls = create_revocation_endpoint(db, OAuth2Token) authorization.register_endpoint(revocation_cls) bearer_cls = create_bearer_token_validator(db, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
def config_oauth(app, url_prefix="/oauth"): authorization.init_app(app) # support all grants authorization.register_grant(grants.ImplicitGrant) authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(AuthorizationCodeGrant) authorization.register_grant(PasswordGrant) authorization.register_grant(RefreshTokenGrant) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls()) # main app.register_blueprint(bp, url_prefix=url_prefix)
from flask import json from authlib.integrations.sqla_oauth2 import create_revocation_endpoint from .models import db, User, Client, Token from .oauth2_server import TestCase from .oauth2_server import create_authorization_server RevocationEndpoint = create_revocation_endpoint(db.session, Token) class RevokeTokenTest(TestCase): def prepare_data(self): app = self.app server = create_authorization_server(app) server.register_endpoint(RevocationEndpoint) @app.route('/oauth/revoke', methods=['POST']) def revoke_token(): return server.create_endpoint_response('revocation') user = User(username='******') db.session.add(user) db.session.commit() client = Client( user_id=user.id, client_id='revoke-client', client_secret='revoke-secret', ) client.set_client_metadata({ 'scope': 'profile', 'redirect_uris': ['http://localhost/authorized'],
credential.revoked = True db.session.add(credential) db.session.commit() query_client = create_query_client_func(db.session, OAuth2Client) save_token = create_save_token_func(db.session, OAuth2Token) authorization = AuthorizationServer( query_client=query_client, save_token=save_token, ) require_oauth = ResourceProtector() authorization.init_app(app) # support all grants # authorization.register_grant(grants.ImplicitGrant) authorization.register_grant(grants.ClientCredentialsGrant) authorization.register_grant(AuthorizationCodeGrant, [CodeChallenge(required=True)]) authorization.register_grant(PasswordGrant) authorization.register_grant(RefreshTokenGrant) # support revocation revocation_cls = create_revocation_endpoint(db.session, OAuth2Token) authorization.register_endpoint(revocation_cls) # protect resource bearer_cls = create_bearer_token_validator(db.session, OAuth2Token) require_oauth.register_token_validator(bearer_cls())
from fastapi import Request, Form from authlib.integrations.sqla_oauth2 import create_revocation_endpoint from .models import db, User, Client, Token from .oauth2_server import TestCase from .oauth2_server import create_authorization_server RevocationEndpoint = create_revocation_endpoint(db, Token) class RevokeTokenTest(TestCase): def prepare_data(self): app = self.app server = create_authorization_server(app) server.register_endpoint(RevocationEndpoint) @app.post('/oauth/revoke') def revoke_token(request: Request, token: str = Form(None), token_type_hint: str = Form(None)): request.body = {} if token: request.body.update({'token': token}) if token_type_hint: request.body.update({'token_type_hint': token_type_hint}) return server.create_endpoint_response('revocation', request=request) user = User(username='******') db.add(user) db.commit() client = Client(