def auth_request(): global authorization_requests state = randomstring(128) nonce = randomstring(128) code_verifier = randomstring(128) code_challenge_raw = hashlib.sha256(code_verifier.encode('utf-8')).digest() code_challenge = base64.urlsafe_b64encode(code_challenge_raw).decode( 'utf-8').replace('=', '') authorization_requests[state] = { 'state': state, 'nonce': nonce, 'code_challenge': code_challenge, 'code_verifier': code_verifier } print(authorization_requests[state]) oauth = WebApplicationClient(os.environ.get("AUTH0_CLIENT_ID")) url, headers, body = oauth.prepare_authorization_request( f'https://{os.environ.get("AUTH0_DOMAIN")}/authorize', redirect_url=os.environ.get("AUTH0_REDIRECT_URL"), scope=os.environ.get("HERMES_SCOPE"), audience=os.environ.get("HERMES_AUDIENCE"), state=state, nonce=nonce, code_challenge=code_challenge, code_challenge_method='S256') print(url) return redirect(url)
def test_prepare_authorization_requeset(self): client = WebApplicationClient(self.client_id) url, header, body = client.prepare_authorization_request( self.uri, redirect_url=self.redirect_uri, state=self.state, scope=self.scope) self.assertURLEqual(url, self.uri_authorize_code) # verify default header and body only self.assertEqual(header, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(body, '')
def test_prepare_authorization_requeset(self): client = WebApplicationClient(self.client_id) url, header, body = client.prepare_authorization_request( self.uri, redirect_url=self.redirect_uri, state=self.state, scope=self.scope) self.assertURLEqual(url, self.uri_authorize_code) # verify default header and body only self.assertEqual(header, {'Content-Type': 'application/x-www-form-urlencoded'}) self.assertEqual(body, '')
def request_auth(): ''' Request an authorization URL Send: client_id, redirect_uri, response_type Receive: authorization code ''' client = WebApplicationClient(app.config['CLIENT_ID']) req = client.prepare_authorization_request( yahoo_oauth2.request_auth_url, redirect_url=yahoo_oauth2.redirect_url) auth_url, headers, body = req return redirect(auth_url)
def notify(): oauth = WebApplicationClient(settings.LINE_NOTIFY_ID) state = "".join([ random.choice(string.ascii_letters + string.digits) for i in range(32) ]) session["state"] = state url, headers, body = oauth.prepare_authorization_request( 'https://notify-bot.line.me/oauth/authorize', state=state, redirect_url=request.base_url + "/callback", scope='notify') return redirect(url)
def line_login(): oauth = WebApplicationClient(settings.LINE_CHANNEL_ID) state = "".join([ random.choice(string.ascii_letters + string.digits) for i in range(32) ]) session["state"] = state url, headers, body = oauth.prepare_authorization_request( 'https://access.line.me/oauth2/v2.1/authorize', state=state, redirect_url=request.base_url + "/callback", scope='profile openid', bot_prompt='normal') return redirect(url)
def google_login(): google_provider_cfg = get_google_provider_cfg() oauth = WebApplicationClient(settings.GOOGLE_CLIENT_ID) authorization_endpoint = google_provider_cfg["authorization_endpoint"] state = "".join([ random.choice(string.ascii_letters + string.digits) for i in range(32) ]) session["state"] = state url, headers, body = oauth.prepare_authorization_request( authorization_endpoint, state=state, redirect_url=request.base_url + "/callback", scope=['profile', 'openid']) return redirect(url)