def auth_request():
global authorization_requests
state = randomstring(128)
nonce = randomstring(128)
code_verifier = randomstring(128)
code_challenge_raw = hashlib.sha256(code_verifier.encode('utf-8')).digest()
code_challenge = base64.urlsafe_b64encode(code_challenge_raw).decode(
'utf-8').replace('=', '')
authorization_requests[state] = {
'state': state,
'nonce': nonce,
'code_challenge': code_challenge,
'code_verifier': code_verifier
}
print(authorization_requests[state])
oauth = WebApplicationClient(os.environ.get("AUTH0_CLIENT_ID"))
url, headers, body = oauth.prepare_authorization_request(
f'https://{os.environ.get("AUTH0_DOMAIN")}/authorize',
redirect_url=os.environ.get("AUTH0_REDIRECT_URL"),
scope=os.environ.get("HERMES_SCOPE"),
audience=os.environ.get("HERMES_AUDIENCE"),
state=state,
nonce=nonce,
code_challenge=code_challenge,
code_challenge_method='S256')
print(url)
return redirect(url)
def test_prepare_authorization_requeset(self):
client = WebApplicationClient(self.client_id)
url, header, body = client.prepare_authorization_request(
self.uri, redirect_url=self.redirect_uri, state=self.state, scope=self.scope)
self.assertURLEqual(url, self.uri_authorize_code)
# verify default header and body only
self.assertEqual(header, {'Content-Type': 'application/x-www-form-urlencoded'})
self.assertEqual(body, '')
def test_prepare_authorization_requeset(self):
client = WebApplicationClient(self.client_id)
url, header, body = client.prepare_authorization_request(
self.uri, redirect_url=self.redirect_uri, state=self.state, scope=self.scope)
self.assertURLEqual(url, self.uri_authorize_code)
# verify default header and body only
self.assertEqual(header, {'Content-Type': 'application/x-www-form-urlencoded'})
self.assertEqual(body, '')
def request_auth():
'''
Request an authorization URL
Send: client_id, redirect_uri, response_type
Receive: authorization code
'''
client = WebApplicationClient(app.config['CLIENT_ID'])
req = client.prepare_authorization_request(
yahoo_oauth2.request_auth_url, redirect_url=yahoo_oauth2.redirect_url)
auth_url, headers, body = req
return redirect(auth_url)
def notify():
oauth = WebApplicationClient(settings.LINE_NOTIFY_ID)
state = "".join([
random.choice(string.ascii_letters + string.digits) for i in range(32)
])
session["state"] = state
url, headers, body = oauth.prepare_authorization_request(
'https://notify-bot.line.me/oauth/authorize',
state=state,
redirect_url=request.base_url + "/callback",
scope='notify')
return redirect(url)
def line_login():
oauth = WebApplicationClient(settings.LINE_CHANNEL_ID)
state = "".join([
random.choice(string.ascii_letters + string.digits) for i in range(32)
])
session["state"] = state
url, headers, body = oauth.prepare_authorization_request(
'https://access.line.me/oauth2/v2.1/authorize',
state=state,
redirect_url=request.base_url + "/callback",
scope='profile openid',
bot_prompt='normal')
return redirect(url)
def google_login():
google_provider_cfg = get_google_provider_cfg()
oauth = WebApplicationClient(settings.GOOGLE_CLIENT_ID)
authorization_endpoint = google_provider_cfg["authorization_endpoint"]
state = "".join([
random.choice(string.ascii_letters + string.digits) for i in range(32)
])
session["state"] = state
url, headers, body = oauth.prepare_authorization_request(
authorization_endpoint,
state=state,
redirect_url=request.base_url + "/callback",
scope=['profile', 'openid'])
return redirect(url)
