def auth():
# Issues access token
username = request.form.get('username')
password = request.form.get('password')
client_id = request.form.get('client_id')
client_secret = request.form.get('client_secret')
if None in [username, password, client_id, client_secret]:
return json.dumps({
"error": "invalid_request"
}), 400
if not authenticate_user_credentials(username, password):
return json.dumps({
"error": "access_denied"
}), 401
if not authenticate_client(client_id, client_secret):
return json.dumps({
"error": "invalid_client"
}), 400
access_token = generate_access_token()
return json.dumps({
"access_token": access_token,
"token_type": "JWT",
"expires_in": LIFE_SPAN
})
def exchange_for_token():
# Issues access token
authorization_code = request.form.get('authorization_code')
client_id = request.form.get('client_id')
client_secret = request.form.get('client_secret')
redirect_url = request.form.get('redirect_url')
scopes = request.form.get('scopes')
if None in [authorization_code, client_id, client_secret, redirect_url]:
return json.dumps({
"error": "invalid_request"
}), 400
if not authenticate_client(client_id, client_secret):
return json.dumps({
"error": "invalid_client"
}), 400
if not verify_authorization_code(authorization_code, client_id, redirect_url):
return json.dumps({
"error": "access_denied"
}), 400
access_token = generate_access_token()
id_token = generate_id_token(client_id, client_secret)
logger.debug('id_token: {}'.format(id_token))
return json.dumps({
"access_token": access_token.decode(),
"id_token": id_token.decode(),
"token_type": "JWT",
"expires_in": JWT_LIFE_SPAN
})
def exchange_for_token():
# Issues access token
authorization_code = request.form.get("authorization_code")
client_id = request.form.get("client_id")
client_secret = request.form.get("client_secret")
redirect_url = request.form.get("redirect_url")
if None in [authorization_code, client_id, client_secret, redirect_url]:
return json.dumps({"error": "invalid_request"}), 400
if not authenticate_client(client_id, client_secret):
return json.dumps({"error": "invalid_client"}), 400
if not verify_authorization_code(authorization_code, client_id, redirect_url):
return json.dumps({"error": "access_denied"}), 400
access_token = generate_access_token()
return json.dumps(
{
"access_token": access_token.decode(),
"token_type": "JWT",
"expires_in": JWT_LIFE_SPAN,
}
)
def auth():
# Issues access token
client_id = request.form.get("client_id")
client_secret = request.form.get("client_secret")
if None in [client_id, client_secret]:
return json.dumps({"error": "invalid_request"}), 400
if not authenticate_client(client_id, client_secret):
return json.dumps({"error": "invalid_client"}), 400
access_token = generate_access_token()
return json.dumps({
"access_token": access_token,
"token_type": "JWT",
"expires_in": LIFE_SPAN
})
def exchange_for_token():
# Issues access token
authorization_code = request.form.get('authorization_code')
client_id = request.form.get('client_id')
client_secret = request.form.get('client_secret')
redirect_url = request.form.get('redirect_url')
if None in [authorization_code, client_id, client_secret, redirect_url]:
return json.dumps({"error": "invalid_request"}), 400
if not authenticate_client(client_id, client_secret):
return json.dumps({"error": "invalid_client"}), 400
data = verify_authorization_code(authorization_code, client_id)
if data == "False":
return json.dumps({"error": "access_denied"}), 400
access_token = generate_access_token(data)
return json.dumps({
"access_token": access_token.decode(),
"token_type": "JWT",
"expires_in": JWT_LIFE_SPAN
})