def init_oauth_url(wsgi):
global server
query_client = create_query_client_func(db_session, Client)
server = AuthorizationServer(wsgi, query_client=query_client)
register_authorization_hooks(
server,
db_session,
token_credential_model=TokenCredential,
temporary_credential_model=TemporaryCredential,
timestamp_nonce_model=TimestampNonce,
)
def create_authorization_server(app, use_cache=False, lazy=False):
query_client = create_query_client_func(db.session, Client)
if lazy:
server = AuthorizationServer()
server.init_app(app, query_client)
else:
server = AuthorizationServer(app, query_client=query_client)
if use_cache:
cache = SimpleCache()
register_nonce_hooks(server, cache)
register_temporary_credential_hooks(server, cache)
register_authorization_hooks(server, db.session, TokenCredential)
else:
register_authorization_hooks(
server,
db.session,
token_credential_model=TokenCredential,
temporary_credential_model=TemporaryCredential,
timestamp_nonce_model=TimestampNonce,
)
@app.route('/oauth/initiate', methods=['GET', 'POST'])
def initiate():
return server.create_temporary_credentials_response()
@app.route('/oauth/authorize', methods=['GET', 'POST'])
def authorize():
if request.method == 'GET':
try:
server.check_authorization_request()
return 'ok'
except OAuth1Error:
return 'error'
user_id = request.form.get('user_id')
if user_id:
grant_user = User.query.get(int(user_id))
else:
grant_user = None
try:
return server.create_authorization_response(grant_user=grant_user)
except OAuth1Error as error:
return url_encode(error.get_body())
@app.route('/oauth/token', methods=['POST'])
def issue_token():
return server.create_token_response()
return server
def create_resource_server(app, use_cache=False):
if use_cache:
cache = SimpleCache()
exists_nonce = create_cache_exists_nonce_func(cache)
else:
exists_nonce = create_db_exists_nonce_func(db.session, TimestampNonce)
require_oauth = ResourceProtector(
app,
query_client=create_query_client_func(db.session, Client),
query_token=create_query_token_func(db.session, TokenCredential),
exists_nonce=exists_nonce,
)
@app.route('/user')
@require_oauth()
def user_profile():
user = current_credential.user
return jsonify(id=user.id, username=user.username)
ResourceProtector,
)
from authlib.flask.oauth1.sqla import (
create_query_token_func,
create_query_client_func,
register_token_credential_hooks,
)
from authlib.flask.oauth1.cache import (
create_exists_nonce_func,
register_temporary_credential_hooks,
register_nonce_hooks,
)
from ..models import db, cache, OAuth1Client, OAuth1Token
query_client = create_query_client_func(db.session, OAuth1Client)
query_token = create_query_token_func(db.session, OAuth1Token)
exists_nonce = create_exists_nonce_func(cache)
authorization = AuthorizationServer(query_client=query_client)
require_oauth = ResourceProtector(
query_client=query_client,
query_token=query_token,
exists_nonce=exists_nonce,
)
def init_app(app):
authorization.init_app(app)
register_nonce_hooks(authorization, cache)
register_temporary_credential_hooks(authorization, cache)