def prepare_refresh_body(self, body='', refresh_token=None, scope=None, **kwargs): """Prepare an access token request, using a refresh token. If the authorization server issued a refresh token to the client, the client makes a refresh request to the token endpoint by adding the following parameters using the "application/x-www-form-urlencoded" format in the HTTP request entity-body: grant_type REQUIRED. Value MUST be set to "refresh_token". refresh_token REQUIRED. The refresh token issued to the client. scope OPTIONAL. The scope of the access request as described by Section 3.3. The requested scope MUST NOT include any scope not originally granted by the resource owner, and if omitted is treated as equal to the scope originally granted by the resource owner. Note that if none is provided, the ones provided in the constructor are used if any. """ refresh_token = refresh_token or self.refresh_token scope = self.scope if scope is None else scope return prepare_token_request(self.refresh_token_key, body=body, scope=scope, refresh_token=refresh_token, **kwargs)
def prepare_request_body(self, body=u'', scope=None, **kwargs): """Add the client credentials to the request body. """ grant_type = GrantType.JWT_BEARER return prepare_token_request(grant_type, body=body, scope=scope, **kwargs)
def prepare_request_body(self, body='', scope=None, **kwargs): """Prepare request body. Overridden. This passes our JWT token grant type parameter. """ return prepare_token_request(GRANT_TYPE, body=body, scope=scope, client_id=self.client_id, **kwargs)
def prepare_request_body(self, client_id=None, code=None, body='', redirect_uri=None, **kwargs): code = code or self.code return prepare_token_request('authorization_code_push', code=code, body=body, client_id=self.client_id, **kwargs)
def prepare_request_body(self, client_id=None, code=None, body='', redirect_uri=None, **kwargs): code = code or self.code return prepare_token_request('openlab_api_key', code=code, body=body, client_id=self.client_id, redirect_uri=redirect_uri, **kwargs)
def prepare_request_body(self, device_code, body='', scope=None, include_client_id=False, **kwargs): """Add device_code to request body The client makes a request to the token endpoint by adding the device_code as a parameter using the "application/x-www-form-urlencoded" format to the HTTP request body. :param body: Existing request body (URL encoded string) to embed parameters into. This may contain extra paramters. Default ''. :param scope: The scope of the access request as described by `Section 3.3`_. :param include_client_id: `True` to send the `client_id` in the body of the upstream request. This is required if the client is not authenticating with the authorization server as described in `Section 3.2.1`_. False otherwise (default). :type include_client_id: Boolean :param kwargs: Extra credentials to include in the token request. The prepared body will include all provided device_code as well as the ``grant_type`` parameter set to ``urn:ietf:params:oauth:grant-type:device_code``:: >>> from oauthlib.oauth2 import DeviceClient >>> client = DeviceClient('your_id', 'your_code') >>> client.prepare_request_body(scope=['hello', 'world']) 'grant_type=urn:ietf:params:oauth:grant-type:device_code&scope=hello+world' .. _`Section 3.4`: https://datatracker.ietf.org/doc/html/rfc8628#section-3.4 """ kwargs['client_id'] = self.client_id kwargs['include_client_id'] = include_client_id scope = self.scope if scope is None else scope return prepare_token_request(self.grant_type, body=body, device_code=device_code, scope=scope, **kwargs)
def prepare_request_body(self, private_key=None, subject=None, issuer=None, audience=None, expires_at=None, issued_at=None, extra_claims=None, body='', scope=None, **kwargs): key = private_key or self.private_key if not key: raise ValueError( "Encryption key must be supplied to make JWT token requests." ) claim = { "iss": issuer or self.issuer, "aud": audience or self.audience, "sub": subject, "exp": int(expires_at or time.time() + 3600), "iat": int(issued_at or time.time()), "scope": scope, } for attr in {"iss", "aud"}: if claim[attr] is None: raise ValueError( "Claim must include {} but none was given.".format(attr) ) if "not_before" in kwargs: claim["nbf"] = kwargs.pop("not_before") if "jwt_id" in kwargs: claim["jti"] = kwargs.pop("jwt_id") claim.update(extra_claims or {}) assertion = jwt.encode(claim, key, "RS256") assertion = to_unicode(assertion) return prepare_token_request(self.grant_type, body=body, assertion=assertion, **kwargs)
def prepare_request_body(self, private_key=None, subject=None, issuer=None, audience=None, expires_at=None, issued_at=None, extra_claims=None, body="", scope=None, **kwargs): key = private_key or self.private_key if not key: raise ValueError( "Encryption key must be supplied to make JWT token requests.") claim = { "iss": issuer or self.issuer, "aud": audience or self.audience, "sub": subject, "exp": int(expires_at or time.time() + 3600), "iat": int(issued_at or time.time()), "scope": scope, } for attr in {"iss", "aud"}: if claim[attr] is None: raise ValueError( "Claim must include {} but none was given.".format(attr)) if "not_before" in kwargs: claim["nbf"] = kwargs.pop("not_before") if "jwt_id" in kwargs: claim["jti"] = kwargs.pop("jwt_id") claim.update(extra_claims or {}) assertion = jwt.encode(claim, key, "RS256") assertion = to_unicode(assertion) return prepare_token_request(self.grant_type, body=body, assertion=assertion, **kwargs)
def prepare_refresh_body(self, body="", refresh_token=None, scope=None, **kwargs): """Prepare an access token request, using a refresh token. If the authorization server issued a refresh token to the client, the client makes a refresh request to the token endpoint by adding the following parameters using the "application/x-www-form-urlencoded" format in the HTTP request entity-body: grant_type REQUIRED. Value MUST be set to "refresh_token". refresh_token REQUIRED. The refresh token issued to the client. scope OPTIONAL. The scope of the access request as described by Section 3.3. The requested scope MUST NOT include any scope not originally granted by the resource owner, and if omitted is treated as equal to the scope originally granted by the resource owner. """ refresh_token = refresh_token or self.refresh_token return prepare_token_request("refresh_token", body=body, scope=scope, refresh_token=refresh_token, **kwargs)
def prepare_request_body(self, body='', scope=None, **kwargs): return prepare_token_request('password', body=body, scope=scope, **kwargs)
def prepare_request_body(self, **kwargs): return prepare_token_request('client_credential', **kwargs)
def prepare_request_body(self, body='', scope=None, **kwargs): return prepare_token_request('password', body = body, scope = scope, **kwargs)