diff options
| author | Dashie <dashie@sigpipe.me> | 2021-02-23 23:15:36 +0100 |
|---|---|---|
| committer | Dashie <dashie@sigpipe.me> | 2021-02-23 23:15:36 +0100 |
| commit | 9ae5186bca6386c255eccfb20afe3c7f0cd8a726 (patch) | |
| tree | 5c29c068bb049478355e9d88792eae20a2659817 | |
| parent | 81fce46bff43598af0c976a160a21a66169141d5 (diff) | |
This uses the client_metadata from authlib, /oauth/authorize seems ok, /oauth/token still not working
| -rw-r--r-- | api/controllers/api/v1/auth.py | 24 | ||||
| -rw-r--r-- | api/migrations/versions/dff4edfb26b6_.py | 41 | ||||
| -rw-r--r-- | api/models.py | 7 |
3 files changed, 55 insertions, 17 deletions
diff --git a/api/controllers/api/v1/auth.py b/api/controllers/api/v1/auth.py index 4cb7aefa..4261b7b8 100644 --- a/api/controllers/api/v1/auth.py +++ b/api/controllers/api/v1/auth.py @@ -41,19 +41,23 @@ def create_client(): return response client = OAuth2Client() - client.client_name = req.get("client_name") - client.client_uri = req.get("website", None) - client.redirect_uri = req.get("redirect_uris") - client.scope = req.get("scopes") client.client_id = gen_salt(24) + metadatas = { + "client_name": req.get("client_name"), + "client_uri": req.get("website", None), + "redirect_uris": req.get("redirect_uris"), + "scope": req.get("scopes"), + # this needs to be hardcoded for whatever reason + "response_type": "code", + "grant_type": "authorization_code\r\nclient_credentials\r\npassword", + "token_endpoint_auth_method": "client_secret_post", + } if client.token_endpoint_auth_method == "none": client.client_secret = "" else: client.client_secret = gen_salt(48) - # this needs to be hardcoded for whatever reason - client.response_type = "code" - client.grant_type = "authorization_code\r\nclient_credentials\r\npassword" - client.token_endpoint_auth_method = "client_secret_post" + + client.set_client_metadata(metadatas) db.session.add(client) db.session.commit() @@ -63,7 +67,7 @@ def create_client(): "client_secret": client.client_secret, "id": client.id, "name": client.client_name, - "redirect_uri": client.redirect_uri, + "redirect_uris": client.redirect_uris[0] if len(client.redirect_uris) else "", "website": client.client_uri, "vapid_key": None, # FIXME to implement this } @@ -136,7 +140,7 @@ def oauth_token(): d["redirect_uri"] = request.json["redirect_uri"] request.form = ImmutableMultiDict(d) - return authorization.create_token_response() + return authorization.create_token_response(request) @bp_api_v1_auth.route("/oauth/revoke", methods=["POST"]) diff --git a/api/migrations/versions/dff4edfb26b6_.py b/api/migrations/versions/dff4edfb26b6_.py new file mode 100644 index 00000000..e8b80b2a --- /dev/null +++ b/api/migrations/versions/dff4edfb26b6_.py @@ -0,0 +1,41 @@ +"""empty message + +Revision ID: dff4edfb26b6 +Revises: 7df5c87e5fef +Create Date: 2021-02-23 22:59:23.112766 + +""" + +# revision identifiers, used by Alembic. +revision = "dff4edfb26b6" +down_revision = "7df5c87e5fef" + +from alembic import op # noqa: E402 +import sqlalchemy as sa # noqa: E402 + + +def upgrade(): + # ### commands auto generated by Alembic - please adjust! ### + op.drop_column("oauth2_client", "redirect_uri") + op.drop_column("oauth2_client", "client_uri") + op.drop_column("oauth2_client", "response_type") + op.drop_column("oauth2_client", "client_name") + op.drop_column("oauth2_client", "grant_type") + op.drop_column("oauth2_client", "token_endpoint_auth_method") + op.drop_column("oauth2_client", "scope") + # ### end Alembic commands ### + + +def downgrade(): + # ### commands auto generated by Alembic - please adjust! ### + op.add_column("oauth2_client", sa.Column("scope", sa.TEXT(), autoincrement=False, nullable=False)) + op.add_column( + "oauth2_client", + sa.Column("token_endpoint_auth_method", sa.VARCHAR(length=48), autoincrement=False, nullable=True), + ) + op.add_column("oauth2_client", sa.Column("grant_type", sa.TEXT(), autoincrement=False, nullable=False)) + op.add_column("oauth2_client", sa.Column("client_name", sa.VARCHAR(length=100), autoincrement=False, nullable=True)) + op.add_column("oauth2_client", sa.Column("response_type", sa.TEXT(), autoincrement=False, nullable=False)) + op.add_column("oauth2_client", sa.Column("client_uri", sa.TEXT(), autoincrement=False, nullable=True)) + op.add_column("oauth2_client", sa.Column("redirect_uri", sa.TEXT(), autoincrement=False, nullable=True)) + # ### end Alembic commands ### diff --git a/api/models.py b/api/models.py index ddb4b86c..294956df 100644 --- a/api/models.py +++ b/api/models.py @@ -219,13 +219,6 @@ class OAuth2Client(db.Model, OAuth2ClientMixin): id = db.Column(db.Integer, primary_key=True) user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE")) - client_name = db.Column(db.String(255)) - client_uri = db.Column(db.Text()) - redirect_uri = db.Column(db.Text()) - scope = db.Column(db.Text(), nullable=False) - token_endpoint_auth_method = db.Column(db.String(50)) - response_type = db.Column(db.Text(), nullable=False) - grant_type = db.Column(db.Text(), nullable=False) user = db.relationship("User") |