def handle_authn_response():
# parse authn response
authn_response = current_app.rp.client.parse_response(AuthorizationResponse,
info=request.query_string.decode("utf-8"),
sformat="urlencoded")
auth_code = None
if "code" in authn_response:
auth_code = authn_response["code"]
# make token request
args = {
"code": auth_code,
"client_id": current_app.rp.client.client_id,
"client_secret": current_app.rp.client.client_secret
}
token_response = current_app.rp.client.do_access_token_request(scope="openid", request_args=args)
access_token = token_response["access_token"]
id_token = token_response["id_token"].to_dict()
# TODO do userinfo req
else:
id_token = authn_response["id_token"].to_dict()
access_token = authn_response.get("access_token")
return jsonify(dict(auth_code=auth_code, token=access_token, id_token=id_token))
评论列表
文章目录
