def create_token():
key = current_app.config['priv_key']
try:
data = request.form
if data.get('grant_type') != 'client_credentials':
return _400('Wrong grant_type')
client_id = data.get('client_id')
client_secret = data.get('client_secret')
aud = data.get('audience', '')
if not is_authorized_app(client_id, client_secret):
return abort(401)
now = int(time.time())
token = {'iss': 'https://tokendealer.example.com',
'aud': aud,
'iat': now,
'exp': now + 3600 * 24}
token = jwt.encode(token, key, algorithm='RS512')
return {'access_token': token.decode('utf8')}
except Exception as e:
return _400(str(e))
评论列表
文章目录
