Skip to content

Commit aab9a32

Browse files
alexisluquealexisluque
committed
Migrate to oauthlib and flask-oauthlib
1 parent 1937fea commit aab9a32

File tree

6 files changed

+55
-62
lines changed

6 files changed

+55
-62
lines changed

00-Starter-Seed/constants.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
AUTH0_CLIENT_SECRET = 'AUTH0_CLIENT_SECRET'
88
AUTH0_CALLBACK_URL = 'AUTH0_CALLBACK_URL'
99
AUTH0_DOMAIN = 'AUTH0_DOMAIN'
10+
AUTH0_AUDIENCE = 'AUTH0_AUDIENCE'
1011
AUTHORIZATION_CODE_KEY = 'authorization_code'
1112
CLIENT_ID_KEY = 'client_id'
1213
CLIENT_SECRET_KEY = 'client_secret'
@@ -16,3 +17,4 @@
1617
PROFILE_KEY = 'profile'
1718
REDIRECT_URI_KEY = 'redirect_uri'
1819
SECRET_KEY = 'ThisIsTheSecretKey'
20+

00-Starter-Seed/public/app.js

Lines changed: 0 additions & 22 deletions
This file was deleted.

00-Starter-Seed/requirements.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
flask
22
python-dotenv
33
requests
4-
auth0-python
4+
flask-oauthlib

00-Starter-Seed/server.py

Lines changed: 50 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1,46 @@
11
"""Python Flask WebApp Auth0 integration example
22
"""
33
from functools import wraps
4-
from urllib.parse import urlparse
5-
from os import environ as env, path
6-
import json
7-
8-
from auth0.v3.authentication import GetToken
9-
from auth0.v3.authentication import Users
10-
from dotenv import load_dotenv
4+
from urllib.parse import urlencode
5+
from os import environ as env
6+
from dotenv import load_dotenv, find_dotenv
117
from flask import Flask
128
from flask import redirect
139
from flask import render_template
1410
from flask import request
1511
from flask import send_from_directory
1612
from flask import session
13+
from flask import url_for
14+
from flask_oauthlib.client import OAuth
1715

1816
import constants
1917

20-
load_dotenv(path.join(path.dirname(__file__), ".env"))
18+
load_dotenv(find_dotenv())
2119
AUTH0_CALLBACK_URL = env[constants.AUTH0_CALLBACK_URL]
2220
AUTH0_CLIENT_ID = env[constants.AUTH0_CLIENT_ID]
2321
AUTH0_CLIENT_SECRET = env[constants.AUTH0_CLIENT_SECRET]
2422
AUTH0_DOMAIN = env[constants.AUTH0_DOMAIN]
23+
AUTH0_AUDIENCE = env.get(constants.AUTH0_AUDIENCE)
2524

2625
APP = Flask(__name__, static_url_path='')
2726
APP.secret_key = constants.SECRET_KEY
2827
APP.debug = True
28+
oauth = OAuth(APP)
29+
2930

31+
auth0 = oauth.remote_app(
32+
'auth0',
33+
consumer_key=AUTH0_CLIENT_ID,
34+
consumer_secret=AUTH0_CLIENT_SECRET,
35+
request_token_params={
36+
'scope': 'openid profile',
37+
'audience': AUTH0_AUDIENCE
38+
},
39+
base_url='https://%s' % AUTH0_DOMAIN,
40+
access_token_method='POST',
41+
access_token_url='/oauth/token',
42+
authorize_url='/authorize',
43+
)
3044

3145
def requires_auth(f):
3246
@wraps(f)
@@ -40,6 +54,9 @@ def decorated(*args, **kwargs):
4054
# Controllers API
4155
@APP.route('/')
4256
def home():
57+
if constants.PROFILE_KEY in session:
58+
return redirect(url_for('dashboard'))
59+
4360
return render_template('home.html', env=env)
4461

4562

@@ -52,9 +69,8 @@ def dashboard():
5269
@APP.route('/logout')
5370
def logout():
5471
session.clear()
55-
parsed_base_url = urlparse(AUTH0_CALLBACK_URL)
56-
base_url = parsed_base_url.scheme + '://' + parsed_base_url.netloc
57-
return redirect('https://%s/v2/logout?returnTo=%s&client_id=%s' % (AUTH0_DOMAIN, base_url, AUTH0_CLIENT_ID))
72+
params = {'returnTo': url_for('home', _external=True), 'client_id': AUTH0_CLIENT_ID}
73+
return redirect(auth0.base_url + '/v2/logout?' + urlencode(params))
5874

5975
@APP.route('/public/<path:filename>')
6076
def static_files(filename):
@@ -63,14 +79,30 @@ def static_files(filename):
6379

6480
@APP.route('/callback')
6581
def callback_handling():
66-
code = request.args.get(constants.CODE_KEY)
67-
get_token = GetToken(AUTH0_DOMAIN)
68-
auth0_users = Users(AUTH0_DOMAIN)
69-
token = get_token.authorization_code(AUTH0_CLIENT_ID,
70-
AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL)
71-
user_info = auth0_users.userinfo(token['access_token'])
72-
session[constants.PROFILE_KEY] = json.loads(user_info)
82+
resp = auth0.authorized_response()
83+
if resp is None:
84+
return 'Access denied: reason=%s error=%s' % (
85+
request.args['error_reason'],
86+
request.args['error_description']
87+
)
88+
89+
session['access_token'] = (resp['access_token'], '')
90+
91+
user_info = auth0.get('userinfo')
92+
session[constants.PROFILE_KEY] = user_info.data
93+
7394
return redirect('/dashboard')
7495

96+
97+
@APP.route('/login')
98+
def login():
99+
return auth0.authorize(callback=AUTH0_CALLBACK_URL)
100+
101+
102+
@auth0.tokengetter
103+
def get_auth0_oauth_token():
104+
return session.get('access_token')
105+
106+
75107
if __name__ == "__main__":
76108
APP.run(host='0.0.0.0', port=env.get('PORT', 3000))

00-Starter-Seed/templates/dashboard.html

Lines changed: 1 addition & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -5,16 +5,7 @@
55
<!-- font awesome from BootstrapCDN -->
66
<link href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css" rel="stylesheet">
77
<link href="//maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css" rel="stylesheet">
8-
<script src="http://code.jquery.com/jquery-3.1.0.min.js" type="text/javascript"></script>
9-
<script src="https://cdn.auth0.com/js/auth0/8.6.0/auth0.min.js"></script>
10-
<script src="/public/app.js"> </script>
118
<link href="/public/app.css" rel="stylesheet">
12-
<script>
13-
var AUTH0_CLIENT_ID = '{{env.AUTH0_CLIENT_ID}}';
14-
var AUTH0_DOMAIN = '{{env.AUTH0_DOMAIN}}';
15-
var AUTH0_CALLBACK_URL = '{{env.AUTH0_CALLBACK_URL if env.AUTH0_CALLBACK_URL else "http://localhost:3000/callback" }}';
16-
var API_AUDIENCE = '{{env.API_ID}}';
17-
</script>
189
</head>
1910
<body class="home">
2011
<div class="container">
@@ -23,7 +14,7 @@
2314
<h1 id="logo"><img src="//cdn.auth0.com/samples/auth0_logo_final_blue_RGB.png" /></h1>
2415
<img class="avatar" src="{{user['picture']}}"/>
2516
<h2>Welcome {{user['nickname']}}</h2>
26-
<a class="btn btn-primary btn-lg btn-logout btn-block">Logout</a>
17+
<a class="btn btn-primary btn-lg btn-logout btn-block" href="/logout">Logout</a>
2718
</div>
2819
</div>
2920
</div>

00-Starter-Seed/templates/home.html

Lines changed: 1 addition & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,5 @@
11
<html>
22
<head>
3-
<script src="http://code.jquery.com/jquery-3.1.0.min.js" type="text/javascript"></script>
4-
<script src="https://cdn.auth0.com/js/auth0/8.6.0/auth0.min.js"></script>
5-
63
<script type="text/javascript" src="//use.typekit.net/iws6ohy.js"></script>
74
<script type="text/javascript">try{Typekit.load();}catch(e){}</script>
85

@@ -12,13 +9,6 @@
129
<link href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet">
1310
<link href="//maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css" rel="stylesheet">
1411

15-
<script>
16-
var AUTH0_CLIENT_ID = '{{env.AUTH0_CLIENT_ID}}';
17-
var AUTH0_DOMAIN = '{{env.AUTH0_DOMAIN}}';
18-
var AUTH0_CALLBACK_URL = '{{env.AUTH0_CALLBACK_URL if env.AUTH0_CALLBACK_URL else "http://localhost:3000/callback" }}';
19-
var API_AUDIENCE = '{{env.API_IDENTIFIER}}';
20-
</script>
21-
<script src="/public/app.js"> </script>
2212
<link href="/public/app.css" rel="stylesheet">
2313
</head>
2414
<body class="home">
@@ -28,7 +18,7 @@
2818
<img src="https://i.cloudup.com/StzWWrY34s.png" />
2919
<h3>Auth0 Example</h3>
3020
<p>Zero friction identity infrastructure, built for developers</p>
31-
<a class="btn btn-primary btn-lg btn-login btn-block">SignIn</a>
21+
<a class="btn btn-primary btn-lg btn-login btn-block" href="/login">SignIn</a>
3222
</div>
3323
</div>
3424
</div>

0 commit comments

Comments
 (0)