Comments (4)
nfvs
commented on May 17, 2024
Sorry it actually exists as a property, but it was returning None:
@property
def add_token(self):
if not self.token:
return None
token_type = self.token['token_type'].lower()
if token_type == 'bearer':
return add_bearer_tokenI followed the docs and had token_type="oauth1.0", which was making that function return None.
from authlib.
lepture
commented on May 17, 2024
@nfvs OAuth2Session is designed for OAuth 2. Currently, it only supports bearer token.
I followed the docs and had
token_type="oauth1.0"
Where did you find this in the documentation? It must be a mistake.
Are you trying OAuth 1? Then you should use OAuth1Session.
from authlib.
nfvs
commented on May 17, 2024
I'm using OAuth 2 actually. My mistake, the model only has OAUTH1_TOKEN_TYPE = 'oauth1.0': https://docs.authlib.org/en/latest/client/frameworks.html#cache-database
I'm storing the tokens in flask's session cookie, right after calling authorize_access_token(), and then in fetch_token I was just hardcoding a token_type.
from authlib.
lepture
commented on May 17, 2024
@nfvs It is not safe to store a token in session cookies. If you are just doing it for testing, that's ok.
from authlib.
Related Issues (20)
- JWTBearerTokenGenerator.generate - can not able to generate token with expires_in=0
- JWTBearerTokenValidator don't send parameters now and leeway to claim.validate
- ask to transform inline function "load_key" to method of OpenIDMixin
- Documentation for FastAPI/Starlette for Oauth2 is incorrect/misleading/confusing? HOT 3
- Drop `starlette.config.Config` from the Starlette integration
- Support for OIDC4VC standards
- 1.3.0: sphinx warnings `reference target not found` HOT 3
- 1.3.0: pytest dails in few units HOT 1
- import importlib.metadata missing from authlib.integrations.flask_oauth2.errors.py? HOT 2
- Missing Dependencies (httpx & itsdangerous) HOT 3
- Support async functions in compliance hooks.
- httpx OAuth2 client has incorrect oauth_error_class
- Documentation: Missing OIDC client documentation on custom claims HOT 1
- Session cookie grows indefinitely, results in CSRF Warning. HOT 3
- Have a WSGI integration example
- rfc7519 JsonWebEncryption is initialized with an incorrect list of algorhythms.
- Incorrect check for insecure transport on OAuth1.0
- Have special character encoding be optional
- Quoting (URL-encoding) Base authentication username / password is incorrect
- JWT authentication issue HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authlib.