Skip to content

Commit

Permalink
fix grant_type accessor
Browse files Browse the repository at this point in the history
  • Loading branch information
tianj7 committed Sep 29, 2023
1 parent ba1cd22 commit d6a07d8
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 19 deletions.
6 changes: 1 addition & 5 deletions fence/blueprints/oauth2.py
Original file line number Diff line number Diff line change
Expand Up @@ -323,12 +323,8 @@ def get_token(*args, **kwargs):
See the OpenAPI documentation for detailed specification, and the OAuth2
tests for examples of some operation and correct behavior.
"""
logger.debug("logging request coming in..")
for key in flask.request.values.keys():
logger.debug(key + " : " + flask.request.values[key])

try:
response = server.create_token_response(flask.request)
response = server.create_token_response()
except (JWTError, JWTExpiredError) as e:
# - in Authlib 0.11, create_token_response does not raise OAuth2Error
# - fence.jwt.errors.JWTError: blacklisted refresh token
Expand Down
30 changes: 16 additions & 14 deletions fence/oidc/oidc_server.py
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,11 @@ def init_app(self, app, query_client=None, save_token=None):
if getattr(self, "query_client"):
self.authenticate_client = ClientAuthentication(query_client)

# 2023-09-29
# Below code replaces authlib functions. It does the same thing as authlib 1.2.1 except it returns grant_scope from
# either args or forms. Authlib 1.2.1 forces grant_type to be part of post request body which isn't our use case.
# https://github.com/lepture/authlib/blob/a6e89f8e6cf6f6bebd63dcdc2665b7d22cf0fde3/authlib/oauth2/rfc6749/requests.py#L59C10-L59C10
# It does not seem to be a OAuth2 spec problem since other variables can be part of the query string.
def create_token_response(self, request=None):
"""Validate token request and create token response.
Expand All @@ -92,20 +97,7 @@ def create_token_response(self, request=None):
return self.handle_error_response(request, error)

def create_oauth2_request(self, request):
logger.debug("Creating Oauth2 Request. Logging flask request vars")
for key in flask.request.values.keys():
logger.debug(key + " : " + flask.request.values[key])

oauth_request = FenceOAuth2Request(flask.request)

logger.debug("Logging Created Oauth2 Request variables")
if oauth_request.grant_type:
logger.debug("request.grant_type:" + oauth_request.grant_type)
else:
logger.debug("request.grant_type is None")

logger.debug("request.method:" + oauth_request.method)
return oauth_request
return FenceOAuth2Request(flask.request)


class FenceOAuth2Request(OAuth2Request):
Expand All @@ -126,6 +118,11 @@ def __init__(self, request: Request):
else:
logger.debug("request.grant_type is None")

if self.scope:
logger.debug("request.scope:" + self.scope)
else:
logger.debug("request.scopeis None")

@property
def args(self):
return self._request.args
Expand All @@ -137,3 +134,8 @@ def form(self):
@property
def data(self):
return self._request.values

# Get grant_type from either url or body
@property
def grant_type(self) -> str:
return self.data.get("grant_type")

0 comments on commit d6a07d8

Please sign in to comment.