Python如何通过使用oauthlib的帐户身份验证来获取ID_令牌以与Open ID Connect一起使用
现在,我可以使用requests_oauthlib和作用域获取访问令牌。不过,我希望能够获得完整的ID_代币,并想知道这是否可能与我所做的事情的方式Python如何通过使用oauthlib的帐户身份验证来获取ID_令牌以与Open ID Connect一起使用,python,python-3.x,oauth-2.0,openid-connect,jwt-auth,Python,Python 3.x,Oauth 2.0,Openid Connect,Jwt Auth,现在,我可以使用requests_oauthlib和作用域获取访问令牌。不过,我希望能够获得完整的ID_代币,并想知道这是否可能与我所做的事情的方式 import flask import requests_oauthlib import os import requests CLIENT_ID = "ClientIDKEY" CLIENT_SECRET = "CLIENTSECRETKEY" redirect_uri = "http://localhost:5000/callback"
import flask
import requests_oauthlib
import os
import requests
CLIENT_ID = "ClientIDKEY"
CLIENT_SECRET = "CLIENTSECRETKEY"
redirect_uri = "http://localhost:5000/callback"
AUTHORIZATION_BASE_URL = "https://accounts.google.com/o/oauth2/auth"
TOKEN_URL = "https://oauth2.googleapis.com/token"
USERINFO_URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
SCOPE_URL = "https://www.googleapis.com/auth/userinfo.profile"
# This allows us to use a plain HTTP callback
os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"
app = flask.Flask(__name__)
@app.route("/")
def index():
return """
<a href="/login">Login with Google</a>
"""
@app.route("/login")
def login():
simplelogin = requests_oauthlib.OAuth2Session(
CLIENT_ID, redirect_uri=redirect_uri, scope=SCOPE_URL
)
authorization_url, _ = simplelogin.authorization_url(AUTHORIZATION_BASE_URL)
return flask.redirect(authorization_url)
@app.route("/callback")
def callback():
simplelogin = requests_oauthlib.OAuth2Session(CLIENT_ID, redirect_uri=redirect_uri)
simplelogin.fetch_token(
TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=flask.request.url
)
URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=" + str(simplelogin.access_token)
req = requests.get(url = URL)
print(req.json)
return f"""
Ok
"""
if __name__ == "__main__":
app.run(host="localhost", debug=True)
导入烧瓶
导入请求
导入操作系统
导入请求
客户_ID=“ClientIDKEY”
客户端\u SECRET=“CLIENTSECRETKEY”
重定向_uri=”http://localhost:5000/callback"
授权\基础\ URL=”https://accounts.google.com/o/oauth2/auth"
令牌\u URL=”https://oauth2.googleapis.com/token"
用户信息\u URL=”https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
作用域URL=”https://www.googleapis.com/auth/userinfo.profile"
#这允许我们使用普通的HTTP回调
os.environ[“OAUTHLIB不安全传输”]=“1”
app=烧瓶。烧瓶(\uuuuu名称\uuuuuuu)
@附件路线(“/”)
def index():
返回“”
"""
@app.route(“/login”)
def login():
simplelogin=requests_oauthlib.OAuth2Session(
客户端ID,重定向uri=重定向uri,范围=范围URL
)
授权\u url,\u=simplelogin.authorization\u url(授权\u基本\u url)
返回烧瓶.重定向(授权\ url)
@app.route(“/callback”)
def callback():
simplelogin=requests\u oauthlib.OAuth2Session(客户端\u ID,重定向\u uri=redirect\u uri)
simplelogin.fetch\u令牌(
令牌\ URL,客户端\机密=客户端\机密,授权\响应=flask.request.URL
)
URL=”https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=“+str(simplelogin.access\u令牌)
req=请求.get(url=url)
打印(req.json)
返回f“”
好啊
"""
如果名称=“\uuuuu main\uuuuuuuu”:
app.run(host=“localhost”,debug=True)
我想在进行身份验证时获取ID令牌,而不是访问令牌,或者简单地使用身份验证中的访问令牌来获取ID\u令牌
这里的最终结果(不在这个问题的范围内)是使用jwt令牌并用云端点验证它,这样它们就可以在后端的REST api上使用。所以我设法用python 2.7实现了这一点(因为出于某种原因,他们刚刚决定使用2.7),但概念是相同的 在SCOPE_URL中,我传递了[“openid”],这使得请求返回ID_令牌。然后,我使用该ID_令牌进行了如下调用:
AUTHORIZATION_BASE_URL = "https://accounts.google.com/o/oauth2/auth"
TOKEN_URL = "https://oauth2.googleapis.com/token"
USERINFO_URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
SCOPE_URL = ["openid"]
(...)
@app.route("/callback")
def callback():
simplelogin = requests_oauthlib.OAuth2Session(CLIENT_ID, redirect_uri=redirect_uri)
simplelogin.fetch_token(
TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=flask.request.url
)
ID_Token = simplelogin.token.get('id_token')
URL = "https://oauth2.googleapis.com/tokeninfo?id_token=" + str(ID_Token)
req = requests.get(url=URL)
print(req.content)
return """
Ok
"""
所以我设法用Python2.7实现了这一点(因为出于某种原因,他们刚刚决定使用2.7),但概念是一样的 在SCOPE_URL中,我传递了[“openid”],这使得请求返回ID_令牌。然后,我使用该ID_令牌进行了如下调用:
AUTHORIZATION_BASE_URL = "https://accounts.google.com/o/oauth2/auth"
TOKEN_URL = "https://oauth2.googleapis.com/token"
USERINFO_URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
SCOPE_URL = ["openid"]
(...)
@app.route("/callback")
def callback():
simplelogin = requests_oauthlib.OAuth2Session(CLIENT_ID, redirect_uri=redirect_uri)
simplelogin.fetch_token(
TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=flask.request.url
)
ID_Token = simplelogin.token.get('id_token')
URL = "https://oauth2.googleapis.com/tokeninfo?id_token=" + str(ID_Token)
req = requests.get(url=URL)
print(req.content)
return """
Ok
"""