Use code instead of authorization_response

2022-01-20 07:40:11 +01:00 · 2022-01-20 07:40:11 +01:00 · 34796a7d82
commit 34796a7d82
parent 5290bedc77
2 changed files with 8 additions and 4 deletions
--- a/areas/auth/auth.py
+++ b/areas/auth/auth.py
@ -19,10 +19,14 @@ def login():
@cross_origin()
 def hydra_callback():
    state = request.args.get("state")
+    code = request.args.get("code")
    if state == None:
        raise BadRequest("Missing state query param")

-    token = HydraOauth.get_token(state)
+    if code == None:
+        raise BadRequest("Missing code query param")
+
+    token = HydraOauth.get_token(state, code)
    access_token = create_access_token(
        identity=token, expires_delta=timedelta(days=365)
    )
--- a/helpers/hydra_oauth.py
+++ b/helpers/hydra_oauth.py
@ -24,14 +24,14 @@ class HydraOauth:
            raise HydraError(str(err), 500)

    @staticmethod
-    def get_token(state):
+    def get_token(state, code):
        try:
            hydra = OAuth2Session(HYDRA_CLIENT_ID, state=state)
            token = hydra.fetch_token(
                TOKEN_URL,
+                code=code,
+                state=state,
                client_secret=HYDRA_CLIENT_SECRET,
-                authorization_response="https://dashboard.init.stackspin.net"
-                + request.path,
            )

            session["hydra_token"] = token