Python如何通过使用oauthlib的帐户身份验证来获取ID_令牌以与Open ID Connect一起使用

2024-10-01 04:44:49 发布

您现在位置:Python中文网/ 问答频道 /正文
7955 3

现在,我可以使用requests_oauthlib和作用域获取访问令牌。不过,我希望能够获得完整的ID_代币,并想知道这是否可能与我所做的事情的方式

import flask
import requests_oauthlib
import os
import requests


CLIENT_ID = "ClientIDKEY"
CLIENT_SECRET = "CLIENTSECRETKEY"
redirect_uri = "http://localhost:5000/callback"

AUTHORIZATION_BASE_URL = "https://accounts.google.com/o/oauth2/auth"
TOKEN_URL = "https://oauth2.googleapis.com/token"
USERINFO_URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
SCOPE_URL = "https://www.googleapis.com/auth/userinfo.profile"

# This allows us to use a plain HTTP callback
os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"

app = flask.Flask(__name__)


@app.route("/")
def index():
    return """
    <a href="/login">Login with Google</a> 
    """


@app.route("/login")
def login():
    simplelogin = requests_oauthlib.OAuth2Session(
        CLIENT_ID, redirect_uri=redirect_uri, scope=SCOPE_URL
    )
    authorization_url, _ = simplelogin.authorization_url(AUTHORIZATION_BASE_URL)

    return flask.redirect(authorization_url)


@app.route("/callback")
def callback():
    simplelogin = requests_oauthlib.OAuth2Session(CLIENT_ID, redirect_uri=redirect_uri)
    simplelogin.fetch_token(
        TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=flask.request.url
    )
    URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=" + str(simplelogin.access_token)
    req = requests.get(url = URL)
    print(req.json)
    return f"""
    Ok
    """

if __name__ == "__main__":
    app.run(host="localhost", debug=True)

我想在进行身份验证时获取ID令牌,而不是访问令牌,或者简单地使用身份验证中的访问令牌来获取ID\u令牌

这里的最终结果(不在这个问题的范围内)是使用jwt令牌并用云端点验证它,这样就可以在后端的RESTAPI上使用它们


Tags: httpsimportcomclientidappurlflask
1条回答
网友
1楼 · 发布于 2024-10-01 04:44:49

所以我设法用Python2.7实现了这一点(因为出于某种原因,他们刚刚决定使用2.7),但概念是一样的

在SCOPE_URL中,我传递了[“openid”],这使得请求返回ID_令牌。然后,我使用该ID_令牌进行了如下调用:

AUTHORIZATION_BASE_URL = "https://accounts.google.com/o/oauth2/auth"
TOKEN_URL = "https://oauth2.googleapis.com/token"
USERINFO_URL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
SCOPE_URL = ["openid"]

(...)    

@app.route("/callback")
def callback():
    simplelogin = requests_oauthlib.OAuth2Session(CLIENT_ID, redirect_uri=redirect_uri)
    simplelogin.fetch_token(
        TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=flask.request.url
    )
    ID_Token = simplelogin.token.get('id_token')
    URL = "https://oauth2.googleapis.com/tokeninfo?id_token=" + str(ID_Token)
    req = requests.get(url=URL)
    print(req.content)
    return """
    Ok
    """

相关问题 更多 >

    编程相关推荐