annotate mod_rest/example/prosody_oauth.py @ 5458:813fe4f76286

mod_http_oauth2: Do minimal validation of private-use URI schemes Per draft-ietf-oauth-v2-1-08#section-2.3.1 > At a minimum, any private-use URI scheme that doesn't contain a period > character (.) SHOULD be rejected. Since this would rule out the OOB URI, which is useful for CLI tools and such without a built-in http server, it is explicitly allowed.
author Kim Alvefur <zash@zash.se>
date Tue, 16 May 2023 22:18:12 +0200
parents 0e5a37f55440
children 9a4556a13cc7
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 from requests_oauthlib import OAuth2Session
5269
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
2 import requests
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 class ProsodyRestSession(OAuth2Session):
5269
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
6 def __init__(
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
7 self, base_url, client_name, client_uri, redirect_uri, *args, **kwargs
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
8 ):
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
9 self.base_url = base_url
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
10 discovery_url = base_url + "/.well-known/oauth-authorization-server"
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11
5269
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
12 meta = requests.get(discovery_url).json()
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
13 reg = requests.post(
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
14 meta["registration_endpoint"],
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
15 json={
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
16 "client_name": client_name,
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
17 "client_uri": client_uri,
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
18 "redirect_uris": [redirect_uri],
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
19 },
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
20 ).json()
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
21
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
22 super().__init__(client_id=reg["client_id"], *args, **kwargs)
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
23
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
24 self.meta = meta
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
25 self.client_secret = reg["client_secret"]
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
26 self.client_id = reg["client_id"]
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
27
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
28 def authorization_url(self, *args, **kwargs):
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
29 return super().authorization_url(
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
30 self.meta["authorization_endpoint"], *args, **kwargs
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
31 )
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 def fetch_token(self, *args, **kwargs):
5269
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
34 return super().fetch_token(
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
35 token_url=self.meta["token_endpoint"],
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
36 client_secret=self.client_secret,
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
37 *args,
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
38 **kwargs
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
39 )
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 def xmpp(self, json=None, *args, **kwargs):
5269
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
42 return self.post(self.base_url + "/rest", json=json, *args, **kwargs)
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 if __name__ == "__main__":
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 # Example usage
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 # from prosody_oauth import ProsodyRestSession
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 from getpass import getpass
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50
5269
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
51 p = ProsodyRestSession(
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
52 input("Base URL: "),
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
53 "Prosody mod_rest OAuth 2 example",
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
54 "https://modules.prosody.im/mod_rest",
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
55 "urn:ietf:wg:oauth:2.0:oob",
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
56 )
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
57
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
58 print("Open the following URL in a browser and login:")
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
59 print(p.authorization_url()[0])
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
60
0e5a37f55440 mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Kim Alvefur <zash@zash.se>
parents: 4953
diff changeset
61 p.fetch_token(code=getpass("Paste Authorization code: "))
4953
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62
ccce785f53e1 mod_rest: Add an example OAuth client (needs mod_http_oauth2)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 print(p.xmpp(json={"disco": True, "to": "jabber.org"}).json())