diff mod_rest/example/prosody_oauth.py @ 5269:0e5a37f55440

mod_rest: Update prosody_oauth.py example to non-legacy OAuth2 Relies on recent mod_http_oauth2 updates
author Kim Alvefur <zash@zash.se>
date Thu, 23 Mar 2023 12:47:51 +0100
parents ccce785f53e1
children 9a4556a13cc7
line wrap: on
line diff
--- a/mod_rest/example/prosody_oauth.py	Wed Mar 22 00:09:58 2023 +0100
+++ b/mod_rest/example/prosody_oauth.py	Thu Mar 23 12:47:51 2023 +0100
@@ -1,27 +1,45 @@
-from oauthlib.oauth2 import LegacyApplicationClient
 from requests_oauthlib import OAuth2Session
-
-
-class ProsodyRestClient(LegacyApplicationClient):
-    pass
+import requests
 
 
 class ProsodyRestSession(OAuth2Session):
-    def __init__(self, base_url=None, token_url=None, rest_url=None, *args, **kwargs):
-        if base_url and not token_url:
-            token_url = base_url + "/oauth2/token"
-        if base_url and not rest_url:
-            rest_url = base_url + "/rest"
-        self._prosody_rest_url = rest_url
-        self._prosody_token_url = token_url
+    def __init__(
+        self, base_url, client_name, client_uri, redirect_uri, *args, **kwargs
+    ):
+        self.base_url = base_url
+        discovery_url = base_url + "/.well-known/oauth-authorization-server"
 
-        super().__init__(client=ProsodyRestClient(*args, **kwargs))
+        meta = requests.get(discovery_url).json()
+        reg = requests.post(
+            meta["registration_endpoint"],
+            json={
+                "client_name": client_name,
+                "client_uri": client_uri,
+                "redirect_uris": [redirect_uri],
+            },
+        ).json()
+
+        super().__init__(client_id=reg["client_id"], *args, **kwargs)
+
+        self.meta = meta
+        self.client_secret = reg["client_secret"]
+        self.client_id = reg["client_id"]
+
+    def authorization_url(self, *args, **kwargs):
+        return super().authorization_url(
+            self.meta["authorization_endpoint"], *args, **kwargs
+        )
 
     def fetch_token(self, *args, **kwargs):
-        return super().fetch_token(token_url=self._prosody_token_url, *args, **kwargs)
+        return super().fetch_token(
+            token_url=self.meta["token_endpoint"],
+            client_secret=self.client_secret,
+            *args,
+            **kwargs
+        )
 
     def xmpp(self, json=None, *args, **kwargs):
-        return self.post(self._prosody_rest_url, json=json, *args, **kwargs)
+        return self.post(self.base_url + "/rest", json=json, *args, **kwargs)
 
 
 if __name__ == "__main__":
@@ -30,8 +48,16 @@
     # from prosody_oauth import ProsodyRestSession
     from getpass import getpass
 
-    p = ProsodyRestSession(base_url=input("Base URL: "), client_id="app")
-    
-    p.fetch_token(username=input("XMPP Address: "), password=getpass("Password: "))
+    p = ProsodyRestSession(
+        input("Base URL: "),
+        "Prosody mod_rest OAuth 2 example",
+        "https://modules.prosody.im/mod_rest",
+        "urn:ietf:wg:oauth:2.0:oob",
+    )
+
+    print("Open the following URL in a browser and login:")
+    print(p.authorization_url()[0])
+
+    p.fetch_token(code=getpass("Paste Authorization code: "))
 
     print(p.xmpp(json={"disco": True, "to": "jabber.org"}).json())