Mercurial > prosody-modules
diff mod_rest/example/prosody_oauth.py @ 5269:0e5a37f55440
mod_rest: Update prosody_oauth.py example to non-legacy OAuth2
Relies on recent mod_http_oauth2 updates
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 23 Mar 2023 12:47:51 +0100 |
parents | ccce785f53e1 |
children | 9a4556a13cc7 |
line wrap: on
line diff
--- a/mod_rest/example/prosody_oauth.py Wed Mar 22 00:09:58 2023 +0100 +++ b/mod_rest/example/prosody_oauth.py Thu Mar 23 12:47:51 2023 +0100 @@ -1,27 +1,45 @@ -from oauthlib.oauth2 import LegacyApplicationClient from requests_oauthlib import OAuth2Session - - -class ProsodyRestClient(LegacyApplicationClient): - pass +import requests class ProsodyRestSession(OAuth2Session): - def __init__(self, base_url=None, token_url=None, rest_url=None, *args, **kwargs): - if base_url and not token_url: - token_url = base_url + "/oauth2/token" - if base_url and not rest_url: - rest_url = base_url + "/rest" - self._prosody_rest_url = rest_url - self._prosody_token_url = token_url + def __init__( + self, base_url, client_name, client_uri, redirect_uri, *args, **kwargs + ): + self.base_url = base_url + discovery_url = base_url + "/.well-known/oauth-authorization-server" - super().__init__(client=ProsodyRestClient(*args, **kwargs)) + meta = requests.get(discovery_url).json() + reg = requests.post( + meta["registration_endpoint"], + json={ + "client_name": client_name, + "client_uri": client_uri, + "redirect_uris": [redirect_uri], + }, + ).json() + + super().__init__(client_id=reg["client_id"], *args, **kwargs) + + self.meta = meta + self.client_secret = reg["client_secret"] + self.client_id = reg["client_id"] + + def authorization_url(self, *args, **kwargs): + return super().authorization_url( + self.meta["authorization_endpoint"], *args, **kwargs + ) def fetch_token(self, *args, **kwargs): - return super().fetch_token(token_url=self._prosody_token_url, *args, **kwargs) + return super().fetch_token( + token_url=self.meta["token_endpoint"], + client_secret=self.client_secret, + *args, + **kwargs + ) def xmpp(self, json=None, *args, **kwargs): - return self.post(self._prosody_rest_url, json=json, *args, **kwargs) + return self.post(self.base_url + "/rest", json=json, *args, **kwargs) if __name__ == "__main__": @@ -30,8 +48,16 @@ # from prosody_oauth import ProsodyRestSession from getpass import getpass - p = ProsodyRestSession(base_url=input("Base URL: "), client_id="app") - - p.fetch_token(username=input("XMPP Address: "), password=getpass("Password: ")) + p = ProsodyRestSession( + input("Base URL: "), + "Prosody mod_rest OAuth 2 example", + "https://modules.prosody.im/mod_rest", + "urn:ietf:wg:oauth:2.0:oob", + ) + + print("Open the following URL in a browser and login:") + print(p.authorization_url()[0]) + + p.fetch_token(code=getpass("Paste Authorization code: ")) print(p.xmpp(json={"disco": True, "to": "jabber.org"}).json())