-
-
Save dkozel/9e1f110acb8b3e4460bad6daef29c03e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# NOTICE: This code is not for reuse. It is a work in progress illustration of what I'd like to do with the auth0-python library. | |
import http.client | |
from selenium import webdriver # Needed to instantiate a browser whose current URL may be set and read | |
from time import sleep # Needed to prevent busy-waiting for the browser to complete the login process! | |
from json import loads # Only needed if using .loads() instead of manually parsing the final server response | |
### | |
def get_response( conn ): | |
res = conn.getresponse() | |
data = res.read() | |
return data.decode( "utf-8" ) | |
### | |
# Takes a hostname as input, and attempts auth0 authentication using a web browser. | |
# The browser is set to Firefox() currently, but can be any which the Selenium module supports (e.g. Chrome()). | |
# The output is None for an unsuccessful login, or the response dictionary for a successful one. | |
# The token required by the final API is stored under the key "id_token". | |
def get_auth0_tokens( host ): | |
conn = http.client.HTTPSConnection( host ) | |
# Step 1: request an auth0 code | |
# (this seems to return a redirect to a login URL) | |
url1 = "/authorize" | |
client_id = "DEADCAFE012345" | |
redirect_uri = "https://dkozel.auth0.com/mobile" | |
scope = "openid%20profile" | |
state = "csrfnonce" | |
payload1 = f'response_type=code&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}&state={state}' | |
conn.request( "GET", url1 + "?" + payload1 ) | |
response = get_response( conn ) | |
#print( response ) | |
# Step 2: open a browser, and display the login URL | |
rstr = "Found. Redirecting to " | |
if response.find( rstr ) != -1: | |
url2 = response.split( rstr )[ 1 ] | |
driver = webdriver.Firefox() | |
url2 = "https://" + host + url2 | |
driver.get( url2 ) | |
else: | |
print( "ERROR: request for authorisation did not return a valid login URL" ) | |
return | |
# Step 3: wait for the URL in the browser to change (i.e. the user has entered their login information, hopefully correctly!), | |
# and then close the browser | |
response = driver.current_url | |
while( response == url2 ): | |
sleep( 1 ) | |
response = driver.current_url | |
driver.close() | |
# Step 4: attempt to extract the auth0 code from the URL the browser was directed to, | |
# and use if to request (finally!) the id_token needed to register with smartlink.flexlib.com | |
rstr = "code=" | |
if response.find( rstr ) != -1: | |
code = response.split( rstr )[ 1 ] | |
url3 = "/dkozel.auth0.com/oauth/token" | |
headers3 = { 'content-type': "application/x-www-form-urlencoded" } | |
payload3 = f'response_type=token&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}state={state}&grant_type=authorization_code&code={code}' | |
conn.request( "POST", url3, payload3, headers3 ) | |
response = get_response( conn ) | |
#print( response ) | |
else: | |
print( "ERROR: code was not returned during the login attempt; was your login incorrect?" ) | |
return | |
# Step 5: attempt to extract the token data (in particular, id_token) from the auth0 server's response | |
rstr = '"id_token":"' | |
if response.find( rstr ) != -1: | |
response = loads( response ) | |
#print( "id_token is:", response[ "id_token" ] ) | |
return response | |
else: | |
print( "ERROR: id_token was not returned by the auth0 server" ) | |
return | |
############## | |
print( "Using browser-based authentication..." ) | |
HOST = "dkozel.auth0.com" | |
data = get_auth0_tokens( HOST ) | |
print( "Received id_token =", data[ "id_token" ] ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment