You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Method .create_access_token in all grants are deprecated, instead you should define a shared save_token on authorization server.
defsave_token(token, client, user):
ifuser:
user_id=user.get_user_id()
else:
user_id=0# or: user_id = client.user_id# when user is None, it is a client_credentials grant typetok=Token(client_id=client_id, user_id=user_id, **token)
db.session.add(tok)
db.session.commit()
server=AuthorizationServer(app, query_client, save_token)
# or initialize lazilyserver=AuthorizationServer()
server.init_app(app, query_client, save_token)
AuthorizationCodeGrant
Remove .create_access_token implementation, add a .authenticate_user method.
You don't need to implement .create_access_token, just remove it.
RefreshTokenGrant
The changes in RefreshTokenGrant looks the same as AuthorizationCodeGrant.
Instead of .create_access_token, you need to implement a .authenticate_user
method.
https://git.io/vAAUK