Instantly share code, notes, and snippets.

@lepture /CC.md Secret
Last active Sep 16, 2018

Embed
What would you like to do?
Authlib v0.10 Changes

CodeChallenge

authlib.specs.rfc7636.AuthorizationCodeGrant is deprecated, use CodeChallenge as an extension instead:

from authlib.specs.rfc7636 import CodeChallenge

authorization_server.register_grant(MyAuthorizationCodeGrant, [CodeChallenge(required=True)])

OpenID Connect exists_nonce

OAuth 2.0 AuthorizationServer.register_hook is only used in OpenID Connect for exists_nonce. This method is depracted. Instead of using .register_hook, you should define exists_nonce method on each OpenID Connect grant:

from authlib.specs.oidc import grants

class OpenIDCodeGrant(grants.OpenIDCodeGrant):
    def exists_nonce(self, nonce, request):
        return validate_the_given(nonce, request)


class OpenIDImplicitGrant(grants.OpenIDImplicitGrant):
    def exists_nonce(self, nonce, request):
        return validate_the_given(nonce, request)


class OpenIDHybridGrant(grants.OpenIDHybridGrant):
    def exists_nonce(self, nonce, request):
        return validate_the_given(nonce, request)
@lepture

This comment has been minimized.

Owner

lepture commented Aug 26, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment