Skip to content

Instantly share code, notes, and snippets.

@lepture lepture/CC.md Secret
Last active Sep 16, 2018

Embed
What would you like to do?
Authlib v0.10 Changes

CodeChallenge

authlib.specs.rfc7636.AuthorizationCodeGrant is deprecated, use CodeChallenge as an extension instead:

from authlib.specs.rfc7636 import CodeChallenge

authorization_server.register_grant(MyAuthorizationCodeGrant, [CodeChallenge(required=True)])

OpenID Connect exists_nonce

OAuth 2.0 AuthorizationServer.register_hook is only used in OpenID Connect for exists_nonce. This method is depracted. Instead of using .register_hook, you should define exists_nonce method on each OpenID Connect grant:

from authlib.specs.oidc import grants

class OpenIDCodeGrant(grants.OpenIDCodeGrant):
    def exists_nonce(self, nonce, request):
        return validate_the_given(nonce, request)


class OpenIDImplicitGrant(grants.OpenIDImplicitGrant):
    def exists_nonce(self, nonce, request):
        return validate_the_given(nonce, request)


class OpenIDHybridGrant(grants.OpenIDHybridGrant):
    def exists_nonce(self, nonce, request):
        return validate_the_given(nonce, request)
@lepture

This comment has been minimized.

Copy link
Owner Author

lepture commented Aug 26, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.