1
Example 1 with an “authorization code flow” in Python
This a typical integration with a client-server application.
We use the flask-pyoic lib , https://altme-documentation.gitbook.io/altmes-documentation/altme-saas/quick-start
Install with pip install Flask-pyoidc==3.11.0
This verifier parameters for an authorization code flow are :
- client_id : xgdfdbzwri
- client_secret : 0b80ec35-1941-11ed-a869-0a1628958560
Let’s see the code.
NB : you may need to setup ngrok to get the callback if you cannot install it on a internet web server.
import flask
from flask import Flask, jsonify
from flask_pyoidc import OIDCAuthentication
from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata
from flask_pyoidc.user_session import UserSession
# Init Flask
app = Flask(__name__)
app.config.update(
OIDC_REDIRECT_URI = 'http://127.0.0.1:4000/callback', # your application redirect uri. Must be replaced by ngrok route if local to your desktop
SECRET_KEY = "lkjhlkjh" # your application secret code for session, random
)
"""
Init OpenID Connect client PYOIDC with teh 3 bridge parameters : client_id, client_secret and issuer URL
"""
client_metadata = ClientMetadata(
client_id='xgdfdbzwri',
client_secret= '0b80ec35-1941-11ed-a869-0a1628958560',
post_logout_redirect_uris=['http://127.0.0.1:4000/logout']) # your post logout uri (optional)
provider_config = ProviderConfiguration(issuer='https://talao.co/sandbox/op',
client_metadata=client_metadata)
auth = OIDCAuthentication({'default': provider_config}, app)
"""
Verifiable Credential presented by user is transfered through vp_token in OAuth2 userinfo endpoint
"""
@app.route('/')
@auth.oidc_auth('default')
def index():
user_session = UserSession(flask.session)
return jsonify(access_token=user_session.access_token,
id_token=user_session.id_token,
userinfo=user_session.userinfo) # this is the user credential
# use with ngrok
if __name__ == '__main__':
IP = "127.0.0.1"
app.run( host = IP, port=4000, debug =True)9692-0a1628958560
NB : with that lib, you do not have to manage the id_token, user info and the signature check. All metada needed by the lib is available in the openid config : https://talao.co/sandbox/op/.well-known/openid-configuration
Last modified 1mo ago