Use code instead of authorization_response

34796a7d · Luka · 5290bedc · 34796a7d · 34796a7d
Commit 34796a7d authored 3 years ago by Luka
--- a/areas/auth/auth.py
+++ b/areas/auth/auth.py
@@ -19,10 +19,14 @@ def login():
 @cross_origin()
 def hydra_callback():
    state = request.args.get("state")
+    code = request.args.get("code")
    if state == None:
        raise BadRequest("Missing state query param")

-    token = HydraOauth.get_token(state)
+    if code == None:
+        raise BadRequest("Missing code query param")
+
+    token = HydraOauth.get_token(state, code)
    access_token = create_access_token(
        identity=token, expires_delta=timedelta(days=365)
    )

--- a/helpers/hydra_oauth.py
+++ b/helpers/hydra_oauth.py
@@ -24,14 +24,14 @@ class HydraOauth:
            raise HydraError(str(err), 500)

    @staticmethod
-    def get_token(state):
+    def get_token(state, code):
        try:
            hydra = OAuth2Session(HYDRA_CLIENT_ID, state=state)
            token = hydra.fetch_token(
                TOKEN_URL,
+                code=code,
+                state=state,
                client_secret=HYDRA_CLIENT_SECRET,
-                authorization_response="https://dashboard.init.stackspin.net"
-                + request.path,
            )

            session["hydra_token"] = token