Skip to content
Snippets Groups Projects
Commit 34796a7d authored by Luka's avatar Luka
Browse files

Use code instead of authorization_response

parent 5290bedc
No related branches found
No related tags found
1 merge request!55Resolve "Merge dashboard and dashboard-backend repos"
......@@ -19,10 +19,14 @@ def login():
@cross_origin()
def hydra_callback():
state = request.args.get("state")
code = request.args.get("code")
if state == None:
raise BadRequest("Missing state query param")
token = HydraOauth.get_token(state)
if code == None:
raise BadRequest("Missing code query param")
token = HydraOauth.get_token(state, code)
access_token = create_access_token(
identity=token, expires_delta=timedelta(days=365)
)
......
......@@ -24,14 +24,14 @@ class HydraOauth:
raise HydraError(str(err), 500)
@staticmethod
def get_token(state):
def get_token(state, code):
try:
hydra = OAuth2Session(HYDRA_CLIENT_ID, state=state)
token = hydra.fetch_token(
TOKEN_URL,
code=code,
state=state,
client_secret=HYDRA_CLIENT_SECRET,
authorization_response="https://dashboard.init.stackspin.net"
+ request.path,
)
session["hydra_token"] = token
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment