1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
===================
Metadata endpoint
===================
OAuth2.0 Authorization Server Metadata (`RFC8414`_) endpoint provide the metadata of your authorization server. Since the metadata results can be a combination of OAuthlib's Endpoint (see :doc:`preconfigured_servers`), the MetadataEndpoint's class takes a list of Endpoints in parameter, and aggregate the metadata in the response.
See below an example of usage with `bottle-oauthlib`_ when using a `LegacyApplicationServer` (password grant) endpoint:
.. code-block:: python
import bottle
from bottle_oauthlib.oauth2 import BottleOAuth2
from oauthlib import oauth2
app = bottle.Bottle()
app.authmetadata = BottleOAuth2(app)
oauthlib_server = oauth2.LegacyApplicationServer(oauth2.RequestValidator())
app.authmetadata.initialize(oauth2.MetadataEndpoint([oauthlib_server], claims={
"issuer": "https://xx",
"token_endpoint": "https://xx/token",
"revocation_endpoint": "https://xx/revoke",
"introspection_endpoint": "https://xx/tokeninfo"
}))
@app.get('/.well-known/oauth-authorization-server')
@app.authmetadata.create_metadata_response()
def metadata():
pass
if __name__ == "__main__":
app.run() # pragma: no cover
Sample response's output:
.. code-block:: javascript
$ curl -s http://localhost:8080/.well-known/oauth-authorization-server|jq .
{
"issuer": "https://xx",
"token_endpoint": "https://xx/token",
"revocation_endpoint": "https://xx/revoke",
"introspection_endpoint": "https://xx/tokeninfo",
"grant_types_supported": [
"password",
"refresh_token"
],
"token_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
],
"revocation_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
],
"introspection_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
]
}
.. autoclass:: oauthlib.oauth2.MetadataEndpoint
:members:
.. _`RFC8414`: https://tools.ietf.org/html/rfc8414
.. _`bottle-oauthlib`: https://github.com/thomsonreuters/bottle-oauthli
|