lepture / authlib

The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
https://authlib.org/
BSD 3-Clause "New" or "Revised" License
4.45k stars 445 forks source link

Restore behaviour in create_authorization_response call which previously accepted a OAuth2Request object as-is #558

Closed TurnrDev closed 1 year ago

TurnrDev commented 1 year ago

What kind of change does this PR introduce? (check at least one)

Does this PR introduce a breaking change? (check one)


lepture commented 1 year ago

Thanks

TurnrDev commented 1 year ago

Amazing, I wasn't sure if this was going to be accepted or not!

Would you accept PRs that add support for more OIDC stuff? I unfortunately noticed this library doesn't supply any framework or even documentation on how to implement /.well-known/openid-configuration or JWKS endpoints.

cas-- commented 1 year ago

Thanks @TurnrDev, this caught me out migrating old code based on Authlib 0.12 with custom create_oauth_request

Until this is released I am using a modified AuthorizationServer

from authlib.oauth2 import OAuth2Request
from authlib.integrations.flask_oauth2 import (
    AuthorizationServer as _AuthorizationServer,
)

class AuthorizationServer(_AuthorizationServer):
    def create_oauth2_request(self, request):
        if isinstance(request, OAuth2Request):
            return request

        return super().create_oauth2_request(request)