When using Authlib with a service like GitHub, is it necessary to implement fetch_token if we only want to use the token once in order to retrieve a user's profile (from https://api.github.com/user)? I see that "If OAuth login is what you want ONLY, you don’t need fetch_token at all," though technically we want a bit more than that, since we're calling github.get after calling github.authorize_access_token:
import os
from authlib.flask.client import OAuth
from authlib.client.apps import github
from flask import Flask, redirect, session, url_for
app = Flask(__name__)
oauth = OAuth(app)
app.config["GITHUB_CLIENT_ID"] = os.getenv("GITHUB_CLIENT_ID")
app.config["GITHUB_CLIENT_SECRET"] = os.getenv("GITHUB_CLIENT_SECRET")
app.config["GITHUB_CLIENT_KWARGS"] = {"scope": "user:email"}
github.register_to(oauth)
...
@app.route("/login")
def login():
redirect_uri = url_for("authorize", _external=True)
return github.authorize_redirect(redirect_uri)
@app.route("/authorize")
def authorize():
token = github.authorize_access_token()
user = github.get("user").json()
session["login"] = user["login"]
return redirect(url_for("index"))
It appears that github.get("user") succeeds (as does a call to, e.g., github.profile) even without storing token in, e.g., session or a database and returning it via calls to a fetch_token function?