python - Authlib 与 Flask 管理授权，无需重定向

Question

我正在尝试使用 Flask OAuth 客户端连接到使用 Microsoft Azure 托管的服务器。

为了获得授权码，除了 response_type、client_id 和 state 之外，我还需要 POST 到 authorize_url、正文中的用户名和密码。然后服务器在响应中返回授权码。

关于如何使它工作的任何想法？

我尝试了以下多种变体，但是在阅读文档时，我无法确定发送用户名、密码和从授权服务器检索代码的方法：

# Python standard libraries
import os

# Third-party libraries
from flask import Flask, redirect, url_for, session, request, jsonify, render_template

from authlib.integrations.flask_client import OAuth

app = Flask(__name__)
app.debug = True
app.secret_key = os.environ.get("SECRET_KEY") or os.urandom(24)

def ers_compliance_fix(session):

    def _fix(url, headers, data):
        headers = {
            'Ocp-Apim-Subscription-Key': os.environ.get('SUBSCRIPTION_KEY'),
            'Content-Type': 'application/json'
        }
        return url, headers, data

    session.register_compliance_hook('protected_request', _fix)

oauth = OAuth(app)
ers = oauth.register('ers',
               api_base_url='https://xxxxx.com',
               access_token_url='https://xxxxx.com/authtoken/Token.php',
               refresh_token_url='https://xxxxx.com/refreshtoken/Token.php',
               authorize_url='https://xxxxx.com/auth/Authorize.php',
               compliance_fix=ers_compliance_fix,
               client_kwargs=None,
               client_id=os.environ.get('CLIENT_ID'),
               client_secret=os.environ.get('CLIENT_SECRET'),
              )

# Get an Access Token (Authorization Code Grant Type)
#
# Get Authorization Code
# POST https://xxxxx.com/auth/Authorize.php
# Header
# { 
#       Ocp-Apim-Subscription-Key: YOUR_SUBSCRIPTION_KEY
#       Content-Type: application/json
# }
# Body
# {
#       "response_type": "code",
#       "client_id": "YOUR_CLIENT_ID",
#       "username": "ACCOUNT_USERNAME"
#       "password": "ACCOUNT_PASSWORD"
#       "state": "xyz"
# }
# RESPONSE
# "https:\/\/xxxxx.com?code=YOUR_AUTHORIZATION_CODE&state=xyz"

# Exchange Authorization Code for an Access Token
# POST https://xxxxx.com/authtoken/Token.php
# Header
# { 
#       Ocp-Apim-Subscription-Key: YOUR_SUBSCRIPTION_KEY
#       Content-Type: application/json
# }
# Body
# {
#       "grant_type": "authorization_code",
#       "code": YOUR_AUTHORIZATION_CODE,
#       "client_id": "YOUR_CLIENT_ID",
#       "client_secret": "YOUR_CLIENT_SECRET",
#       "redirect_uri": "YOUR_REDIRECT_URI"
# }
# RESPONSE
# {
#       "access_token": "YOUR_ACCESS_TOKEN",
#       "expires_in": 3600,
#       "token_type": "Bearer",
#       "scope": null,
#       "refresh_token": "YOUR_REFRESH_TOKEN"
# }

@app.route('/')
def index():
        resp = ers.authorize_redirect(None, username=os.environ.get('USER_ID'), password=os.environ.get('PASSWORD'))
        token = ers.authorize_access_token()
        print(token)

if __name__ == '__main__':
    app.run(ssl_context='adhoc', host='0.0.0.0', port=8080, debug=True)