CODEWITHSUNDEEP
pythonflaskopenid-connect
bart cubrich
bart cubrich

Reputation: 1254

Alternative for flask-OIDC for python flask OIDC app

I am getting the same error as in this post.

flask-oidc-client-exchange-error

While I would like an answer that solves that problem, I think the main issue is that flask-oidc library is not maintained, and it uses the deprecated oauth2client lib. I am wondering if there is alternative library I can use.

I want to use OIDC with my companies own client setup, and I have all of the details

App Config

app.config.update({
    'DEBUG': True,
    'TESTING': True,
    'SECRET_KEY': 'secret',
    'SERVER_NAME' : 'flask.example.com:8000',
    'OIDC_COOKIE_SECURE': False,
    'OIDC_REQUIRE_VERIFIED_EMAIL': False,
    'OIDC_CALLBACK_ROUTE': '/oidc_callback',
    'OIDC_CLIENT_SECRETS': 'client_secrets.json'
})
oidc = OpenIDConnect(app)

Client JSON

    {
    "web": {
        "auth_uri": "http://openam.example.com:8080/openam/oauth2/realms/root/authorize",
        "issuer": "http://openam.example.com:8080/openam/oauth2/realms/root/",
        "userinfo_uri": "http://openam.example.com:8080/openam/oauth2/realms/root/userinfo",
        "client_id": "MyClientID",
        "client_secret": "password",
        "redirect_uris": [
            "http://localhost:5000/oidc_callback"
        ],
        "token_uri": "http://openam.example.com:8080/openam/oauth2/realms/root/token",
        "token_introspection_uri": "http://openam.example.com:8080/openam/oauth2/realms/root/introspect"
    }
}

Is there another library that support this type of authentication?

Upvotes: 4

Views: 4920

Answers (1)

bart cubrich
bart cubrich

Reputation: 1254

The best answer I could find was to use pyJWT or oauthlib instead of using flask-oidc. I found pyjwt was very straightforward in most respects, and there is an excellent tutorial here:

SSO Using Flask Request Oauthlib and pyjwt

I am not sure of this, but because the error is generated by oauth2client, not flask-oidc, it is possible the error is actually just related to the deprecated oathlib2clientlib.

There was a detailed request to mark the entire flask-oidc project as deprecated, but that request was made several years after the flask-oidc project was stopped being maintained.

Upvotes: 2

Related Questions