medmij_oauth.client module¶
Client¶
-
class
medmij_oauth.client.
Client
(data_store=None, get_zal=None, get_gnl=None, get_whitelist=None, client_info=None, make_request=None)[source]¶ Class to assist in the OAuth clientside flow
Parameters: - data_store (
DataStore
) – Must be subclass of DataStore, handles data interaction with OAuthSessions seeDataStore
for more info. - get_zal (coroutine) – Function that returns a ZAL
- get_whitelist (coroutine) – Function that returns a Whitelist
- get_gnl (coroutine) – Function that returns a
gnl
- client_info (dict) – Dict containing info about the client application (client_id and redirect_url for authorization request responses)
- make_request (coroutine) – coroutine that makes a post request. Should have
the signature
(url:string, body:dict)->dict
. Used to make a authorization exchange request to the oauth server.
-
coroutine
create_auth_request_url
(oauth_session)[source]¶ Build and return authorization request url (FLOW #2)
Parameters: oauth_session (OAuthSession) – OAuthSession for current zorggebruiker Returns: The authorization request url Return type: str Raises: ValueError: If the server’s authorization endpoint is not on the whitelist
-
coroutine
create_oauth_session
(za_name, gegevensdienst_id, **kwargs)[source]¶ Create and return a new OAuthSession to start the oauth flow. Add the zorggebruikers choice of zorgaanbieder gegevensdienst. (FLOW #2)
Parameters: - za_name (string) – Name of zorgaanbieder chosen by the zorggebruiker.
- gegevensdienst_id (string) – Id of the gegevensdienst chosen by the zorggebruiker
- **kwargs (various) – Keyword arguments get passed on to the data_store.create_oauth_session function, e.g. db object
Returns: The created OAuthSession
Return type:
Make a request to a oauth server with the supplied make_request function on instantiation of the Client, exchange the received authorization code for an access token and update the oauth_session. (FLOW #12)
Parameters: - oauth_session (OAuthSession) – Authorized oauth session of which to exchange the authorization code
- **kwargs (various) – Keyword arguments get passed on to the data_store.save_oauth_session function, e.g. db object
Returns: The updated OAuthSession containing the access_token
Return type: Raises: - ValueError – If the server’s token endpoint is not on the whitelist
- OAuthException – If the server’s response is invalid
-
coroutine
get_zal
()[source]¶ Return a tuple of the ZAL and GNL (zal, gnl) returned by the get_zal and get_gnl function supplied in instantiation of Client object
-
coroutine
handle_auth_response
(parameters, **kwargs)[source]¶ Handles the response to the authorization request. (FLOW #10, FLOW #11)
Parameters: - parameters (dict) – The query params from the servers’s response to the authorization request
- **kwargs (various) – Keyword arguments get passed on to the data_store.get_oauth_session_by_state function, e.g. db object
Returns: The updated OAuthSession no containing the authorization_code, and authorized set to True
Return type: Raises: - OAuthException – If validation of the params fails
- ValueError – If there is no session found linked to the state parameter in the provided query parameters
- data_store (
GNL (Gegevensdienstnamenlijst)¶
Datastore¶
-
class
medmij_oauth.client.
DataStore
[source]¶ Bases:
abc.ABC
Abstract Class that handles interaction instantiation, persisting and lookups of OAuthSessions.
-
coroutine
create_oauth_session
(state, za_name, gegevensdienst_id, scope, **kwargs)[source]¶ Create a new oauth_session, persist the oauth_session and return it.
-
coroutine
get_oauth_session_by_id
(oauth_session_id, **kwargs)[source]¶ Get a oauth_session based on it’s id and return it, else return None
-
coroutine
OAuthSession¶
Class that should be implemented by implementor of the OAuth client. This class is should be instantiated by your implementation of the DataStore base class and represents the current state of an OAuth Session.
The OAuthSession should at least have the following attributes:
- id (uuid)
- state (string)
- scope (string)
- za_name (string)
- gegevensdienst_id (string)
- authorization_code (string)
- authorized (boolean)
- access_token (string)
Example implementation:
class OAuthSession():
def __init__(self, state, za_name, gegevensdienst_id, scope):
self.id = str(uuid.uuid4())
self.state = state
self.scope = scope
self.za_name = za_name
self.gegevensdienst_id = gegevensdienst_id
self.authorization_code = None
self.authorized = False
self.access_token = None