I need to add trusted clients in SSO using Authlib. These clients are parts of my system and I don't need to the user confirmed it. Now, I use the next code for authorization:
@bp.route("/oauth/authorize", methods=['GET', 'POST'])
def authorize():
user = current_user()
if not user:
return redirect('/sign_in')
if request.method == 'GET':
grant = server.validate_consent_request(end_user=user)
return render_template(
"authorize.html",
grant=grant,
user=user
)
confirmed = request.form['confirm']
if confirmed:
# granted by resource owner
return server.create_authorization_response(user)
# denied by resource owner
return server.create_authorization_response(None)
But how can I pre-register all my clients to they were confirmed automatically?
It could be solved with:
if request.method == 'GET':
grant = server.validate_consent_request(end_user=user)
if is_trust_client(grant.client):
return server.create_authorization_response(user)
You can get the client model instance with grant.client. e.g. You define a column called trusted, then you can use if grant.client.trusted to tell if the client is trusted, if so, return the authorization response.