I have "password grant flow" login with the authlib flask integration working nicely:
@app.route('/login', methods=('GET', 'POST'))
def login():
if request.method == 'GET':
return render_template('login.html')
else:
try:
token = oauth.myOauth2.fetch_access_token(username=request.form.get('username'),
password=request.form.get('password'))
except OAuthError as e:
if e.description:
flash(e.description)
return render_template('login.html')
raise
However, in a previous question I was advised not to use fetch_access_token like this as it's not documented for the flask integration, and to use authorize_access_token instead. This fails with an error werkzeug.exceptions.BadRequestKeyError: 400 Bad Request: The browser (or proxy) sent a request that this server could not understand. KeyError: 'code'
So what is the correct way to do "password grant flow" with the flask integration?
Any advice is welcome.
For the record, @lepture confirmed in the comments above that this use of fetch_access_token is ok.
Entering this answer here to be able to mark the question as answered.