medmij_oauth.client module¶
Client¶
- class medmij_oauth.client.Client(data_store=None, get_zal=None, get_gnl=None, client_info=None, make_request=None)[source]¶
Class to assist in the OAuth clientside flow
- Parameters
data_store (
DataStore
) – Must be subclass of DataStore, handles data interaction with OAuthSessions seeDataStore
for more info.get_zal (coroutine) – Function that returns a ZAL
get_gnl (coroutine) – Function that returns a GegevensdienstNamenlijst
client_info (dict) – Dict containing info about the client application (client_id and redirect_url for authorization request responses)
make_request (coroutine) – coroutine that makes a post request. Should have the signature
(url:string, body:dict)->dict
. Used to make a authorization exchange request to the oauth server.
- coroutine create_auth_request_url(oauth_session)[source]¶
Build and return authorization request url (FLOW #2)
- Parameters
oauth_session (OAuthSession) – OAuthSession for current zorggebruiker
- Returns
The authorization request url
- Return type
str
- coroutine create_oauth_session(za_name, gegevensdienst_id, **kwargs)[source]¶
Create and return a new OAuthSession to start the oauth flow. Add the zorggebruikers choice of zorgaanbieder gegevensdienst. (FLOW #2)
- Parameters
za_name (string) – Name of zorgaanbieder chosen by the zorggebruiker.
gegevensdienst_id (string) – Id of the gegevensdienst chosen by the zorggebruiker
**kwargs (various) – Keyword arguments get passed on to the data_store.create_oauth_session function, e.g. db object
- Returns
The created OAuthSession
- Return type
- coroutine exchange_authorization_code(oauth_session, **kwargs)[source]¶
Make a request to a oauth server with the supplied make_request function on instantiation of the Client, exchange the received authorization code for an access token and update the oauth_session. (FLOW #12)
- Parameters
oauth_session (OAuthSession) – Authorized oauth session of which to exchange the authorization code
**kwargs (various) – Keyword arguments get passed on to the data_store.save_oauth_session function, e.g. db object
- Returns
The updated OAuthSession containing the access_token
- Return type
- Raises
OAuthException – If the server’s response is invalid
- coroutine get_zal()[source]¶
Return a tuple of the ZAL and GNL (zal, gnl) returned by the get_zal and get_gnl function supplied in instantiation of Client object
- coroutine handle_auth_response(parameters, **kwargs)[source]¶
Handles the response to the authorization request. (FLOW #10, FLOW #11)
- Parameters
parameters (dict) – The query params from the servers’s response to the authorization request
**kwargs (various) – Keyword arguments get passed on to the data_store.get_oauth_session_by_state function, e.g. db object
- Returns
The updated OAuthSession no containing the authorization_code, and authorized set to True
- Return type
- Raises
OAuthException – If validation of the params fails
ValueError – If there is no session found linked to the state parameter in the provided query parameters
Datastore¶
- class medmij_oauth.client.DataStore[source]¶
Bases:
abc.ABC
Abstract Class that handles interaction instantiation, persisting and lookups of OAuthSessions.
- coroutine create_oauth_session(state, za_name, gegevensdienst_id, scope, **kwargs)[source]¶
Create a new oauth_session, persist the oauth_session and return it.
- coroutine get_oauth_session_by_id(oauth_session_id, **kwargs)[source]¶
Get a oauth_session based on it’s id and return it, else return None
OAuthSession¶
Class that should be implemented by implementor of the OAuth client. This class is should be instantiated by your implementation of the DataStore base class and represents the current state of an OAuth Session.
The OAuthSession should at least have the following attributes:
id (uuid)
state (string)
scope (string)
za_name (string)
gegevensdienst_id (string)
authorization_code (string)
authorized (boolean)
access_token (string)
Example implementation:
class OAuthSession():
def __init__(self, state, za_name, gegevensdienst_id, scope):
self.id = str(uuid.uuid4())
self.state = state
self.scope = scope
self.za_name = za_name
self.gegevensdienst_id = gegevensdienst_id
self.authorization_code = None
self.authorized = False
self.access_token = None