medmij_oauth.client module

Client

class medmij_oauth.client.Client(data_store=None, get_zal=None, get_gnl=None, client_info=None, make_request=None)[source]

Class to assist in the OAuth clientside flow

Parameters

  • data_store (DataStore) – Must be subclass of DataStore, handles data interaction with OAuthSessions see DataStore for more info.

  • get_zal (coroutine) – Function that returns a ZAL

  • get_gnl (coroutine) – Function that returns a GegevensdienstNamenlijst

  • client_info (dict) – Dict containing info about the client application (client_id and redirect_url for authorization request responses)

  • make_request (coroutine) – coroutine that makes a post request. Should have the signature (url:string, body:dict)->dict. Used to make a authorization exchange request to the oauth server.

coroutine create_auth_request_url(oauth_session)[source]

Build and return authorization request url (FLOW #2)

Parameters

oauth_session (OAuthSession) – OAuthSession for current zorggebruiker

Returns

The authorization request url

Return type

str

coroutine create_oauth_session(za_name, gegevensdienst_id, **kwargs)[source]

Create and return a new OAuthSession to start the oauth flow. Add the zorggebruikers choice of zorgaanbieder gegevensdienst. (FLOW #2)

Parameters

  • za_name (string) – Name of zorgaanbieder chosen by the zorggebruiker.

  • gegevensdienst_id (string) – Id of the gegevensdienst chosen by the zorggebruiker

  • **kwargs (various) – Keyword arguments get passed on to the data_store.create_oauth_session function, e.g. db object

Returns

The created OAuthSession

Return type

OAuthSession

coroutine exchange_authorization_code(oauth_session, **kwargs)[source]

Make a request to a oauth server with the supplied make_request function on instantiation of the Client, exchange the received authorization code for an access token and update the oauth_session. (FLOW #12)

Parameters

  • oauth_session (OAuthSession) – Authorized oauth session of which to exchange the authorization code

  • **kwargs (various) – Keyword arguments get passed on to the data_store.save_oauth_session function, e.g. db object

Returns

The updated OAuthSession containing the access_token

Return type

OAuthSession

Raises

OAuthException – If the server’s response is invalid

coroutine get_zal()[source]

Return a tuple of the ZAL and GNL (zal, gnl) returned by the get_zal and get_gnl function supplied in instantiation of Client object

coroutine handle_auth_response(parameters, **kwargs)[source]

Handles the response to the authorization request. (FLOW #10, FLOW #11)

Parameters

  • parameters (dict) – The query params from the servers’s response to the authorization request

  • **kwargs (various) – Keyword arguments get passed on to the data_store.get_oauth_session_by_state function, e.g. db object

Returns

The updated OAuthSession no containing the authorization_code, and authorized set to True

Return type

OAuthSession

Raises

  • OAuthException – If validation of the params fails

  • ValueError – If there is no session found linked to the state parameter in the provided query parameters

Datastore

class medmij_oauth.client.DataStore[source]

Bases: abc.ABC

Abstract Class that handles interaction instantiation, persisting and lookups of OAuthSessions.

coroutine create_oauth_session(state, za_name, gegevensdienst_id, scope, **kwargs)[source]

Create a new oauth_session, persist the oauth_session and return it.

coroutine get_oauth_session_by_id(oauth_session_id, **kwargs)[source]

Get a oauth_session based on it’s id and return it, else return None

coroutine get_oauth_session_by_state(state, **kwargs)[source]

Get a oauth_session based on the state param and return it, else return None

coroutine save_oauth_session(oauth_session, **kwargs)[source]

Persist the current state of the oauth_session and return it

OAuthSession

Class that should be implemented by implementor of the OAuth client. This class is should be instantiated by your implementation of the DataStore base class and represents the current state of an OAuth Session.

The OAuthSession should at least have the following attributes:

  • id (uuid)

  • state (string)

  • scope (string)

  • za_name (string)

  • gegevensdienst_id (string)

  • authorization_code (string)

  • authorized (boolean)

  • access_token (string)

Example implementation:

class OAuthSession():
    def __init__(self, state, za_name, gegevensdienst_id, scope):
        self.id = str(uuid.uuid4())
        self.state = state
        self.scope = scope
        self.za_name = za_name
        self.gegevensdienst_id = gegevensdienst_id
        self.authorization_code = None
        self.authorized = False
        self.access_token = None