senra
November 2, 2017, 1:26am
1
I am writing a regression test suite in Python, and I would like to run the equivalent to the code below from Python:
> require("auth0-js"], function(auth0)
> {
> var webAuth = new auth0.WebAuth({
> domain: 'my_domain',
> clientID: 'my_client_id',
> scope: 'openid offline_access',
> responseType: 'token id_token',
> });
> webAuth.client.login({
> realm: 'Username-Password-Authentication',
> username: 'my_user_email',
> password: 'my_password',
> }, (err, authResult) => {
> } else {}
> }); });
The Auth0.js method in question perform a resource owner password credentials grant (technically an extension grant of this one where you can specify a realm) so the equivalent in Python would be to use the login
method in the GetToken
class:
'https://%s/oauth/token' % self.domain,
data={
'client_id': client_id,
'client_secret': client_secret,
'audience': audience,
'grant_type': grant_type,
},
headers={'Content-Type': 'application/json'}
)
def login(self, client_id, client_secret, username, password, scope, realm,
audience, grant_type='http://auth0.com/oauth/grant-type/password-realm'):
"""Calls oauth/token endpoint with password-realm grant type
This is the OAuth 2.0 grant that highly trusted apps utilize in order
to access an API. In this flow the end-user is asked to fill in credentials
(username/password) typically using an interactive form in the user-agent
(browser). This information is later on sent to the client and Auth0.
It is therefore imperative that the client is absolutely trusted with
this information.
senra
November 8, 2017, 12:34am
3
Thanks @jmangelo
I ended up using this code…
def get_tokens(user='rod@work.co',
password='mypassword',
client_id='XXXXXXX',
client_secret='YYYYYYYYY',
domain='your_tenant.auth0.com'):
auth0 = GetToken(domain=domain)
response = auth0.login(client_id,
client_secret,
user,
password,
'openid offline_access',
'Username-Password-Authentication', # also change this
audience='https://your_tenant.auth0.com/api/v2/',
grant_type='password')
return response
Glad it was sorted and thanks for sharing the final code for the benefit of others.