How can I obtain an id_token from Python code

senra · November 2, 2017, 1:26am

I am writing a regression test suite in Python, and I would like to run the equivalent to the code below from Python:

> require("auth0-js"], function(auth0)
> {
>     var webAuth = new auth0.WebAuth({
>         domain: 'my_domain', 
>         clientID: 'my_client_id',
>         scope: 'openid offline_access',
>         responseType: 'token id_token',
>     });    
>     webAuth.client.login({
>             realm: 'Username-Password-Authentication',
>             username: 'my_user_email', 
>             password: 'my_password', 
>         }, (err, authResult) => {
>             } else {}
>         }); });

jmangelo · November 7, 2017, 9:29pm

The Auth0.js method in question perform a resource owner password credentials grant (technically an extension grant of this one where you can specify a realm) so the equivalent in Python would be to use the login method in the GetToken class:

github.com

auth0/auth0-python/blob/d18417c8e9284f84d5353157a1eaa360e6634a69/auth0/v3/authentication/get_token.py#L123


      
                  'https://%s/oauth/token' % self.domain,
                  data={
                      'client_id': client_id,
                      'client_secret': client_secret,
                      'audience': audience,
                      'grant_type': grant_type,
                  },
                  headers={'Content-Type': 'application/json'}
              )
          
          
def login(self, client_id, client_secret, username, password, scope, realm,
                    audience, grant_type='http://auth0.com/oauth/grant-type/password-realm'):
              """Calls oauth/token endpoint with password-realm grant type
          
          

          
    This is the OAuth 2.0 grant that highly trusted apps utilize in order
              to access an API. In this flow the end-user is asked to fill in credentials
              (username/password) typically using an interactive form in the user-agent
              (browser). This information is later on sent to the client and Auth0.
              It is therefore imperative that the client is absolutely trusted with
              this information.

senra · November 8, 2017, 12:34am

Thanks @jmangelo
I ended up using this code…

def get_tokens(user='rod@work.co',
                 password='mypassword',
                 client_id='XXXXXXX',
                 client_secret='YYYYYYYYY',
                 domain='your_tenant.auth0.com'):

    auth0 = GetToken(domain=domain)
    response = auth0.login(client_id,
                           client_secret,
                           user,
                           password,
                           'openid offline_access',
                           'Username-Password-Authentication', # also change this
                           audience='https://your_tenant.auth0.com/api/v2/',
                           grant_type='password')
    return response

jmangelo · November 10, 2017, 9:32pm

Glad it was sorted and thanks for sharing the final code for the benefit of others.

Topic		Replies	Views
Javascript login Help	2	3846	August 28, 2019
Retrieving IdToken in Python app for use with AWS Cognito: HTTP error 403 Help	9	7004	December 17, 2018
Obtain user access_token from Python for unit tests Help tests , testing , access_token , python	3	9475	August 27, 2019
How to retrieve access_token for user with only email, client id and client secret? Help management-api , users	2	246	May 7, 2024
How can I script using Python/Ruby to get a full IdToken JWT.io jwt , ruby , script , automated	2	4720	July 25, 2019

How can I obtain an id_token from Python code

Thanks @jmangelo I ended up using this code…

Related topics

Thanks @jmangelo
I ended up using this code…