config = {
"authorization_endpoint": "http://172.17.0.1:8000/login",
"token_endpoint": "http://172.17.0.1:8000/token",
}
secret_key = b'-----BEGIN PRIVATE KEY-----...'
import jwt
from aiohttp import web
cache = {}
async def handle_config(request):
return web.json_response(config)
async def handle_login(request):
uri = request.query['redirect_uri']
state = request.query['state']
email = request.query.get('login_hint', '')
uri += f'?state={state}&code=0000'
#raise web.HTTPFound(uri)
return web.Response(text=f'''
<h1>Login SSO</h1>
<form method="post">
<input type="text" name="email" value="{email}" />
<input type="submit" value="Login" />
</form>
''', content_type='text/html')
async def handle_login_post(request):
data = await request.post()
email = data['email']
uri = request.query['redirect_uri']
state = request.query['state']
code = state[::-1]
cache[code] = email
uri += f'?state={state}&code={code}'
raise web.HTTPFound(uri)
async def handle_token(request):
data = await request.post()
code = data['code']
payload = {'email': cache[code]}
token = jwt.encode(payload, secret_key, algorithm="RS256")
return web.json_response({"id_token": token})
app = web.Application()
app.add_routes([
web.get('/.well-known/openid-configuration', handle_config),
web.get('/login', handle_login),
web.post('/login', handle_login_post),
web.post('/token', handle_token),
])
if __name__ == '__main__':
print(jwt.encode({'iss': 'http://localhost', 'email': 'ttoto', 'aud': 'foo'}, secret_key, algorithm="RS256"))
web.run_app(app, host='*', port=8000)