Getting refresh_token with lepture/authlib

2019-08-03 12:18发布

I'm using Authlib, and attempting to get a refresh_token from a Hydra server. I have the following code:

from authlib.client import OAuth2Session

client_id = "my-client"
client_secret = "client secret"
token_url = "https://myhydraserver/token"
scope = 'openid email profile offline'
session = OAuth2Session(client_id, client_secret, scope=scope)

token = session.fetch_access_token(token_url)
print(token)

This prints out

{'access_token': 'the-token', 'expires_in': 3599, 'scope': '', 'token_type': 'bearer', 'expires_at': 1519224804}

From the docs, I see that there's a function to get an access token from a refresh_token, but can't find a way to get a refresh_token in the first place. How would I go about getting a refresh_token? Hydra's configured with:

  --grant-types authorization_code,refresh_token,client_credentials,implicit 
  --response-types token,code,id_token 

which should hand out refresh_tokens.

1条回答
干净又极端
2楼-- · 2019-08-03 12:34

client_credentials won't issue refresh token. You need to use authorization_code flow to get the refresh token.

https://docs.authlib.org/en/latest/client/oauth2.html#oauth2session-for-authorization-code

查看更多
登录 后发表回答