Support for the GET /oauth/authorize is broken - returns 500

[LewisPringle]

Just using this example to explore the library, and hard to tell how things are supposed to fit together without docs or a (working) sample.

To reproduce the problem, just setup and run (flask run)

Verify

curl -u ${client_id}:${client_secret} -XPOST http://127.0.0.1:5000/oauth/token -F grant_type=password -F username=${username} -F password=${password} -F scope=profile

works fine/as expected.

Then try (from a web browser probably but thats what I was trying to figure out)
GET http://127.0.0.1:5000/oauth/authorize

Crashes cuz

,,,
  File "/home/lewis/.local/lib/python3.10/site-packages/flask/app.py", line 1796, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
  File "/mnt/c/Sandbox/SimoneOAuth2/example-oauth2-server/website/routes.py", line 101, in authorize
    grant = authorization.get_consent_grant(end_user=user)
AttributeError: 'AuthorizationServer' object has no attribute 'get_consent_grant'

[LewisPringle]

maybe a hint is recent work done?

3fb7a27

Does this maybe count on a different version of authlib?

[LewisPringle]

Another clue is that the requirements.txt file has Authlib==0.14.3. That appears on the old side (from May 2020).

[LewisPringle]

OK - in current code there is:
https://github.com/lepture/authlib/blob/master/authlib/oauth2/rfc6749/authorization_server.py#L201

[LewisPringle]

Well, after updating to the latest version of the library, it works a little better, but now just prints out exception
unsupported_response_type

NOTE - I created a CLIENT with
response_types: ['code', 'token', 'id_token']
not sure which type I'm missing?

[anastasijamalyk]

Hey, I am having the same problem, did you find any solution to it?

[LewisPringle]

still fiddling but yes (sort of). Change the requirements.txt file to point to the latest version of authlib.

…

On Wed, Oct 19, 2022 at 8:52 AM anastasijamalyk ***@***.***> wrote: Hey, I am having the same problem, did you find any solution to it? — Reply to this email directly, view it on GitHub <#90 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAHFVTF6YZUDI4CKL7HXEBTWD7VKLANCNFSM6AAAAAARHL7QYE> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[anastasijamalyk]

I did it, the get_consent_grant error disappeared, but not supported response type is till there

[marcejohnson]

Solved it. Here is how:

1. Changed requirements.txt to use latest Authlib. Perform a fresh pip install -r requirements.txt.
2. Blow away your db.sqlite and let the mixin recreate the database. You will notice two new columns in the oauth2_token table:

• access_token_revoked_at
• refresh_token_revoked_at

3. Restart the app.

Now everything works. Re-tested flow examples in README.md and they pass. Cheers.
Related PR: #91