authlib icon indicating copy to clipboard operation
authlib copied to clipboard

Published 20 hours ago verified publisher icon lepture

JWT authentication issue

Open jmrbcu opened this issue 1 year ago • 3 comments

I need to authenticate with Ring Central JWT workflow. How to use Authlib for this case? I am unable to find how to do something like this in the documentation:

Request: POST

Headers: Content-type: application/x-www-form-urlencoded Authorization: Basic + base64_encoded( Client ID + ":" + Client Secret )

Body:

grant_type: urn:ietf:params:oauth:grant-type:jwt-bearer. assertion: JWT token.

Docs: https://developers.ringcentral.com/guide/authentication/jwt-flow

jmrbcu avatar Feb 22 '24 22:02 jmrbcu

This is the only way I've been able to do it:

session = OAuth2Session(self.client_id, self.client_secret)
session.fetch_token(urljoin(self.base_url, TOKEN_ENDPOINT), grant_type="urn:ietf:params:oauth:grant-type:jwt-bearer", assertion=jwt)

jmrbcu avatar Feb 22 '24 22:02 jmrbcu

I'm in the same boat, and it seems like the AssertionClient and AsyncAssertionClient don't take a signed jwt or even take in the private key. How is this supposed to work?

https://github.com/lepture/authlib/blob/master/authlib/integrations/httpx_client/assertion_client.py

jlambright avatar Feb 29 '24 16:02 jlambright

We were able to track down some implied keywords through reading the source code, but it didn't work.

self.assertion_client = AsyncAssertionClient(
                token_endpoint=f'https://{REDACTED_VARIABLE_1}/oauth/v2/token',
                subject=REDACTED_VARIABLE_2,
                issuer=REDACTED_VARIABLE_2,
                audience=f'https://{REDACTED_VARIABLE_1}',
                grant_type='urn:ietf:params:oauth:grant-type:jwt-bearer',
                token_placement='body',
                claims=self.scopes,
                header=REDACTED_VARIABLE_3,
                key=REDACTED_VARIABLE_4

            )

jlambright avatar Feb 29 '24 16:02 jlambright