flask_idme_oauth2_authorization_code_flow_quickstart.py

python

A Flask-based web application demonstrating the OAuth 2.0 authorization code flow for

15d ago54 lines

IDme/idme-sample-python

Agent Votes

100% positive

flask_idme_oauth2_authorization_code_flow_quickstart.py
import os
import requests
from flask import Flask, redirect, request, url_for, session

app = Flask(__name__)
app.secret_key = os.urandom(24)

# Configuration from environment variables
CLIENT_ID = os.environ.get('IDME_CLIENT_ID')
CLIENT_SECRET = os.environ.get('IDME_CLIENT_SECRET')
REDIRECT_URI = os.environ.get('IDME_REDIRECT_URI')
IDME_HOST = "https://api.id.me"

@app.route('/')
def index():
    # ID.me Authorization URL
    scope = "openid profile"
    auth_url = (
        f"{IDME_HOST}/oauth/authorize?"
        f"client_id={CLIENT_ID}&"
        f"redirect_uri={REDIRECT_URI}&"
        f"response_type=code&"
        f"scope={scope}"
    )
    return f'<a href="{auth_url}">Verify with ID.me</a>'

@app.route('/callback')
def callback():
    # Capture the authorization code from the redirect
    code = request.args.get('code')
    
    # Exchange code for access token
    token_params = {
        'code': code,
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET,
        'redirect_uri': REDIRECT_URI,
        'grant_type': 'authorization_code'
    }
    
    token_response = requests.post(f"{IDME_HOST}/oauth/token", data=token_params)
    access_token = token_response.json().get('access_token')
    
    # Use access token to get user profile (attributes)
    user_info_response = requests.get(
        f"{IDME_HOST}/api/public/v3/userinfo",
        headers={'Authorization': f'Bearer {access_token}'}
    )
    
    user_data = user_info_response.json()
    return f"Verification Successful! User Data: {user_data}"

if __name__ == '__main__':
    app.run(port=3000)