Add role protection to resource servers, remove hardcoded resources
This commit is contained in:
parent
381ce1ebc1
commit
9d3146dc1c
7 changed files with 127 additions and 110 deletions
src/oidc_test
|
|
@ -55,6 +55,8 @@ async def lifespan(app: FastAPI):
|
|||
init_providers()
|
||||
registry.make_registry()
|
||||
for provider in list(providers.values()):
|
||||
if provider.disabled:
|
||||
continue
|
||||
try:
|
||||
await provider.get_info()
|
||||
except NoPublicKey:
|
||||
|
|
@ -106,7 +108,6 @@ async def home(
|
|||
else:
|
||||
context["access_token"] = token["access_token"]
|
||||
# XXX: resources defined externally? I am confused...
|
||||
context["resources"] = provider.resources
|
||||
try:
|
||||
access_token_parsed = provider.decode(token["access_token"], verify_signature=False)
|
||||
except PyJWTError as err:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue