fix jwks

2025-09-26 14:45:27 -03:00
parent eeeccaaaa8
commit 1b6e4b7b5e
13 changed files with 131 additions and 212 deletions
--- a/id.saladeaula.digital/app/integrations/apigateway_oauth2/authorization_server.py
+++ b/id.saladeaula.digital/app/integrations/apigateway_oauth2/authorization_server.py
@@ -17,7 +17,6 @@ from config import OAUTH2_REFRESH_TOKEN_EXPIRES_IN
 from .client import OAuth2Client
 from .requests import APIGatewayJsonRequest, APIGatewayOAuth2Request

-DYNAMODB_SORT_KEY = os.getenv('DYNAMODB_SORT_KEY')
 OAUTH2_SCOPES_SUPPORTED = os.getenv('OAUTH2_SCOPES_SUPPORTED')

 logger = Logger(__name__)
@@ -121,7 +120,6 @@ class AuthorizationServer(oauth2.AuthorizationServer):
        self,
        client_id: str,
    ):
-        """Query OAuth client by client_id."""
        client = self._persistence_layer.collection.get_item(
            KeyPair(
                pk='OAUTH2',
--- a/id.saladeaula.digital/app/integrations/apigateway_oauth2/tokens.py
+++ b/id.saladeaula.digital/app/integrations/apigateway_oauth2/tokens.py
@@ -1,4 +1,5 @@
 import time
+from dataclasses import dataclass

 from authlib.oauth2.rfc6749 import (
    AuthorizationCodeMixin,
@@ -8,6 +9,17 @@ from authlib.oauth2.rfc6749 import (
 from layercake.dateutils import fromisoformat, now


+@dataclass(frozen=True)
+class User:
+    id: str
+    name: str
+    email: str
+    email_verified: bool = False
+
+    def get_user_id(self):
+        return self.id
+
+
 class OAuth2AuthorizationCode(AuthorizationCodeMixin):
    def __init__(
        self,
@@ -75,8 +87,8 @@ class OAuth2Token(TokenMixin):
        self.access_token = access_token
        self.refresh_token = refresh_token

-    def get_user(self) -> dict:
-        return self.user
+    def get_user(self) -> User:
+        return User(**self.user)

    def check_client(self, client: ClientMixin) -> bool:
        return self.client_id == client.get_client_id()