This user portal allows you to read and update a user's registration.data field, which is an arbitrary key value store in FusionAuth.
You can read the full blog post here: https://fusionauth.io/blog/2020/09/10/building-profile-portal-with-flask-oauth-apis
This application will use an OAuth Authorization Code workflow and the PKCE extension to log users in and store the access token securely. PKCE stands for Proof Key for Code Exchange, and is often pronounced “pixie”.
We will use Requests-OAuthlib to handle all our OAuth2.0 authorization requests. This library utilizes the Python Requests and OAuthlib libraries to provide an easy-to-use Python interface for building OAuth1 and OAuth2 clients. You can read the docs for more information here: https://requests-oauthlib.readthedocs.io/en/latest/
Requests-OAuthlib library does not support pkce. As a workaround, we will append our pkce parameters to the authorization requests generated by the library. We will need to do it a couple of times, first when we are sending an authorization code request and second during the code exchange process. Other than that, our requirements for this application are being met by this library.
You need to make sure FusionAuth is running and that you have python3/pip3 available.
python3 -m venv venv
. venv/bin/activate
pip3 install Flask
pip3 install requests_oauthlib
pip3 install fusionauth-client
pip3 install pkce
pip3 install requests
- create an application in FusionAuth:
- Set the redirect url to
http://localhost:5000/callback
- Set the logout url to
http://localhost:5000
- Follow form creation as documented here: https://fusionauth.io/blog/2020/08/27/advanced-registration-form and note the form id
- Create an API key
- Set the redirect url to
cp samplesettings.py settings.py
- Update
settings.py
with your values
To run this:
OAUTHLIB_INSECURE_TRANSPORT=1 FLASK_APP=oauth.py python3 -m flask run
Visit the application at http://localhost:5000
run deactivate
to leave the venv environment.