I have Authorization server and Resource server... When the client sends a request to the Resource server, my Resource server must send a request to the Authorization server to verify token that it's still valid.
But how to verify it using Authlib? I couldn't find sample in their documentation...
In short I need a something like below:
server = AuthorizationServer(app, query_client=query_client, save_token=save_token)
@bp.route('/oauth/token', methods=['POST'])
def issue_token():
return server.create_token_response()
@bp.route('/oauth/verify', methods=['POST'])
def verify_token():
return server.create_verify_response()
@bp.route('/oauth/revoke', methods=['POST'])
def revoke_token():
return server.create_endpoint_response('revocation')
On post request:
curl -X POST --user {res_ser_id}:{res_ser_secret} -d "client_id={res_ser_id}&client_secret={res_ser_secret}&access_token={access_token}&state={state}" http://127.0.0.1:5000/oauth/verify
How to realize a something like this route?
P.S. For me acceptable any variant, just now I don't know totally how to verify token.