I am implementing a Oauth for different services and I am using "OAuth2ConsumerBlueprint" (using flask-dance). I was thinking about Flask-OAuth but I think I would end up with the same issues I am facing with Flask-Dance. What I am planning to do is:
User go on ".mydomain.com"
User click on Login via FB for example
User goes on social.mydomain.com (so that the authorized URL is always the same)
User after login should be brought to ".mydomain.com"
it looks like I cannot find a way to do it.. It should be feasible. I tried to parse out different information eg.:
print(request)
print(request.referrer)
I even used: @oauth_authorized.connect Printed all the information to see if I could collect some additional information to reuse
print(vars(request))
print(vars(blueprint))
print(vars(token))
print(session)
Also I tried to add in the GET parameters a "foo" variable to see if I could read it back again from the social.mydomain.com but I couldn't. No idea on how to redirect the user back to the original .mydomain.com
Any suggestions here on how can I have the authentication done on a specific subdomain (so I only need to whitelist one subdomain) and then redirect the user to his own domain?
That is how I setup everything:
facebook = OAuth2ConsumerBlueprint(
"fb_social", __name__, url_prefix='/fb',
client_id=FB_CLIENT_ID,
client_secret=FB_SECRET,
scope='email',
base_url="https://graph.facebook.com/",
token_url="https://graph.facebook.com/oauth/access_token",
authorization_url="https://www.facebook.com/dialog/oauth",
redirect_to='fb_social.social_facebook',
)
Thanks a lot