0

I am working on creating an api using aws api gateway service. Api gateway is backed by a lambda function written in python.

My Api gateway would be secure and I am using cognito authentication/authorization where consumers would first retrieve oauth token and pass that as Authorization header

I am planning to extend use of scope and planning to map this to my backend service to further narrow down access to underlying resources, if I can extract scope programatically

ex: if scope is myscope/tx - only get all transactions to consumer etc

My Question is that how do I retrieve this scope from oauth token ? I googled and found similar question for java , but unfortunately this was not helpful in my case, here is that url How to retrieve scopes from OAuth token within Spring boot SSO + zuul

I am also aware of using https://jwt.io/ to find this manually but in my case I am looking for a programmatic solution in python

It would be great if someone have ever done this ?

-Thanks

I googled and found similar question for java , but unfortunately this was not helpful in my case, here is that url How to retrieve scopes from OAuth token within Spring boot SSO + zuul

I am also aware of using https://jwt.io/ to find this manually but in my case I am looking for a programmatic solution in python

I am expecting solution in python

hiren mehta
  • 1
  • Found way to extract the scope from oAuth token. below are the steps I followed: * updated api g/w to passed header to lambda * parsed the header * got the Authorization header value which was like Bearer xshyhkfsdvhgviasdfashpifohas... * used second part of the above, note** there are 3 sections separated by period '.' * used python base64 decode function to convert base 64 string * this yeild me json * extracted value of scope from this I hope there is better way to extract this. ~Thanks – hiren mehta Jan 27 '23 at 14:19

0 Answers0