Skip to content

Authenticate Resources for REST API

Jump to bottom
Bishal Pun edited this page Jun 3, 2018 · 2 revisions

Authenticate resources for REST API

This section shows the steps to authenticate the resources for REST API request sent by clients with JWT.

Note

This tutorial is for the backend developer who are creating REST API for a client.

  1. Import the JWT Validator.
from odoo.addons.oauth_provider_jwt.oauth2.validator import JWTOdooValidator
  1. Call the authenticate_jwt method for authenticating the API request.
# -*- coding: utf-8 -*-

import werkzeug
import json
from odoo import http
from odoo.addons import oauth_provider
from odoo.addons.web.controllers.main import ensure_db
from ..oauth2.validator import JWTOdooValidator


class OAuth2ProviderController(
        http.Controller):
    @http.route(
        '/oauth2/public_key', type='http', auth='none', methods=['GET'])
    @http.route(
        '/oauth2/test', type='http', auth='none', methods=['GET'])
    def test(self, access_token=None, *args, **kwargs):
        """ Returns the public key of the requested client """
        ensure_db()

        token, payload = JWTOdooValidator.authenticate_jwt(http.request.httprequest, *args, **kwargs)
        if not token:
            return self._json_response(
                data={'error': 'invalid_or_expired_token'}, status=401)

        data = {'check': 'helloworld!'}
        return self._json_response(data=data)

JWTOdooValidator.authenticate_jwt(http.request.httprequest, *args, **kwargs)

  1. Authenticating API Request with HMAC

Clone this wiki locally