I’m writing a POC with FastAPI as backend. After I login with Okta, The authorization code returned in the form of: http://127.0.0.1:8000/authorization-code/callback?code=hreOS9zj6fulzaozfdqrRc2aBwUDk_GzMeLWt7lqhQw&state=YsG76jo1
So my callback URI is: http://127.0.0.1:8000/authorization-code/callback. But I wasn’t able to retrieve the authorization code: hreOS9zj6fulzaozfdqrRc2aBwUDk_GzMeLWt7lqhQw&state=YsG76jo1 from the authorization header.
Please let me know if I am mistaken and the authorization code should be somewhere else and not in the authorization header. Thank you!
@app.get("/login")
async def log_in_with_okta():
redirect_url = create_authorize_url(
base_url=config(‘OKTA_ISSUER’),
client_id=config(‘OKTA_CLIENT_ID’),
response_type=‘code’,
scope=‘openid profile’,
redirect_uri=‘http://127.0.0.1:8000/authorization-code/callback’,
nonce=‘YsG76jo’,
state=‘YsG76jo1’
)
response = RedirectResponse(redirect_url)
return response
@app.get("/authorization-code/callback")
async def sso_oidc(request: Request):
try:
headers = request.headers
print(request.headers)
if ‘Authorization’ in headers:
print(headers[‘Authorization’])
** It is not in the authorization header
return {“Hello”: “Second Path”}
except Exception as e:
print(request.form)
raise e