I’m trying to get the example described in Protect your API endpoints | Okta Developer working, but I run into several problems.
There is a link to the github project okta-flask-api-sample (GitHub - okta-samples/okta-flask-api-sample) which does not really provide OAuth gated end points.
The implementation of @app.before_request leads to infinite redirection and I can’t see how I could add the steps of the article to this code.
Did anybody try to get this working?
Hello,
I’m trying to get the example described in Protect your API endpoints | Okta Developer working, but I run into several problems.
Regarding your first question, could you please confirm the errors you are encountering?
In response to your second question, this is intended for use by a client, not a resource server.
My first and foremost problem is that your example project on github okta-flask-api-sample seems not to be the correct example for the guide how to protect API endpoints.
Trying to start with okta-flask-api-sample I run into the problem that check_route_access in app.py is decorated by @app.before_request to enforce it to be called before any request. However check_route_accesst tries to call /login. On the attempt to call this URI you will be redirected again to check_route_accesst. This causes in infinite redirection.
On your second comment, you are correct. I intend to use an API enabled service for testing a client program.
Is there any other python / fask example for API endpoints available?