raykoshima
raykoshima12mo ago

how do I get standard token using loginname and password?

I mean this document is point to how to get session token https://zitadel.com/docs/guides/integrate/login-ui/username-password but it can't use as user token like the one from /oauth/v2/token that got from ubtrispection callback code I also try this https://zitadel.com/docs/guides/integrate/login-ui/oidc-standard#get-auth-request-by-id and it said Auth Request does not exist but I have send a requestAuthID that got from http request get /oauth/v2/authorize here is my code (python django) 
def post(self, request):
        data = json.loads(request.body.decode('utf-8'))

        payload = {
            "checks": {
                "user": {
                    "loginName": data['email']
                },
                "password": {
                    "password": data['password']
                }
            }
        }

        headers = {
            "Content-Type": "application/json",
            "Authorization": f"Bearer {serviceusertoken}"
        }

        response = requests.post(f"{settings.ZITADEL_DOMAIN}/v2/sessions", headers=headers, json=payload)

        status_code = response.status_code
        response_body = {}

        try:
            response_body = response.json()
        except json.JSONDecodeError:
            response_body = response.text

        print(f"Status Code: {status_code}")
        print("Response Body:", response_body)

        #get authRequestID https://zitadel.com/docs/guides/integrate/login-ui/oidc-standard#finalize-auth-request
        request_auth_id = requests.get(url, allow_redirects=True)
        redirected_url = request_auth_id.url
        requestAuthID = str(redirected_url)
        request_id = requestAuthID.split("authRequestID=")
        authRequestID = request_id[1]

        payload = json.dumps({
            "session": {
                "sessionId": response_body.get('sessionId'),
                "sessionToken": response_body.get('sessionToken')
            },
        })

        callbackurl = requests.post(f"{settings.ZITADEL_DOMAIN}/v2/oidc/auth_requests/{authRequestID}" , headers=headers , data=payload)
        try:
            callback_body = callbackurl.json()
        except json.JSONDecodeError:
            callback_body = callbackurl.text



        return JsonResponse({"status_code": status_code, "requestAuthID" : authRequestID , "body": response_body , "callback" : callback_body})
def post(self, request):
        data = json.loads(request.body.decode('utf-8'))

        payload = {
            "checks": {
                "user": {
                    "loginName": data['email']
                },
                "password": {
                    "password": data['password']
                }
            }
        }

        headers = {
            "Content-Type": "application/json",
            "Authorization": f"Bearer {serviceusertoken}"
        }

        response = requests.post(f"{settings.ZITADEL_DOMAIN}/v2/sessions", headers=headers, json=payload)

        status_code = response.status_code
        response_body = {}

        try:
            response_body = response.json()
        except json.JSONDecodeError:
            response_body = response.text

        print(f"Status Code: {status_code}")
        print("Response Body:", response_body)

        #get authRequestID https://zitadel.com/docs/guides/integrate/login-ui/oidc-standard#finalize-auth-request
        request_auth_id = requests.get(url, allow_redirects=True)
        redirected_url = request_auth_id.url
        requestAuthID = str(redirected_url)
        request_id = requestAuthID.split("authRequestID=")
        authRequestID = request_id[1]

        payload = json.dumps({
            "session": {
                "sessionId": response_body.get('sessionId'),
                "sessionToken": response_body.get('sessionToken')
            },
        })

        callbackurl = requests.post(f"{settings.ZITADEL_DOMAIN}/v2/oidc/auth_requests/{authRequestID}" , headers=headers , data=payload)
        try:
            callback_body = callbackurl.json()
        except json.JSONDecodeError:
            callback_body = callbackurl.text



        return JsonResponse({"status_code": status_code, "requestAuthID" : authRequestID , "body": response_body , "callback" : callback_body})
No description
4 Replies
FFO
FFO12mo ago
Just to point you to the right direction? Do you want to implement a login in your app, build your own login or just use a login?
raykoshima
raykoshimaOP12mo ago
build my own login ui -> send loginname , password -> get access token
raykoshima
raykoshimaOP11mo ago
can I get access token by session id and session token? I read this docs https://zitadel.com/docs/guides/integrate/login-ui/oidc-standard#finalize-auth-request from request url in api docs https://zitadel.com/docs/apis/resources/oidc_service_v2/oidc-service-create-callback it said it need :authRequestId where do I get :authRequestId from?
ZITADEL Docs
Finalize an Auth Request and get the callback URL for success or failure. The user must be redirected to the URL in order to inform the application about the success or failure. On success, the URL contains details for the application to obtain the tokens. This method can only be called once for an Auth request.
ZITADEL Docs
To build your own login ui for your own application it is not necessary to have the OIDC standard included or any additional work that has to be done.
raykoshima
raykoshimaOP11mo ago
nevermind I just learn how to use search button and found this https://discord.com/channels/927474939156643850/1212494819281207376/1214986183046602812

Did you find this page helpful?