pyeudiw.satosa.frontends.openid4vci.models package

Submodules

pyeudiw.satosa.frontends.openid4vci.models.auhtorization_detail module

class pyeudiw.satosa.frontends.openid4vci.models.auhtorization_detail.AuthorizationDetail(*, type: str = None, credential_configuration_id: str = None, credential_identifiers: List[str] | None = None)

Bases: OpenId4VciBaseModel

check_authorization_detail() → AuthorizationDetail

credential_configuration_id: str

credential_identifiers: List[str] | None

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

type: str

validate_credential_configuration_id(endpoint: str)

validate_type(endpoint: str)

pyeudiw.satosa.frontends.openid4vci.models.authorization_request module

class pyeudiw.satosa.frontends.openid4vci.models.authorization_request.AuthorizationRequest(*, client_id: str = None, request_uri: str = None)

Bases: OpenId4VciBaseModel

Represents an authorization request in the OpenID4VCI flow.

Attributes:

client_id (str): The client identifier making the authorization request. request_uri (str): The URI referencing the request object.

Validation rules:

• client_id must be present and must match the client_id from the context.

• request_uri must be present and must match the par_request_uri value from the context.

Raises:

InvalidRequestException: If any of the validation rules fail, with an appropriate error message.

check_authorization_request() → AuthorizationRequest

client_id: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

request_uri: str

validate_client_id(endpoint: str)

validate_request_uri(endpoint: str)

pyeudiw.satosa.frontends.openid4vci.models.authorization_response module

class pyeudiw.satosa.frontends.openid4vci.models.authorization_response.AuthorizationResponse(*, code: str = <factory>, state: str, iss: str)

Bases: BaseModel

Represents an authorization response containing code, state, and issuer.

Attributes:

code (str): The authorization code to return. If not provided, a random UUID is used.

code: str

iss: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

state: str

to_redirect_response(url: str) → Redirect

Constructs a SATOSA Redirect response by encoding the current AuthorizationResponse fields as query parameters and appending them to the provided base URL.

Args:

url (str): The base redirect URI.

Returns:

Redirect: A SATOSA Redirect object containing the full redirect URI with parameters.

pyeudiw.satosa.frontends.openid4vci.models.config module

class pyeudiw.satosa.frontends.openid4vci.models.config.PyeudiwFrontendConfig(*, jwt: JWTConfig, metadata: Metadata, user_storage: Storage, credential_storage: Storage, endpoints: dict[str, EndpointDefConfig], credential_configurations: CredentialConfigurationsConfig | None = None)

Bases: BaseModel

credential_configurations: CredentialConfigurationsConfig | None

credential_storage: Storage

endpoints: dict[str, EndpointDefConfig]

jwt: JWTConfig

metadata: Metadata

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

user_storage: Storage

pyeudiw.satosa.frontends.openid4vci.models.credential_endpoint_request module

class pyeudiw.satosa.frontends.openid4vci.models.credential_endpoint_request.CredentialEndpointRequest(*, credential_identifier: str = None, credential_configuration_id: str = None, proof: Proof = None, transaction_id: str = None)

Bases: OpenId4VciBaseModel

Model for incoming Credential Endpoint requests.

Attributes:

credential_identifier (str): Required if authorization_details include openid_credential. credential_configuration_id (str): Required only if credential_identifiers is not present. proof (Proof): Required. Contains the JWT-based proof. transaction_id (str): Optional. Required only in deferred flows.

Validation:

• credential_identifier must be present if openid_credential is in use.

• credential_configuration_id must not be used when credential_identifier is present.

• proof must include a valid JWT.

check_credential_endpoint_request() → CredentialEndpointRequest

credential_configuration_id: str

credential_identifier: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

proof: Proof

transaction_id: str

validate_credential_id()

validate_proof()

validate_transaction_id()

class pyeudiw.satosa.frontends.openid4vci.models.credential_endpoint_request.Proof(*, proof_type: str = None, jwt: str = None)

Bases: OpenId4VciBaseModel

Represents the ‘proof’ object required in the Credential Endpoint request, used to verify possession of key material by the Credential holder.

Attributes:

proof_type (str): MUST be “jwt”. Denotes the type of the proof. jwt (str): A JWT string that contains the actual proof of possession.

Validation:

• proof_type must be present and must equal “jwt”.

• jwt must be a non-empty string.

check_proof() → Proof

jwt: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

proof_type: str

validate_jwt()

validate_prof_type()

class pyeudiw.satosa.frontends.openid4vci.models.credential_endpoint_request.ProofJWT(*, alg: str = None, typ: str = None, jwk: str = None, iss: str = None, aud: str = None, iat: int = None, nonce: str = None)

Bases: OpenId4VciBaseModel

Represents the decoded JWT used in proof of possession.

Attributes:

alg (str): JWT signing algorithm used. typ (str): JWT type, MUST be “openid4vci-proof+jwt”. jwk (str): The public key in JWK format. iss (str): JWT issuer, MUST match the client_id. aud (str): Audience, MUST match the entity_id of the Credential Issuer. iat (int): Issued At, a valid UNIX timestamp. nonce (str): One-time nonce for replay protection.

Validation:

• Each field must be non-empty (where required).

• JWT typ must be “openid4vci-proof+jwt”.

• JWT iss, aud, and nonce must match contextual values.

alg: str

aud: str

check_proof() → ProofJWT

iat: int

iss: str

jwk: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

nonce: str

typ: str

validate_alg()

validate_aud()

validate_iat()

validate_iss()

validate_jwk()

validate_nonce()

validate_typ()

pyeudiw.satosa.frontends.openid4vci.models.credential_endpoint_response module

class pyeudiw.satosa.frontends.openid4vci.models.credential_endpoint_response.CredentialEndpointResponse(*, credentials: List[CredentialItem] | None = None, notification_id: str | None = None, lead_time: int | None = None, transaction_id: str | None = None)

Bases: DeferredCredentialEndpointResponse

Represents the payload of a Credential Request, supporting both immediate and deferred flows.

lead_time: int | None

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

static to_response(credentials: List[CredentialItem]) → Response

Create a SATOSA Response with a JSON payload.

A CredentialEndpointResponse instance is created and wrapped in a SATOSA Response object with appropriate headers.

Returns:

Response: A SATOSA Response object with:

• application/json content type

• payload

transaction_id: str | None

pyeudiw.satosa.frontends.openid4vci.models.credential_offer_request module

class pyeudiw.satosa.frontends.openid4vci.models.credential_offer_request.AuthorizationCode(*, issuer_state: str = None, authorization_server: str = None)

Bases: OpenId4VciBaseModel

Model representing the authorization code grants included in a Credential Offer request.

Attributes:

issuer_state (str): State identifier from the issuer, required for the credential offer. authorization_server (str): Identifier of the authorization server responsible for issuing the credential.

Validation:

• issuer_state must be a non-empty string.

• authorization_server must be non-empty and must be listed in the allowed authorization servers as defined in the configuration context.

Raises:

InvalidRequestException: If any required field is missing or invalid.

authorization_server: str

check_authorization_code() → AuthorizationCode

Validate the AuthorizationCode fields after model initialization.

Strips whitespace and checks mandatory fields, raising exceptions on failure.

Returns:

AuthorizationCode: The validated AuthorizationCode instance.

Raises:

InvalidRequestException: On missing or invalid fields.

issuer_state: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

validate_authorization_server()

Validates the authorization server identifier against the configured list.

Raises:

InvalidRequestException: If the authorization server is missing or not allowed.

class pyeudiw.satosa.frontends.openid4vci.models.credential_offer_request.CredentialOfferRequest(*, credential_issuer: str = None, credential_configuration_ids: List[str] = None, grants: AuthorizationCode = None)

Bases: OpenId4VciBaseModel

Model representing a Credential Offer request payload.

Attributes:

credential_issuer (str): The URL identifying the credential issuer. credential_configuration_ids (List[str]): List of IDs of credential configurations requested. grants (AuthorizationCode): The grants object containing authorization details.

Validation:

• credential_issuer must be a valid, non-empty URI with scheme, netloc, and path.

• credential_configuration_ids must be a non-empty list and each ID must be supported as per configuration.

• grants must be provided and valid according to the AuthorizationCode model.

Raises:

InvalidRequestException: If any required field is missing or invalid.

check_credential_offer() → CredentialOfferRequest

Validates the CredentialOfferRequest after model initialization.

Calls sub-validation methods for each field.

Returns:

CredentialOfferRequest: The validated CredentialOfferRequest instance.

Raises:

InvalidRequestException: On missing or invalid fields.

credential_configuration_ids: List[str]

credential_issuer: str

grants: AuthorizationCode

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

validate_credential_configuration_ids()

Validates the credential configuration IDs.

Ensures the list is non-empty and that each ID is supported by the issuer.

Raises:

InvalidRequestException: If the list is empty or contains unsupported IDs.

validate_credential_issuer()

Validates the credential issuer URI.

Checks that the URI is non-empty and correctly structured with scheme, netloc, and path.

Raises:

InvalidRequestException: If the issuer URI is missing or invalid.

validate_grants()

Validates the grants field by delegating to AuthorizationCode validation.

Raises:

InvalidRequestException: If grants is missing or invalid.

pyeudiw.satosa.frontends.openid4vci.models.deferred_credential_endpoint_request module

class pyeudiw.satosa.frontends.openid4vci.models.deferred_credential_endpoint_request.DeferredCredentialEndpointRequest(*, transaction_id: str = None)

Bases: OpenId4VciBaseModel

Model representing the payload of a Deferred Credential Request.

This request is used by the Wallet Instance to request a Credential that could not be issued immediately during the initial issuance flow. It must include a transaction identifier previously provided by the Credential Issuer in a 202 Accepted response.

check_deferred_credential_endpoint_request() → DeferredCredentialEndpointRequest

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

transaction_id: str

validate_transaction_id()

pyeudiw.satosa.frontends.openid4vci.models.deferred_credential_endpoint_response module

class pyeudiw.satosa.frontends.openid4vci.models.deferred_credential_endpoint_response.CredentialItem(*, credential: str)

Bases: BaseModel

Represents a single credential used in the credential request payload.

Attributes:

credential (str): REQUIRED. A string containing one issued PID/(Q)EAA.

• If the requested format is ‘dc+sd-jwt’, this string MUST NOT be re-encoded.

• If the requested format is ‘mso_mdoc’, it MUST be a base64url-encoded CBOR-encoded IssuerSigned structure (per ISO 18013-5).

credential: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

class pyeudiw.satosa.frontends.openid4vci.models.deferred_credential_endpoint_response.DeferredCredentialEndpointResponse(*, credentials: List[CredentialItem] | None = None, notification_id: str | None = None)

Bases: BaseModel

Represents a response returned for deferred credential issuance.

Attributes:

credentials (Optional[List[CredentialItem]]):

A list of credentials that are ready to be retrieved. May be None if no credentials are available yet.

notification_id (Optional[str]):

An optional identifier for tracking the notification related to this deferred response.

credentials: List[CredentialItem] | None

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

notification_id: str | None

static to_response(credentials: List[CredentialItem]) → Response

Create a SATOSA Response with a JSON payload.

A DeferredCredentialEndpointResponse instance is created and wrapped in a SATOSA Response object with appropriate headers.

Returns:

Response: A SATOSA Response object with:

• application/json content type

• payload

pyeudiw.satosa.frontends.openid4vci.models.nonce_response module

class pyeudiw.satosa.frontends.openid4vci.models.nonce_response.NonceResponse(*, c_nonce: str = <factory>)

Bases: BaseModel

Pydantic model representing a Nonce Response as defined in OpenID4VCI specification (Section 7.2).

The response MUST be uncacheable (Cache-Control: no-store) and MUST contain an unpredictable ‘c_nonce’ value.

c_nonce: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

static to_response(c_nonce: str = None) → Response

Create a SATOSA Response with a JSON payload containing a c_nonce.

Args:

c_nonce (str, optional): Custom nonce value to use. If not provided, a UUID4 will be generated.

Returns:

Response: A SATOSA Response object with application/json content and ‘Cache-Control: no-store’ header.

pyeudiw.satosa.frontends.openid4vci.models.notification_request module

class pyeudiw.satosa.frontends.openid4vci.models.notification_request.NotificationRequest(*, notification_id: str = None, event: str = None, event_description: str | None = None)

Bases: OpenId4VciBaseModel

Request body sent by the Wallet Instance to the Notification Endpoint to inform the Credential Issuer about events related to the issued Credential.

check_notification_endpoint_request() → NotificationRequest

event: str

event_description: str | None

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

notification_id: str

validate_event()

validate_event_description()

validate_notification_id()

pyeudiw.satosa.frontends.openid4vci.models.openid4vci_basemodel module

class pyeudiw.satosa.frontends.openid4vci.models.openid4vci_basemodel.OpenId4VciBaseModel

Bases: BaseModel

Base model that extracts the Pydantic context and provides helper accessors.

static check_invalid_parameter(check: bool, parameter: Any, parameter_name: str, endpoint_name: str)

static check_missing_parameter(parameter: Any, parameter_name: str, endpoint_name: str)

static check_unexpected_parameter(parameter: Any, parameter_name: str, endpoint_name: str)

get_config() → PyeudiwFrontendConfig

get_config_utils() → Openid4VciFrontendConfigUtils

get_ctx(path: str) → Any

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

static strip(val: str)

pyeudiw.satosa.frontends.openid4vci.models.par_request module

class pyeudiw.satosa.frontends.openid4vci.models.par_request.ParRequest(*, state: str = None, scope: str = None, client_id: str = None, redirect_uri: str = None, response_type: str = None, code_challenge: str = None, code_challenge_method: str = None, authorization_details: List[AuthorizationDetail] = None)

Bases: OpenId4VciBaseModel

authorization_details: List[AuthorizationDetail]

check_par_request() → ParRequest

client_id: str

code_challenge: str

code_challenge_method: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

redirect_uri: str

response_type: str

scope: str

state: str

validate_authorization_details(endpoint: str)

validate_client_id(req_client_id: str, endpoint: str)

validate_code_challenge(endpoint: str)

validate_code_challenge_method(code_challenge_methods_supported: list[str], endpoint: str)

validate_redirect_uri(endpoint: str)

validate_response_type(response_types_supported: list[str], endpoint: str)

validate_scope(scopes_supported: list[str], endpoint: str)

validate_state(endpoint: str)

class pyeudiw.satosa.frontends.openid4vci.models.par_request.SignedParRequest(*, iss: str = None, aud: str = None, exp: int = None, iat: int = None, response_type: str = None, response_mode: str = None, client_id: str = None, state: str = None, code_challenge: str = None, code_challenge_method: str = None, scope: str | None = None, authorization_details: List[AuthorizationDetail] | None = None, redirect_uri: str = None, jti: str = None, issuer_state: str = None)

Bases: OpenId4VciBaseModel

aud: str

authorization_details: List[AuthorizationDetail] | None

check_par_request() → ParRequest

client_id: str

code_challenge: str

code_challenge_method: str

exp: int

iat: int

iss: str

issuer_state: str

jti: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

redirect_uri: str

response_mode: str

response_type: str

scope: str | None

state: str

validate_aud(endpoint: str)

validate_authorization_details(endpoint: str)

validate_client_id(req_client_id: str, endpoint: str)

validate_code_challenge(endpoint: str)

validate_code_challenge_method(code_challenge_methods_supported: list[str], endpoint: str)

validate_iss(req_client_id: str, endpoint: str)

validate_jti(endpoint: str)

validate_redirect_uri(endpoint: str)

validate_response_mode(response_modes_supported: list[str], endpoint: str)

validate_response_type(response_types_supported: list[str], endpoint: str)

validate_scope(scopes_supported: list[str], endpoint: str)

validate_state(endpoint: str)

pyeudiw.satosa.frontends.openid4vci.models.par_response module

class pyeudiw.satosa.frontends.openid4vci.models.par_response.ParResponse(*, request_uri: str, expires_in: int)

Bases: BaseModel

Pydantic model representing the response returned from the Pushed Authorization Request (PAR) endpoint.

Attributes:

request_uri (str): The URI that represents the pushed request object. expires_in (int): Time in seconds after which the request URI expires.

expires_in: int

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

request_uri: str

static to_created_response(request_uri: str, expires_in: int) → Created

Builds a Created response from the given request_uri and expires_in.

Args:

request_uri (str): The URI to be returned to the Wallet instance. expires_in (int): The validity duration in seconds for the request URI.

Returns:

Created: A SATOSA Created response with JSON content type and the serialized PAR response payload.

pyeudiw.satosa.frontends.openid4vci.models.token module

class pyeudiw.satosa.frontends.openid4vci.models.token.AccessToken(*, iss: str, aud: str, exp: int, iat: int, client_id: str, jti: str = <factory>, sub: str, cnf: dict = {})

Bases: BaseModel

Pydantic model representing a standard OAuth2 Access Token.

Attributes:

iss (str): Issuer identifier for the token. aud (str): Audience that the token is intended for. exp (int): Expiration time (as UNIX timestamp). iat (int): Issued at time (as UNIX timestamp). client_id (str): Identifier for the client. jti (str): Unique identifier for the token (JWT ID). Generated by default. sub (str): Subject of the token (usually equals client_id). cnf (dict): Confirmation claim (e.g., public key thumbprint).

aud: str

client_id: str

cnf: dict

exp: int

iat: int

iss: str

jti: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

sub: str

class pyeudiw.satosa.frontends.openid4vci.models.token.RefreshToken(*, iss: str, aud: str, exp: int, iat: int, client_id: str, jti: str = <factory>, sub: str, cnf: dict = {}, nbf: int = None)

Bases: AccessToken

Pydantic model representing a Refresh Token, extending the Access Token.

Adds:

nbf (int): ‘Not Before’ claim as a UNIX timestamp. It defaults to the exp of the token.

Notes:

The nbf field ensures the refresh token is not accepted before the expiration of the access token.

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

nbf: int

set_nbf() → RefreshToken

Validator that sets nbf to exp if not explicitly provided.

pyeudiw.satosa.frontends.openid4vci.models.token_request module

class pyeudiw.satosa.frontends.openid4vci.models.token_request.TokenRequest(*, grant_type: str = None, code: str | None = None, redirect_uri: str | None = None, code_verifier: str | None = None, refresh_token: str | None = None, scope: str | None = None)

Bases: OpenId4VciBaseModel

Represents a request to the token endpoint in an OpenID4VCI flow.

Fields:

grant_type (str): Either ‘authorization_code’ or ‘refresh_token’. code (str): Required for ‘authorization_code’ grant type. redirect_uri (str): Required for ‘authorization_code’ grant type. code_verifier (str): Required for PKCE validation. refresh_token (str): Required for ‘refresh_token’ grant type. scope (Optional[str]): Optional, only valid for ‘refresh_token’.

Validation Logic:

• Validates grant_type is one of the supported values.

• Enforces required fields depending on the grant type.

• Validates PKCE code_verifier against the challenge using SHA256 or SHA512.

• Ensures scope values are in the allowed configuration list.

• Raises InvalidRequestException with appropriate messages if checks fail.

check_token_request() → TokenRequest

code: str | None

code_verifier: str | None

grant_type: str

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

model_post_init(context: Any) → None

Override this method to perform additional initialization after __init__ and model_construct. This is useful if you want to do some validation that requires the entire model to be initialized.

redirect_uri: str | None

refresh_token: str | None

scope: str | None

validate_code(is_authorization_code_grant: bool)

validate_code_verifier(is_authorization_code_grant)

validate_grant_type()

validate_redirect_uri(is_authorization_code_grant)

validate_refresh_token(is_authorization_code_grant)

validate_scope(is_authorization_code_grant)

pyeudiw.satosa.frontends.openid4vci.models.token_response module

class pyeudiw.satosa.frontends.openid4vci.models.token_response.TokenResponse(*, access_token: str, refresh_token: str, token_type: str, expires_in: int, authorization_details: List[AuthorizationDetail] | None = None)

Bases: BaseModel

Pydantic model representing the response returned from the token endpoint.

access_token: str

authorization_details: List[AuthorizationDetail] | None

expires_in: int

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

refresh_token: str

static to_created_response(access_token: str, refresh_token: str, expires_in: int, authorization_details: List[AuthorizationDetail]) → Created

Converts the token response to a Created HTTP response object.

Returns:

Created: An HTTP 201 Created response containing the JSON-serialized token response.

token_type: str

Module contents