Detect oauth2 even if there's no authorize_uri

As long as we have a JWT and there's a token_uri, we can talk oauth2.
smart-on-fhir · Jul 16, 2024 · 4e558a9 · 4e558a9
1 parent 4cf4472
commit 4e558a9
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/fhirclient/auth.py b/fhirclient/auth.py
@@ -44,7 +44,6 @@ def from_capability_security(cls, security, state=None):
                                 state['token_uri'] = ee.valueUri
                             elif 'authorize' == ee.url:
                                 state['authorize_uri'] = ee.valueUri
-                                auth_type = 'oauth2'
                             elif 'register' == ee.url:
                                 state['registration_uri'] = ee.valueUri
                         break
@@ -56,9 +55,11 @@ def from_capability_security(cls, security, state=None):
                     state['registration_uri'] = e.valueUri
                 elif "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris#authorize" == e.url:
                     state['authorize_uri'] = e.valueUri
-                    auth_type = 'oauth2'
                 elif "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris#token" == e.url:
                     state['token_uri'] = e.valueUri
+
+            if 'authorize_uri' in state or ('token_uri' in state and 'jwt_token' in state):
+                auth_type = 'oauth2'
 
         return cls.create(auth_type, state=state)