I'm trying to understand how to limit access to my application when using this Python Oauth2.0 example. I've seen places where you can add an hd=domain.com to the end of an authorize_url but that doesn't work for me.
Can anyone shed some light on how to limit access to my flask app based on this example? https://github.com/mitsuhiko/flask-oauth/blob/master/example/google.py
So I can answer this myself. When building the google object the 'hd' param should be added as such.
google = oauth.remote_app('google',
base_url='https://www.google.com/accounts/',
authorize_url='https://accounts.google.com/o/oauth2/auth',
request_token_url=None,
request_token_params={'scope': 'https://www.googleapis.com/auth/userinfo.email',
'response_type': 'code',
'hd':'domain.com'},
access_token_url='https://accounts.google.com/o/oauth2/token',
access_token_method='POST',
access_token_params={'grant_type': 'authorization_code'},
consumer_key=GOOGLE_CLIENT_ID,
consumer_secret=GOOGLE_CLIENT_SECRET)
