FusionAuth · rideam · May 9, 2023
diff --git a/README.md b/README.md
@@ -2,7 +2,17 @@
 
 Flaks application using FusionAuth as the identity server. This application will use an OAuth Authorization Code workflow  to log users in.
 
-First create a virtual environment 
+## Setup FusionAuth
+
+Start up the FusionAuth docker containers:
+
+```shell
+docker compose up
+```
+
+Login into [FusionAuth](http://localhost:9011/) and create an API key.
+
+Create a virtual environment to install requirements.
 
 ```shell
 python -m venv venv && \
@@ -11,10 +21,18 @@ pip install -r requirements.txt && \
 pip install -r setup-flask/requirements.txt
 ```
 
-Navigate to the `setup-flask` directory and execute `flask run` to run the app.
+Then run the setup script supplying your `<your API key>`.
+
+```shell
+fusionauth_api_key=<your API key> python setup.py
+```
+
+## Setup Flask
+
+Navigate to the `setup-flask` directory and execute the following command to run your app:
 
 ```shell
-flask --app server.py run
+python server.py
 ```
 
-Visit the local webserver at `http://localhost:5000/` and sign in.
+Visit the local webserver at `http://localhost:5001/` and sign in.
diff --git a/requirements.txt b/requirements.txt
@@ -1 +1 @@
-fusionauth-client==1.42.0
+fusionauth-client>=1.45.0
diff --git a/setup-flask/server.py b/setup-flask/server.py
@@ -58,4 +58,4 @@ def home():
 
 
 if __name__ == "__main__":
-    app.run(host="0.0.0.0", port=env.get("PORT", 3000))
+    app.run(host="localhost", port=env.get("PORT", 5001))
diff --git a/setup.py b/setup.py
@@ -38,16 +38,12 @@
 
 # configure oauth
 application["oauthConfiguration"] = {}
-application["oauthConfiguration"]["authorizedRedirectURLs"] = ["http://localhost:5000/callback/"]
+application["oauthConfiguration"]["authorizedRedirectURLs"] = ["http://localhost:5001/callback"]
 application["oauthConfiguration"]["requireRegistration"] = True
 application["oauthConfiguration"]["enabledGrants"] = ["authorization_code", "refresh_token"]
-application["oauthConfiguration"]["logoutURL"] = "http://localhost:5000/logout"
+application["oauthConfiguration"]["logoutURL"] = "http://localhost:5001/logout"
 application["oauthConfiguration"]["clientSecret"] = "change-this-in-production-to-be-a-real-secret"
 
-# some libraries don't support pkce, notably mozilla-django-oidc: https://github.com/mozilla/mozilla-django-oidc/issues/397
-# since we are server side and have a solid client secret, we're okay turning pkce off
-application["oauthConfiguration"]["proofKeyForCodeExchangePolicy"] = "NotRequiredWhenUsingClientAuthentication"
-
 # assign key from above to sign tokens. This needs to be asymmetric
 application["jwtConfiguration"] = {}
 application["jwtConfiguration"]["enabled"] = True
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		fusionauth-client==1.42.0
		fusionauth-client>=1.45.0
Original file line number	Diff line number	Diff line change
Expand Up		@@ -58,4 +58,4 @@ def home():


		if __name__ == "__main__":
		app.run(host="0.0.0.0", port=env.get("PORT", 3000))
		app.run(host="localhost", port=env.get("PORT", 5001))