metaeducation: oauth/oauth.py@c56ca9e06cc8 (annotated)

1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	1	# coding: utf-8
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	2
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	3	from datetime import datetime, timedelta
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	4	from flask import Flask
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	5	from flask import session, request
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	6	from flask import render_template, redirect, jsonify
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	7	from flask_sqlalchemy import SQLAlchemy
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	8	from werkzeug.security import gen_salt
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	9	from flask_oauthlib.provider import OAuth2Provider
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	10	from settings.oauth_settings import OAuthSettings
29 23de98e32b3b added uai field to user model and corresponding migrations + edited test oauth server to serve uai info for testing durandn parents: 10 diff changeset	11	import uuid
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	12
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	13	app = Flask(__name__, template_folder='templates')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	14	app.debug = True
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	15	app.secret_key = 'secret'
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	16	app.config.from_object(OAuthSettings)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	17	app.config.update({
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	18	'SQLALCHEMY_DATABASE_URI': 'sqlite:///db.sqlite',
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	19	})
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	20	db = SQLAlchemy(app)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	21	oauth = OAuth2Provider(app)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	22
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	23
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	24	class User(db.Model):
29 23de98e32b3b added uai field to user model and corresponding migrations + edited test oauth server to serve uai info for testing durandn parents: 10 diff changeset	25	id = db.Column(db.String(256), primary_key=True)
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	26	username = db.Column(db.String(40), unique=True)
29 23de98e32b3b added uai field to user model and corresponding migrations + edited test oauth server to serve uai info for testing durandn parents: 10 diff changeset	27	uai = db.Column(db.String(40), default="uaidefault")
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	28
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	29	class Client(db.Model):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	30	client_id = db.Column(db.String(40), primary_key=True)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	31	client_secret = db.Column(db.String(55), nullable=False)
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	32	client_type = db.Column(db.String(12), nullable=False, default='public')
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	33
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	34	user_id = db.Column(db.ForeignKey('user.id'))
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	35	user = db.relationship('User')
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	36
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	37	_redirect_uris = db.Column(db.Text)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	38	_default_scopes = db.Column(db.Text)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	39
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	40	@property
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	41	def redirect_uris(self):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	42	if self._redirect_uris:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	43	return self._redirect_uris.split()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	44	return []
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	45
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	46	@property
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	47	def default_redirect_uri(self):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	48	return self.redirect_uris[0]
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	49
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	50	@property
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	51	def default_scopes(self):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	52	if self._default_scopes:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	53	return self._default_scopes.split()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	54	return []
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	55
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	56
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	57	class Grant(db.Model):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	58	id = db.Column(db.Integer, primary_key=True)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	59
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	60	user_id = db.Column(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	61	db.Integer, db.ForeignKey('user.id', ondelete='CASCADE')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	62	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	63	user = db.relationship('User')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	64
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	65	client_id = db.Column(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	66	db.String(40), db.ForeignKey('client.client_id'),
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	67	nullable=False,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	68	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	69	client = db.relationship('Client')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	70
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	71	code = db.Column(db.String(255), index=True, nullable=False)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	72
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	73	redirect_uri = db.Column(db.String(255))
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	74	expires = db.Column(db.DateTime)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	75
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	76	_scopes = db.Column(db.Text)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	77
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	78	def delete(self):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	79	db.session.delete(self)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	80	db.session.commit()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	81	return self
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	82
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	83	@property
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	84	def scopes(self):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	85	if self._scopes:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	86	return self._scopes.split()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	87	return []
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	88
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	89
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	90	class Token(db.Model):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	91	id = db.Column(db.Integer, primary_key=True)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	92	client_id = db.Column(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	93	db.String(40), db.ForeignKey('client.client_id'),
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	94	nullable=False,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	95	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	96	client = db.relationship('Client')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	97
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	98	user_id = db.Column(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	99	db.Integer, db.ForeignKey('user.id')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	100	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	101	user = db.relationship('User')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	102
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	103	# currently only bearer is supported
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	104	token_type = db.Column(db.String(40))
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	105
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	106	access_token = db.Column(db.String(255), unique=True)
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	107	refresh_token = db.Column(db.String(255), unique=True, nullable=True)
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	108	expires = db.Column(db.DateTime)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	109	_scopes = db.Column(db.Text)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	110
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	111	@property
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	112	def scopes(self):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	113	if self._scopes:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	114	return self._scopes.split()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	115	return []
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	116
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	117
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	118	def current_user():
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	119	if 'id' in session:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	120	uid = session['id']
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	121	return User.query.get(uid)
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	122	print(session)
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	123	return None
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	124
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	125
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	126	@app.route('/', methods=('GET', 'POST'))
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	127	def home():
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	128	if request.method == 'POST':
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	129	username = request.form.get('username')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	130	user = User.query.filter_by(username=username).first()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	131	if not user:
29 23de98e32b3b added uai field to user model and corresponding migrations + edited test oauth server to serve uai info for testing durandn parents: 10 diff changeset	132	user = User(id=str(uuid.uuid4()), username=username)
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	133	db.session.add(user)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	134	db.session.commit()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	135	session['id'] = user.id
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	136	return redirect('/')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	137	user = current_user()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	138	return render_template('oauth/home.html', user=user)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	139
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	140	@oauth.clientgetter
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	141	def load_client(client_id):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	142	return Client.query.filter_by(client_id=client_id).first()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	143
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	144
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	145	@oauth.grantgetter
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	146	def load_grant(client_id, code):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	147	return Grant.query.filter_by(client_id=client_id, code=code).first()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	148
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	149
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	150	@oauth.grantsetter
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	151	def save_grant(client_id, code, request, args, *kwargs):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	152	# decide the expires time yourself
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	153	expires = datetime.utcnow() + timedelta(seconds=100)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	154	grant = Grant(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	155	client_id=client_id,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	156	code=code['code'],
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	157	redirect_uri=request.redirect_uri,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	158	_scopes=' '.join(request.scopes),
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	159	user=current_user(),
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	160	expires=expires
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	161	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	162	db.session.add(grant)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	163	db.session.commit()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	164	return grant
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	165
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	166
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	167	@oauth.tokengetter
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	168	def load_token(access_token=None, refresh_token=None):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	169	if access_token:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	170	return Token.query.filter_by(access_token=access_token).first()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	171	elif refresh_token:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	172	return Token.query.filter_by(refresh_token=refresh_token).first()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	173
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	174
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	175	@oauth.tokensetter
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	176	def save_token(token, request, args, *kwargs):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	177	toks = Token.query.filter_by(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	178	client_id=request.client.client_id,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	179	user_id=request.user.id
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	180	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	181	# make sure that every client has only one token connected to a user
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	182	for t in toks:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	183	db.session.delete(t)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	184
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	185	expires_in = token.pop('expires_in')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	186	expires = datetime.utcnow() + timedelta(seconds=expires_in)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	187
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	188	tok = Token(
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	189	access_token=token['access_token'],
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	190	token_type=token['token_type'],
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	191	_scopes=token['scope'],
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	192	expires=expires,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	193	client_id=request.client.client_id,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	194	user_id=request.user.id,
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	195	)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	196	db.session.add(tok)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	197	db.session.commit()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	198	return tok
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	199
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	200
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	201	@app.route('/oauth/oauth2/token', methods=['GET', 'POST'])
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	202	@oauth.token_handler
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	203	def access_token():
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	204	return None
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	205
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	206
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	207	@app.route('/oauth/oauth2/authorize', methods=['GET', 'POST'])
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	208	@oauth.authorize_handler
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	209	def authorize(args, *kwargs):
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	210	user = current_user()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	211	if not user:
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	212	return redirect('/')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	213	if request.method == 'GET':
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	214	client_id = kwargs.get('client_id')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	215	client = Client.query.filter_by(client_id=client_id).first()
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	216	kwargs['client'] = client
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	217	kwargs['user'] = user
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	218	return render_template('oauth/authorize.html', **kwargs)
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	219
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	220	confirm = request.form.get('confirm', 'no')
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	221	return confirm == 'yes'
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	222
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	223
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	224	@app.route('/rest/user/InfoComplete')
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	225	@oauth.require_oauth()
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	226	def user_info():
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	227	user = request.oauth.user
29 23de98e32b3b added uai field to user model and corresponding migrations + edited test oauth server to serve uai info for testing durandn parents: 10 diff changeset	228	return jsonify(id=user.id, displayName=user.username, ENTPersonStructRattachUAI=user.uai)
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	229
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	230	@app.route('/rest/oauth/validate/<token>')
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	231	def validate_token(token):
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	232	database_token = Token.query.filter_by(access_token=token).first()
40 10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	233	uris = ""
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	234	scopes = ""
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	235	if database_token is not None:
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	236	related_client = database_token.client
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	237	scopes = database_token.scopes
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	238	uris = related_client.redirect_uris
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	239	if database_token is not None and database_token.access_token == token:
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	240	validate_errors = "0"
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	241	error_description = ""
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	242	else:
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	243	validate_errors = "1"
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	244	error_description = "token not found in db?"
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	245	return jsonify(
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	246	access_token=token,
58 c56ca9e06cc8 adapted oauth test server validation service to correct(/itop) token validation format durandn parents: 40 diff changeset	247	uriredirect= uris,
c56ca9e06cc8 adapted oauth test server validation service to correct(/itop) token validation format durandn parents: 40 diff changeset	248	error=validate_errors,
40 10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	249	description= error_description,
10a829681179 Changes on auth.py: better token extraction and validation, better logging, fix to validate response interpretation + changes to oauth.py to properly test changes to auth.py durandn parents: 29 diff changeset	250	scope=scopes
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	251	)
7 cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	252
10 50b532f5e6cb Adjusted oauth test server and client to better reflect GED interface durandn parents: 7 diff changeset	253	@app.route('/ws/resource/', methods=["POST", "PUT"])
7 cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	254	@oauth.require_oauth()
10 50b532f5e6cb Adjusted oauth test server and client to better reflect GED interface durandn parents: 7 diff changeset	255	def reference_resource():
7 cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	256	print("#########################")
cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	257	print(request.headers)
cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	258	print("#########################")
cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	259	print(request.data)
10 50b532f5e6cb Adjusted oauth test server and client to better reflect GED interface durandn parents: 7 diff changeset	260	return "Request is valid", 200
7 cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	261
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	262	def init_client(client_id, client_secret, redirect_uris, client_owner, confidential=False):
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	263	client = Client.query.filter_by(client_id=client_id, client_secret=client_secret).first()
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	264	if not client:
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	265	print("Creating client for "+client_owner)
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	266	user = User.query.filter_by(username=client_owner).first()
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	267	if not user:
7 cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	268	user = User(username=client_owner)
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	269	db.session.add(user)
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	270	db.session.commit()
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	271	if confidential:
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	272	type="confidential"
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	273	else:
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	274	type="public"
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	275	client = Client(
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	276	client_id=client_id,
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	277	client_secret=client_secret,
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	278	_redirect_uris=' '.join(redirect_uris),
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	279	_default_scopes='basic',
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	280	user_id=user.id,
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	281	client_type=type
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	282	)
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	283	db.session.add(client)
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	284	db.session.commit()
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	285
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	286	if __name__ == '__main__':
5f50937893ac Commit work on metaeducation durandn parents: diff changeset	287	db.create_all()
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	288	init_client(
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	289	client_id=app.config["RENKAN_CLIENT_ID"],
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	290	client_secret=app.config["RENKAN_CLIENT_SECRET"],
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	291	redirect_uris=app.config["RENKAN_REDIRECT_URIS"],
7 cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	292	client_owner=app.config["RENKAN_SERVER_USER"],
cb21b50b7793 small corrections on oauth server and allauth provider + implemented post_save signals to reference resources into itop ged durandn parents: 5 diff changeset	293	confidential=True
5 4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	294	)
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	295	init_client(
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	296	client_id=app.config["MOCK_GED_CLIENT_ID"],
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	297	client_secret=app.config["MOCK_GED_CLIENT_SECRET"],
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	298	redirect_uris=app.config["MOCK_GED_REDIRECT_URIS"],
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	299	client_owner=app.config["MOCK_GED_SERVER_USER"],
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	300	confidential=True
4407b131a70e adjustments on Oauth server and mock ged client + Readme durandn parents: 1 diff changeset	301	)
1 5f50937893ac Commit work on metaeducation durandn parents: diff changeset	302	app.run()

author	durandn
	Thu, 21 Apr 2016 12:04:00 +0200
changeset 58	c56ca9e06cc8
parent 40	10a829681179
permissions	-rw-r--r--