diff options
author | Frederick Muriuki Muriithi | 2023-09-22 08:11:28 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-10-26 05:00:27 +0300 |
commit | b496ad27c0d5448161cf66dd9a068d9e512194af (patch) | |
tree | 8147d1e531d2e394eba9aa2e8cff55fe9cce43cb | |
parent | 418cfaa506c6094477c51ef0c3f0b3f0a8f68a85 (diff) | |
download | genenetwork2-b496ad27c0d5448161cf66dd9a068d9e512194af.tar.gz |
Use gn-auth as the authorisation server.
-rw-r--r-- | wqflask/utility/tools.py | 1 | ||||
-rw-r--r-- | wqflask/wqflask/collect.py | 24 | ||||
-rw-r--r-- | wqflask/wqflask/decorators.py | 2 | ||||
-rw-r--r-- | wqflask/wqflask/metadata_edits.py | 4 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/checks.py | 4 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/client.py | 18 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/collections.py | 4 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/data.py | 54 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/groups.py | 26 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/request_utils.py | 8 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/resources.py | 30 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/roles.py | 12 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/toplevel.py | 2 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/ui.py | 2 | ||||
-rw-r--r-- | wqflask/wqflask/oauth2/users.py | 22 | ||||
-rw-r--r-- | wqflask/wqflask/views.py | 4 |
16 files changed, 109 insertions, 108 deletions
diff --git a/wqflask/utility/tools.py b/wqflask/utility/tools.py index 3dc01b91..0d1357b9 100644 --- a/wqflask/utility/tools.py +++ b/wqflask/utility/tools.py @@ -351,5 +351,6 @@ assert_file(JS_CYTOSCAPE_PATH + '/cytoscape.min.js') # assert_file(PHEWAS_FILES+"/auwerx/PheWAS_pval_EMMA_norm.RData") +AUTH_SERVER_URL = get_setting("AUTH_SERVER_URL") OAUTH2_CLIENT_ID = get_setting('OAUTH2_CLIENT_ID') OAUTH2_CLIENT_SECRET = get_setting('OAUTH2_CLIENT_SECRET') diff --git a/wqflask/wqflask/collect.py b/wqflask/wqflask/collect.py index 55d922ea..f7b33a59 100644 --- a/wqflask/wqflask/collect.py +++ b/wqflask/wqflask/collect.py @@ -78,9 +78,9 @@ def collections_add(): traits = request.args.get("traits", request.form.get("traits")) the_hash = request.args.get("hash", request.form.get("hash")) collections = g.user_session.user_collections - collections = oauth2_get("oauth2/user/collections/list").either( + collections = oauth2_get("auth/user/collections/list").either( lambda _err: tuple(), lambda colls: tuple(colls)) + no_token_get( - f"oauth2/user/collections/{anon_id}/list").either( + f"auth/user/collections/{anon_id}/list").either( lambda _err: tuple(), lambda colls: tuple(colls)) def __create_new_coll_error__(error): @@ -90,7 +90,7 @@ def collections_add(): if len(collections) < 1: new_coll = client.post( - "oauth2/user/collections/new", + "auth/user/collections/new", json={ "anon_id": str(anon_id), "name": "Your Default Collection", @@ -127,7 +127,7 @@ def collections_new(): params.get("new_collection", "").strip() or datetime.datetime.utcnow().strftime('Collection_%b_%d_%H:%M')) request_data = { - "uri_path": "oauth2/user/collections/new", + "uri_path": "auth/user/collections/new", "json": { "name": collection_name, "anon_id": str(anon_id), @@ -154,7 +154,7 @@ def collections_new(): collection_id = uuid.UUID(coll_id) resp = redirect(url_for('view_collection', uc_id=collection_id)) return client.post( - f"oauth2/user/collections/{collection_id}/traits/add", + f"auth/user/collections/{collection_id}/traits/add", json={ "anon_id": str(anon_id), "traits": traits @@ -185,13 +185,13 @@ def list_collections(): params = request.args anon_id = session.session_info()["anon_id"] anon_collections = no_token_get( - f"oauth2/user/collections/{anon_id}/list").either( + f"auth/user/collections/{anon_id}/list").either( lambda err: {"anon_collections_error": process_error(err)}, lambda colls: {"anon_collections": colls}) user_collections = {"collections": []} if user_logged_in(): - user_collections = oauth2_get("oauth2/user/collections/list").either( + user_collections = oauth2_get("auth/user/collections/list").either( lambda err: {"user_collections_error": process_error(err)}, lambda colls: {"collections": colls}) @@ -216,7 +216,7 @@ def handle_anonymous_collections(): flash(f"Success: {msg['message']}", "alert-success") return redirect("/") return oauth2_post( - f"oauth2/user/collections/anonymous/{choice}", + f"auth/user/collections/anonymous/{choice}", json={ "anon_id": str(session_info()["anon_id"]) }).either(__impdel_error__, __impdel_success__) @@ -228,7 +228,7 @@ def remove_traits(): traits_to_remove = process_traits(params['trait_list']) resp = redirect(url_for("view_collection", uc_id=uc_id)) return client.post( - f"oauth2/user/collections/{uc_id}/traits/remove", + f"auth/user/collections/{uc_id}/traits/remove", json = { "anon_id": str(session_info()["anon_id"]), "traits": traits_to_remove @@ -251,7 +251,7 @@ def delete_collection(): if bool(item)] if len(uc_ids) > 0: return (oauth2_post if user_logged_in() else no_token_post)( - "oauth2/user/collections/delete", + "auth/user/collections/delete", json = { "anon_id": str(session_info()["anon_id"]), "collection_ids": uc_ids @@ -328,7 +328,7 @@ def view_collection(): uc_id = params['uc_id'] request_data = { - "uri_path": f"oauth2/user/collections/{uc_id}/view", + "uri_path": f"auth/user/collections/{uc_id}/view", "json": {"anon_id": str(session_info()["anon_id"])} } if user_logged_in(): @@ -389,7 +389,7 @@ def change_collection_name(): collection_id = request.form['collection_id'] resp = redirect(url_for("view_collection", uc_id=collection_id)) return client.post( - f"oauth2/user/collections/{collection_id}/rename", + f"auth/user/collections/{collection_id}/rename", json={ "anon_id": str(session_info()["anon_id"]), "new_name": request.form["new_collection_name"] diff --git a/wqflask/wqflask/decorators.py b/wqflask/wqflask/decorators.py index b32c8fc8..88535187 100644 --- a/wqflask/wqflask/decorators.py +++ b/wqflask/wqflask/decorators.py @@ -130,7 +130,7 @@ def required_access(access_levels: tuple[str, ...], "the authorisation checks.", session_info()["user"]) return client.post( - "oauth2/data/authorisation", + "auth/data/authorisation", json={"traits": [f"{dataset_name}::{trait_name}"]}).either( __error__, __success__) return __checker__ diff --git a/wqflask/wqflask/metadata_edits.py b/wqflask/wqflask/metadata_edits.py index 9caccd3c..2798e4b4 100644 --- a/wqflask/wqflask/metadata_edits.py +++ b/wqflask/wqflask/metadata_edits.py @@ -655,7 +655,7 @@ def list_diffs(): return {**acc, "waiting": acc["waiting"] + [item]} accessible_diffs = client.post( - "oauth2/data/authorisation", + "auth/data/authorisation", json={ "traits": [ f"{meta['diff']['dataset_name']}::{meta['diff']['trait_name']}" @@ -777,7 +777,7 @@ def __authorised_p__(dataset_name, trait_name): ("system:resources:edit-all" in dets["privileges"])) return client.post( - "oauth2/data/authorisation", + "auth/data/authorisation", json={"traits": [f"{dataset_name}::{trait_name}"]} ).map( lambda adets: { diff --git a/wqflask/wqflask/oauth2/checks.py b/wqflask/wqflask/oauth2/checks.py index 4abeb279..4ef1ab3e 100644 --- a/wqflask/wqflask/oauth2/checks.py +++ b/wqflask/wqflask/oauth2/checks.py @@ -33,11 +33,11 @@ def require_oauth2(func): def __with_token__(token): from utility.tools import ( - GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) + AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) client = OAuth2Session( OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, token=token) resp = client.get( - urljoin(GN_SERVER_URL, "oauth2/user/")) + urljoin(AUTH_SERVER_URL, "auth/user/")) user_details = resp.json() if not user_details.get("error", False): return func(*args, **kwargs) diff --git a/wqflask/wqflask/oauth2/client.py b/wqflask/wqflask/oauth2/client.py index 2a06b156..af6a1876 100644 --- a/wqflask/wqflask/oauth2/client.py +++ b/wqflask/wqflask/oauth2/client.py @@ -18,7 +18,7 @@ SCOPE = ("profile group role resource register-client user masquerade " def oauth2_client(): def __client__(token) -> OAuth2Session: from utility.tools import ( - GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) + AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) return OAuth2Session( OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, scope=SCOPE, token_endpoint_auth_method="client_secret_post", @@ -40,12 +40,12 @@ def __no_token__(_err) -> Left: def oauth2_get(uri_path: str, data: dict = {}, **kwargs) -> Either: def __get__(token) -> Either: from utility.tools import ( - GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) + AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) client = OAuth2Session( OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, token=token, scope=SCOPE) resp = client.get( - urljoin(GN_SERVER_URL, uri_path), + urljoin(AUTH_SERVER_URL, uri_path), data=data, **kwargs) if resp.status_code == 200: @@ -60,12 +60,12 @@ def oauth2_post( **kwargs) -> Either: def __post__(token) -> Either: from utility.tools import ( - GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) + AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) client = OAuth2Session( OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, token=token, scope=SCOPE) resp = client.post( - urljoin(GN_SERVER_URL, uri_path), data=data, json=json, + urljoin(AUTH_SERVER_URL, uri_path), data=data, json=json, **kwargs) if resp.status_code == 200: return Right(resp.json()) @@ -75,15 +75,15 @@ def oauth2_post( return session.user_token().either(__no_token__, __post__) def no_token_get(uri_path: str, **kwargs) -> Either: - from utility.tools import GN_SERVER_URL - resp = requests.get(urljoin(GN_SERVER_URL, uri_path), **kwargs) + from utility.tools import AUTH_SERVER_URL + resp = requests.get(urljoin(AUTH_SERVER_URL, uri_path), **kwargs) if resp.status_code == 200: return Right(resp.json()) return Left(resp) def no_token_post(uri_path: str, **kwargs) -> Either: from utility.tools import ( - GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) + AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET) data = kwargs.get("data", {}) the_json = kwargs.get("json", {}) request_data = { @@ -99,7 +99,7 @@ def no_token_post(uri_path: str, **kwargs) -> Either: }, ("data" if bool(data) else "json"): request_data } - resp = requests.post(urljoin(GN_SERVER_URL, uri_path), + resp = requests.post(urljoin(AUTH_SERVER_URL, uri_path), **new_kwargs) if resp.status_code == 200: return Right(resp.json()) diff --git a/wqflask/wqflask/oauth2/collections.py b/wqflask/wqflask/oauth2/collections.py index e31b4ad2..d4bfe7f0 100644 --- a/wqflask/wqflask/oauth2/collections.py +++ b/wqflask/wqflask/oauth2/collections.py @@ -7,10 +7,10 @@ def num_collections() -> int: """Compute the number of collections available for tte current sussion.""" anon_id = session_info()["anon_id"] all_collections = no_token_get( - f"oauth2/user/collections/{anon_id}/list").either( + f"auth/user/collections/{anon_id}/list").either( lambda _err: [], lambda colls: colls) if user_logged_in(): all_collections = all_collections + oauth2_get( - "oauth2/user/collections/list").either( + "auth/user/collections/list").either( lambda _err: [], lambda colls: colls) return len(all_collections) diff --git a/wqflask/wqflask/oauth2/data.py b/wqflask/wqflask/oauth2/data.py index 795e9ea3..9edfe964 100644 --- a/wqflask/wqflask/oauth2/data.py +++ b/wqflask/wqflask/oauth2/data.py @@ -18,11 +18,11 @@ from .client import oauth2_get, oauth2_post data = Blueprint("data", __name__) def __search_mrna__(query, template, **kwargs): - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL species_name = kwargs["species_name"] - search_uri = urljoin(GN_SERVER_URL, "oauth2/data/search") + search_uri = urljoin(AUTH_SERVER_URL, "auth/data/search") datasets = oauth2_get( - "oauth2/data/search", + "auth/data/search", json = { "query": query, "dataset_type": "mrna", @@ -43,11 +43,11 @@ def __selected_datasets__(): request.form.get("selected", [])) def __search_genotypes__(query, template, **kwargs): - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL species_name = kwargs["species_name"] - search_uri = urljoin(GN_SERVER_URL, "oauth2/data/search") + search_uri = urljoin(AUTH_SERVER_URL, "auth/data/search") datasets = oauth2_get( - "oauth2/data/search", + "auth/data/search", json = { "query": query, "dataset_type": "genotype", @@ -59,7 +59,7 @@ def __search_genotypes__(query, template, **kwargs): return render_ui(template, search_uri=search_uri, **datasets, **kwargs) def __search_phenotypes__(query, template, **kwargs): - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL page = int(request.args.get("page", 1)) per_page = int(request.args.get("per_page", 50)) selected_traits = request.form.getlist("selected_traits") @@ -71,18 +71,18 @@ def __search_phenotypes__(query, template, **kwargs): template, traits=[], per_page=per_page, query=query, selected_traits=selected_traits, search_results=search_results, search_endpoint=urljoin( - GN_SERVER_URL, "oauth2/data/search"), - gn_server_url = GN_SERVER_URL, + AUTH_SERVER_URL, "auth/data/search"), + gn_server_url = AUTH_SERVER_URL, results_endpoint=urljoin( - GN_SERVER_URL, - f"oauth2/data/search/phenotype/{job_id}"), + AUTH_SERVER_URL, + f"auth/data/search/phenotype/{job_id}"), **kwargs) - return oauth2_get("oauth2/data/search", json={ + return oauth2_get("auth/data/search", json={ "dataset_type": "phenotype", "species_name": kwargs["species_name"], "per_page": per_page, "page": page, - "gn3_server_uri": GN_SERVER_URL + "auth_server_uri": AUTH_SERVER_URL }).either( lambda err: __search_error__(process_error(err)), __search_success__) @@ -94,7 +94,7 @@ def json_search_genotypes() -> Response: return jsonify(error), error["status_code"] return oauth2_get( - "oauth2/data/search", + "auth/data/search", json = { "query": request.json["query"], "dataset_type": "genotype", @@ -111,7 +111,7 @@ def json_search_mrna() -> Response: return jsonify(error), error["status_code"] return oauth2_get( - "oauth2/data/search", + "auth/data/search", json = { "query": request.json["query"], "dataset_type": "mrna", @@ -124,21 +124,21 @@ def json_search_mrna() -> Response: @data.route("/phenotype/search", methods=["POST"]) def json_search_phenotypes() -> Response: """Search for phenotypes.""" - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL form = request.json def __handle_error__(err): error = process_error(err) return jsonify(error), error["status_code"] return oauth2_get( - "oauth2/data/search", + "auth/data/search", json={ "dataset_type": "phenotype", "species_name": form["species_name"], "query": form.get("query", ""), "per_page": int(form.get("per_page", 50)), "page": int(form.get("page", 1)), - "gn3_server_uri": GN_SERVER_URL, + "auth_server_uri": AUTH_SERVER_URL, "selected_traits": form.get("selected_traits", []) }).either(__handle_error__, jsonify) @@ -156,10 +156,10 @@ def list_data_by_species_and_dataset( "genotype": __search_genotypes__, "phenotype": __search_phenotypes__ } - roles = oauth2_get("oauth2/user/roles").either( + roles = oauth2_get("auth/user/roles").either( lambda err: {"roles_error": process_error(err)}, lambda roles: {"roles": roles}) - groups = oauth2_get("oauth2/group/list").either( + groups = oauth2_get("auth/group/list").either( lambda err: {"groups_error": process_error(err)}, lambda grps: {"groups": grps}) query = request.args.get("query", "") @@ -183,13 +183,13 @@ def list_data(): **{key:val for key,val in kwargs.items() if key not in ("groups", "data_items", "user_privileges")}) - groups = oauth2_get("oauth2/group/list").either( + groups = oauth2_get("auth/group/list").either( lambda err: {"groups_error": process_error(err)}, lambda grp: {"groups": grp}) - roles = oauth2_get("oauth2/user/roles").either( + roles = oauth2_get("auth/user/roles").either( lambda err: {"roles_error": process_error(err)}, lambda roles: {"roles": roles}) - species = oauth2_get("oauth2/data/species").either( + species = oauth2_get("auth/data/species").either( lambda err: {"species_error": process_error(err)}, lambda species: {"species": species}) @@ -232,7 +232,7 @@ def link_data(): return redirect(url_for( "oauth2.data.list_data", **state_data)) return oauth2_post( - "oauth2/group/data/link", + "auth/group/data/link", data={ "dataset_type": form["dataset_type"], "dataset_ids": dataset_ids, @@ -261,7 +261,7 @@ def link_genotype_data(): flash(success["description"], "alert-success") return link_source_url - return oauth2_post("oauth2/data/link/genotype", json={ + return oauth2_post("auth/data/link/genotype", json={ "species_name": form.get("species_name"), "group_id": form.get("group_id"), "selected": tuple(json.loads(dataset) for dataset @@ -288,7 +288,7 @@ def link_mrna_data(): flash(success["description"], "alert-success") return link_source_url - return oauth2_post("oauth2/data/link/mrna", json={ + return oauth2_post("auth/data/link/mrna", json={ "species_name": form.get("species_name"), "group_id": form.get("group_id"), "selected": tuple(json.loads(dataset) for dataset @@ -314,7 +314,7 @@ def link_phenotype_data(): flash(success["description"], "alert-success") return link_source_url - return oauth2_post("oauth2/data/link/phenotype", json={ + return oauth2_post("auth/data/link/phenotype", json={ "species_name": form.get("species_name"), "group_id": form.get("group_id"), "selected": tuple( diff --git a/wqflask/wqflask/oauth2/groups.py b/wqflask/wqflask/oauth2/groups.py index 76731793..fd5ab7eb 100644 --- a/wqflask/wqflask/oauth2/groups.py +++ b/wqflask/wqflask/oauth2/groups.py @@ -18,7 +18,7 @@ groups = Blueprint("group", __name__) def user_group(): """Get the user's group.""" def __get_join_requests__(group, users): - return oauth2_get("oauth2/group/requests/join/list").either( + return oauth2_get("auth/group/requests/join/list").either( lambda error: render_ui( "oauth2/group.html", group=group, users=users, group_join_requests_error=process_error(error)), @@ -26,7 +26,7 @@ def user_group(): "oauth2/group.html", group=group, users=users, group_join_requests=gjr)) def __success__(group): - return oauth2_get(f"oauth2/group/members/{group['group_id']}").either( + return oauth2_get(f"auth/group/members/{group['group_id']}").either( lambda error: render_ui( "oauth2/group.html", group=group, user_error=process_error(error)), @@ -36,7 +36,7 @@ def user_group(): return render_ui( "oauth2/group.html", group_error=process_error(err)) - return oauth2_get("oauth2/user/group").either( + return oauth2_get("auth/user/group").either( __group_error__, __success__) @groups.route("/create", methods=["POST"]) @@ -45,7 +45,7 @@ def create_group(): def __setup_group__(response): session["user_details"]["group"] = response - resp = oauth2_post("oauth2/group/create", data=dict(request.form)) + resp = oauth2_post("auth/group/create", data=dict(request.form)) return resp.either( handle_error("oauth2.group.join_or_create"), handle_success( @@ -64,7 +64,7 @@ def join_or_create(): "oauth2/group_join_or_create.html", groups=[], groups_error=process_error(err)) def __group_success__(groups): - return oauth2_get("oauth2/user/group/join-request").either( + return oauth2_get("auth/user/group/join-request").either( __gjr_error__, partial(__gjr_success__, groups=groups)) def __gjr_error__(err): return render_ui( @@ -74,7 +74,7 @@ def join_or_create(): return render_ui( "oauth2/group_join_or_create.html", groups=groups, group_join_request=gjr) - return oauth2_get("oauth2/group/list").either( + return oauth2_get("auth/group/list").either( __group_error__, __group_success__) @groups.route("/delete/<uuid:group_id>", methods=["GET", "POST"]) @@ -102,7 +102,7 @@ def list_join_requests() -> Response: return render_ui( "oauth2/join-requests.html", error=False, requests=requests, datetime_string=__ts_to_dt_str__) - return oauth2_get("oauth2/group/requests/join/list").either( + return oauth2_get("auth/group/requests/join/list").either( __fail__, __success__) @groups.route("/accept-join-requests", methods=["POST"]) @@ -116,7 +116,7 @@ def accept_join_request(): flash("Request was accepted successfully.", "alert-success") return redirect(url_for("oauth2.group.list_join_requests")) return oauth2_post( - "oauth2/group/requests/join/accept", + "auth/group/requests/join/accept", data=request.form).either( handle_error("oauth2.group.list_join_requests"), __success__) @@ -132,7 +132,7 @@ def reject_join_request(): flash("Request was rejected successfully.", "alert-success") return redirect(url_for("oauth2.group.list_join_requests")) return oauth2_post( - "oauth2/group/requests/join/reject", + "auth/group/requests/join/reject", data=request.form).either( handle_error("oauth2.group.list_join_requests"), __success__) @@ -152,13 +152,13 @@ def group_role(group_role_id: uuid.UUID): if priv not in role["role"]["privileges"])) def __role_success__(role): - return oauth2_get("oauth2/group/privileges").either( + return oauth2_get("auth/group/privileges").either( lambda err: __render_error__( group_role=group_role, group_privileges_error=process_error(err)), lambda privileges: __gprivs_success__(role, privileges)) - return oauth2_get(f"oauth2/group/role/{group_role_id}").either( + return oauth2_get(f"auth/group/role/{group_role_id}").either( lambda err: __render_error__(group_role_error=process_error(err)), __role_success__) @@ -183,8 +183,8 @@ def add_delete_privilege_to_role( privilege_id = form.get("privilege_id") assert bool(privilege_id), "Privilege to add must be provided" uris = { - "ADD": f"oauth2/group/role/{group_role_id}/privilege/add", - "DELETE": f"oauth2/group/role/{group_role_id}/privilege/delete" + "ADD": f"auth/group/role/{group_role_id}/privilege/add", + "DELETE": f"auth/group/role/{group_role_id}/privilege/delete" } return oauth2_post( uris[direction], diff --git a/wqflask/wqflask/oauth2/request_utils.py b/wqflask/wqflask/oauth2/request_utils.py index 987b3c7d..2f475337 100644 --- a/wqflask/wqflask/oauth2/request_utils.py +++ b/wqflask/wqflask/oauth2/request_utils.py @@ -10,12 +10,12 @@ from flask import ( from .client import SCOPE, oauth2_get def authserver_authorise_uri(): - from utility.tools import GN_SERVER_URL, OAUTH2_CLIENT_ID + from utility.tools import AUTH_SERVER_URL, OAUTH2_CLIENT_ID req_baseurl = urlparse(request.base_url, scheme=request.scheme) host_uri = f"{req_baseurl.scheme}://{req_baseurl.netloc}/" return urljoin( - GN_SERVER_URL, - "oauth2/authorise?response_type=code" + AUTH_SERVER_URL, + "/auth/authorise?response_type=code" f"&client_id={OAUTH2_CLIENT_ID}" f"&redirect_uri={urljoin(host_uri, 'oauth2/code')}") @@ -23,7 +23,7 @@ def raise_unimplemented(): raise Exception("NOT IMPLEMENTED") def user_details(): - return oauth2_get("oauth2/user/").either( + return oauth2_get("auth/user/").either( lambda err: {}, lambda usr_dets: usr_dets) diff --git a/wqflask/wqflask/oauth2/resources.py b/wqflask/wqflask/oauth2/resources.py index 6f2bd5f2..7d20b859 100644 --- a/wqflask/wqflask/oauth2/resources.py +++ b/wqflask/wqflask/oauth2/resources.py @@ -19,7 +19,7 @@ def user_resources(): def __success__(resources): return render_ui("oauth2/resources.html", resources=resources) - return oauth2_get("oauth2/user/resources").either( + return oauth2_get("auth/user/resources").either( request_error, __success__) @resources.route("/create", methods=["GET", "POST"]) @@ -35,7 +35,7 @@ def create_resource(): resource_category=request.args.get("resource_category")) if request.method == "GET": - return oauth2_get("oauth2/resource/categories").either( + return oauth2_get("auth/resource/categories").either( lambda error: __render_template__(error=process_error( error, "Could not retrieve resource categories")), lambda cats: __render_template__(categories=cats)) @@ -51,7 +51,7 @@ def create_resource(): flash("Resource created successfully", "alert-success") return redirect(url_for("oauth2.resource.user_resources")) return oauth2_post( - "oauth2/resource/create", data=request.form).either( + "auth/resource/create", data=request.form).either( __perr__, __psuc__) def __compute_page__(submit, current_page): @@ -77,7 +77,7 @@ def view_resource(resource_id: uuid.UUID): def __group_roles_success__( resource, unlinked_data, users_n_roles, this_user, group_roles): - return oauth2_get("oauth2/user/list").either( + return oauth2_get("auth/user/list").either( lambda err: render_ui( "oauth2/view-resource.html", resource=resource, unlinked_data=unlinked_data, users_n_roles=users_n_roles, @@ -88,7 +88,7 @@ def view_resource(resource_id: uuid.UUID): users)) def __this_user_success__(resource, unlinked_data, users_n_roles, this_user): - return oauth2_get("oauth2/group/roles").either( + return oauth2_get("auth/group/roles").either( lambda err: render_ui( "oauth2/view-resources.html", resource=resource, unlinked_data=unlinked_data, users_n_roles=users_n_roles, @@ -97,7 +97,7 @@ def view_resource(resource_id: uuid.UUID): resource, unlinked_data, users_n_roles, this_user, groles)) def __users_n_roles_success__(resource, unlinked_data, users_n_roles): - return oauth2_get("oauth2/user/").either( + return oauth2_get("auth/user/").either( lambda err: render_ui( "oauth2/view-resources.html", this_user_error=process_error(err)), @@ -105,7 +105,7 @@ def view_resource(resource_id: uuid.UUID): resource, unlinked_data, users_n_roles, usr_dets)) def __unlinked_success__(resource, unlinked_data): - return oauth2_get(f"oauth2/resource/{resource_id}/user/list").either( + return oauth2_get(f"auth/resource/{resource_id}/user/list").either( lambda err: render_ui( "oauth2/view-resource.html", resource=resource, @@ -118,7 +118,7 @@ def view_resource(resource_id: uuid.UUID): def __resource_success__(resource): dataset_type = resource["resource_category"]["resource_category_key"] - return oauth2_get(f"oauth2/group/{dataset_type}/unlinked-data").either( + return oauth2_get(f"auth/group/{dataset_type}/unlinked-data").either( lambda err: render_ui( "oauth2/view-resource.html", resource=resource, unlinked_error=process_error(err)), @@ -127,14 +127,14 @@ def view_resource(resource_id: uuid.UUID): def __fetch_resource_data__(resource): """Fetch the resource's data.""" return client.get( - f"oauth2/resource/view/{resource['resource_id']}/data?page={page}" + f"auth/resource/view/{resource['resource_id']}/data?page={page}" f"&count_per_page={count_per_page}").either( lambda err: { **resource, "resource_data_error": process_error(err) }, lambda resdata: {**resource, "resource_data": resdata}) - return oauth2_get(f"oauth2/resource/view/{resource_id}").map( + return oauth2_get(f"auth/resource/view/{resource_id}").map( __fetch_resource_data__).either( lambda err: render_ui( "oauth2/view-resource.html", @@ -164,7 +164,7 @@ def link_data_to_resource(): flash(f"Data linked to resource successfully", "alert-success") return redirect(url_for( "oauth2.resource.view_resource", resource_id=resource_id)) - return oauth2_post("oauth2/resource/data/link", data=dict(form)).either( + return oauth2_post("auth/resource/data/link", data=dict(form)).either( __error__, __success__) except AssertionError as aserr: @@ -193,7 +193,7 @@ def unlink_data_from_resource(): return redirect(url_for( "oauth2.resource.view_resource", resource_id=resource_id)) return oauth2_post( - "oauth2/resource/data/unlink", data=dict(form)).either( + "auth/resource/data/unlink", data=dict(form)).either( __error__, __success__) except AssertionError as aserr: flash(aserr.args[0], "alert-danger") @@ -222,7 +222,7 @@ def assign_role(resource_id: uuid.UUID) -> Response: "oauth2.resource.view_resource", resource_id=resource_id)) return oauth2_post( - f"oauth2/resource/{resource_id}/user/assign", + f"auth/resource/{resource_id}/user/assign", data={ "group_role_id": group_role_id, "user_email": user_email @@ -253,7 +253,7 @@ def unassign_role(resource_id: uuid.UUID) -> Response: "oauth2.resource.view_resource", resource_id=resource_id)) return oauth2_post( - f"oauth2/resource/{resource_id}/user/unassign", + f"auth/resource/{resource_id}/user/unassign", data={ "group_role_id": group_role_id, "user_id": user_id @@ -277,7 +277,7 @@ def toggle_public(resource_id: uuid.UUID): "oauth2.resource.view_resource", resource_id=resource_id)) return oauth2_post( - f"oauth2/resource/{resource_id}/toggle-public", data={}).either( + f"auth/resource/{resource_id}/toggle-public", data={}).either( lambda err: __handle_error__(err), lambda suc: __handle_success__(suc)) diff --git a/wqflask/wqflask/oauth2/roles.py b/wqflask/wqflask/oauth2/roles.py index 652719a8..1549e105 100644 --- a/wqflask/wqflask/oauth2/roles.py +++ b/wqflask/wqflask/oauth2/roles.py @@ -28,11 +28,11 @@ def user_roles(): uprivs = tuple( privilege["privilege_id"] for role in roles for privilege in role["privileges"]) - return oauth2_get("oauth2/group/roles").either( + return oauth2_get("auth/group/roles").either( lambda err: __grerror__(roles, uprivs, err), lambda groles: __grsuccess__(roles, uprivs, groles)) - return oauth2_get("oauth2/user/roles").either( + return oauth2_get("auth/user/roles").either( request_error, __role_success__) @roles.route("/role/<uuid:role_id>", methods=["GET"]) @@ -41,7 +41,7 @@ def role(role_id: uuid.UUID): def __success__(the_role): return render_ui("oauth2/role.html", role=the_role) - return oauth2_get(f"oauth2/role/view/{role_id}").either( + return oauth2_get(f"auth/role/view/{role_id}").either( request_error, __success__) @roles.route("/create", methods=["GET", "POST"]) @@ -67,12 +67,12 @@ def create_role(): prev_role_name=request.args.get("role_name")) def __fetch_gprivs__(roles): - return oauth2_get("oauth2/group/privileges").either( + return oauth2_get("auth/group/privileges").either( lambda err: __gprivs_error__(roles, err), lambda gprivs: __success__(roles, gprivs)) if request.method == "GET": - return oauth2_get("oauth2/user/roles").either( + return oauth2_get("auth/user/roles").either( __roles_error__, __fetch_gprivs__) form = request.form @@ -92,6 +92,6 @@ def create_role(): flash("Role created successfully.", "alert-success") return redirect(url_for("oauth2.role.user_roles")) return oauth2_post( - "oauth2/group/role/create",data={ + "auth/group/role/create",data={ "role_name": role_name, "privileges[]": privileges}).either( __create_error__,__create_success__) diff --git a/wqflask/wqflask/oauth2/toplevel.py b/wqflask/wqflask/oauth2/toplevel.py index eeeb2da3..65f60067 100644 --- a/wqflask/wqflask/oauth2/toplevel.py +++ b/wqflask/wqflask/oauth2/toplevel.py @@ -51,7 +51,7 @@ def authorisation_code(): "client_id": app.config["OAUTH2_CLIENT_ID"] } return no_token_post( - "oauth2/token", data=request_data).either( + "auth/token", data=request_data).either( lambda err: __error__(process_error(err)), __success__) flash("AuthorisationError: No code was provided.", "alert-danger") return redirect("/") diff --git a/wqflask/wqflask/oauth2/ui.py b/wqflask/wqflask/oauth2/ui.py index 315aae2b..39b735fb 100644 --- a/wqflask/wqflask/oauth2/ui.py +++ b/wqflask/wqflask/oauth2/ui.py @@ -9,7 +9,7 @@ def render_ui(templatepath: str, **kwargs): """Handle repetitive UI rendering stuff.""" roles = kwargs.get("roles", tuple()) # Get roles if already provided if user_logged_in() and not bool(roles): # If not, try fetching them - roles_results = oauth2_get("oauth2/user/roles").either( + roles_results = oauth2_get("auth/user/roles").either( lambda err: {"roles_error": process_error(err)}, lambda roles: {"roles": roles}) kwargs = {**kwargs, **roles_results} diff --git a/wqflask/wqflask/oauth2/users.py b/wqflask/wqflask/oauth2/users.py index 1ff23d17..fc451b93 100644 --- a/wqflask/wqflask/oauth2/users.py +++ b/wqflask/wqflask/oauth2/users.py @@ -33,12 +33,12 @@ def user_profile(): def __roles_success__(roles): if bool(usr_dets.get("group")): return __render__(usr_dets, roles) - return oauth2_get("oauth2/user/group/join-request").either( + return oauth2_get("auth/user/group/join-request").either( lambda err: __render__( user_details, group_join_error=process_error(err)), lambda gjr: __render__(usr_dets, roles=roles, group_join_request=gjr)) - return oauth2_get("oauth2/user/roles").either( + return oauth2_get("auth/user/roles").either( lambda err: __render__(usr_dets, role_error=process_error(err)), __roles_success__) @@ -59,13 +59,13 @@ def request_add_to_group() -> Response: "alert-success") return redirect(url_for("oauth2.user.user_profile")) - return oauth2_post(f"oauth2/group/requests/join/{group_id}", + return oauth2_post(f"auth/group/requests/join/{group_id}", data=form).either(__error__, __success__) @users.route("/login", methods=["GET", "POST"]) def login(): """Route to allow users to sign up.""" - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL next_endpoint=request.args.get("next", False) if request.method == "POST": @@ -73,7 +73,7 @@ def login(): client = oauth2_client() try: token = client.fetch_token( - urljoin(GN_SERVER_URL, "oauth2/token"), + urljoin(AUTH_SERVER_URL, "auth/token"), username=form.get("email_address"), password=form.get("password"), grant_type="password") @@ -101,10 +101,10 @@ def login(): @users.route("/logout", methods=["GET", "POST"]) def logout(): - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL if user_logged_in(): resp = oauth2_client().revoke_token( - urljoin(GN_SERVER_URL, "oauth2/revoke")) + urljoin(AUTH_SERVER_URL, "auth/revoke")) the_session = session.session_info() if not bool(the_session["masquerading"]): # Normal session - clear and go back. @@ -124,7 +124,7 @@ def logout(): @users.route("/register", methods=["GET", "POST"]) def register_user(): - from utility.tools import GN_SERVER_URL + from utility.tools import AUTH_SERVER_URL if user_logged_in(): next_endpoint=request.args.get("next", "/") flash(("You cannot register a new user while logged in. " @@ -137,7 +137,7 @@ def register_user(): form = request.form response = requests.post( - urljoin(GN_SERVER_URL, "oauth2/user/register"), + urljoin(AUTH_SERVER_URL, "auth/user/register"), data = { "user_name": form.get("user_name"), "email": form.get("email_address"), @@ -160,7 +160,7 @@ def masquerade(): """Masquerade as a particular user.""" if request.method == "GET": this_user = session.session_info()["user"] - return client.get("oauth2/user/list").either( + return client.get("auth/user/list").either( lambda err: render_ui( "oauth2/masquerade.html", users_error=process_error(err)), lambda usrs: render_ui( @@ -184,7 +184,7 @@ def masquerade(): flash("You must provide a user to masquerade as.", "alert-danger") return redirect(url_for("oauth2.user.masquerade")) return client.post( - "oauth2/user/masquerade/", + "auth/user/masquerade/", json={"masquerade_as": request.form.get("masquerade_as")}).either( with_flash_error(redirect(url_for("oauth2.user.masquerade"))), __masq_success__) diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py index d2f33b71..87202170 100644 --- a/wqflask/wqflask/views.py +++ b/wqflask/wqflask/views.py @@ -160,7 +160,7 @@ def index_page(): anon_id=anon_id) return no_token_get( - f"oauth2/user/collections/{anon_id}/list").either( + f"auth/user/collections/{anon_id}/list").either( lambda err: __render__([]), __render__) @@ -522,7 +522,7 @@ def show_trait_page(): trait_id = request.args["trait_id"] return client.post( - "oauth2/data/authorisation", + "auth/data/authorisation", json={ "traits": [f"{dataset}::{trait_id}"] }).either(with_flash_error(render_template("show_trait_error.html")), |