diff options
author | Frederick Muriuki Muriithi | 2023-01-21 03:27:11 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-01-21 03:27:11 +0300 |
commit | 84e8138c6111d7ddf3928c52200342180db2b205 (patch) | |
tree | 5f830dc24d8d5544041b71d6a994d2103ca8a986 /wqflask | |
parent | 220f37cb56bb7656f13286c4448c8736a30d420e (diff) | |
download | genenetwork2-84e8138c6111d7ddf3928c52200342180db2b205.tar.gz |
oauth2: Cleanup fetching of roles and groups. Update template.
Diffstat (limited to 'wqflask')
-rw-r--r-- | wqflask/wqflask/oauth2/routes.py | 37 | ||||
-rw-r--r-- | wqflask/wqflask/templates/oauth2/view-user.html | 5 |
2 files changed, 32 insertions, 10 deletions
diff --git a/wqflask/wqflask/oauth2/routes.py b/wqflask/wqflask/oauth2/routes.py index 4ba94025..5411c3c6 100644 --- a/wqflask/wqflask/oauth2/routes.py +++ b/wqflask/wqflask/oauth2/routes.py @@ -3,6 +3,7 @@ import requests from urllib.parse import urljoin from pymonad.maybe import Just, Maybe, Nothing +from pymonad.either import Left, Right, Either from authlib.integrations.requests_client import OAuth2Session from authlib.integrations.base_client.errors import OAuthError from flask import ( @@ -12,6 +13,7 @@ from flask import ( from .checks import require_oauth2, user_logged_in oauth2 = Blueprint("oauth2", __name__) +SCOPE = "profile group role resource register-client" def get_endpoint(uri_path: str) -> Maybe: token = session.get("oauth2_token", False) @@ -34,6 +36,19 @@ def get_endpoint(uri_path: str) -> Maybe: return Nothing +def oauth2_get(uri_path: str) -> Either: + token = session.get("oauth2_token") + config = app.config + client = OAuth2Session( + config["OAUTH2_CLIENT_ID"], config["OAUTH2_CLIENT_SECRET"], + token=token, scope=SCOPE) + resp = client.get( + urljoin(config["GN_SERVER_URL"], uri_path)) + if resp.status_code == 200: + return Right(resp.json()) + + return Left(resp.json()) + @oauth2.route("/login", methods=["GET", "POST"]) def login(): """Route to allow users to sign up.""" @@ -42,10 +57,9 @@ def login(): if request.method == "POST": config = app.config form = request.form - scope = "profile resource" client = OAuth2Session( config["OAUTH2_CLIENT_ID"], config["OAUTH2_CLIENT_SECRET"], - scope=scope, token_endpoint_auth_method="client_secret_post") + scope=SCOPE, token_endpoint_auth_method="client_secret_post") try: token = client.fetch_token( urljoin(config["GN_SERVER_URL"], "oauth2/token"), @@ -72,7 +86,7 @@ def logout(): config = app.config client = OAuth2Session( config["OAUTH2_CLIENT_ID"], config["OAUTH2_CLIENT_SECRET"], - scope = "profile resource", token=token) + scope = SCOPE, token=token) resp = client.revoke_token(urljoin(config["GN_SERVER_URL"], "oauth2/revoke")) keys = tuple(key for key in session.keys() if not key.startswith("_")) for key in keys: @@ -125,18 +139,25 @@ def user_profile(): __id__ = lambda the_val: the_val user_details = session.get("user_details", False) or get_endpoint( "oauth2/user").maybe(False, __id__) - roles = get_endpoint("oauth/user-roles").maybe([], __id__) + config = app.config + client = OAuth2Session( + config["OAUTH2_CLIENT_ID"], config["OAUTH2_CLIENT_SECRET"], + scope = SCOPE, token=session.get("oauth2_token")) + + roles = oauth2_get("oauth2/user-roles").either(lambda x: "Error", lambda x: x) resources = [] + groups = [] if user_details.get("group") else oauth2_get("oauth2/groups").either( + lambda x: "Error", lambda x: x) return render_template( - "oauth2/view-user.html", user_details=user_details, roles=roles, - resources=resources) + "oauth2/view-user.html", user_details=user_details, groups=groups, + roles=roles, resources=resources) -@oauth2.route("/request-add-to-group") +@oauth2.route("/request-add-to-group", methods=["POST"]) @require_oauth2 def request_add_to_group(): return "WOULD SEND MESSAGE TO HAVE YOU ADDED TO GROUP..." -@oauth2.route("/create-group") +@oauth2.route("/create-group", methods=["POST"]) @require_oauth2 def create_group(): return "WOULD CREATE A NEW GROUP..." diff --git a/wqflask/wqflask/templates/oauth2/view-user.html b/wqflask/wqflask/templates/oauth2/view-user.html index 5415ba6e..2d5270d9 100644 --- a/wqflask/wqflask/templates/oauth2/view-user.html +++ b/wqflask/wqflask/templates/oauth2/view-user.html @@ -28,7 +28,7 @@ <legend>Request to be added to group</legend> <div class="form-group"> <label class="control-label" for="group">Group</label> - <select class="form-control" id="group"> + <select class="form-control" id="group" required="required"> <option value="">Select a group</option> {%for group in groups%} <option value="{{group.group_id}}">{{group.group_name}}</option> @@ -47,7 +47,8 @@ <legend>Create a new group</legend> <div class="form-group"> <label class="control-label" for="group_name">Group Name</label> - <input type="text" class="form-control" id="group_name" name="group_name" /> + <input type="text" class="form-control" id="group_name" name="group_name" + required="required" /> </div> <div class="form-group"> <input type="submit" value="Create Group" class="btn btn-primary" /> |