diff options
author | Frederick Muriuki Muriithi | 2023-09-07 15:49:00 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-10-10 11:12:40 +0300 |
commit | 0a8279891190e49867d3a1d72db0f7c7cd275646 (patch) | |
tree | 9acceecfcf2667abeaac743e4c7f5139fd5e0afd /gn3/auth/authentication/oauth2/server.py | |
parent | e4af0bbac585b46a5d6303d752cea18ca527d676 (diff) | |
download | genenetwork3-0a8279891190e49867d3a1d72db0f7c7cd275646.tar.gz |
Remove authentication from GN3
Authentication should be handled by the auth server (gn-auth) and thus, this
commit removes code handling user authentication from the GN3 system.
Diffstat (limited to 'gn3/auth/authentication/oauth2/server.py')
-rw-r--r-- | gn3/auth/authentication/oauth2/server.py | 72 |
1 files changed, 0 insertions, 72 deletions
diff --git a/gn3/auth/authentication/oauth2/server.py b/gn3/auth/authentication/oauth2/server.py deleted file mode 100644 index 7d7113a..0000000 --- a/gn3/auth/authentication/oauth2/server.py +++ /dev/null @@ -1,72 +0,0 @@ -"""Initialise the OAuth2 Server""" -import uuid -import datetime -from typing import Callable - -from flask import Flask, current_app -from authlib.oauth2.rfc6749.errors import InvalidClientError -from authlib.integrations.flask_oauth2 import AuthorizationServer -# from authlib.oauth2.rfc7636 import CodeChallenge - -from gn3.auth import db - -from .models.oauth2client import client -from .models.oauth2token import OAuth2Token, save_token - -from .grants.password_grant import PasswordGrant -from .grants.authorisation_code_grant import AuthorisationCodeGrant - -from .endpoints.revocation import RevocationEndpoint -from .endpoints.introspection import IntrospectionEndpoint - -def create_query_client_func() -> Callable: - """Create the function that loads the client.""" - def __query_client__(client_id: uuid.UUID): - # use current_app rather than passing the db_uri to avoid issues - # when config changes, e.g. while testing. - with db.connection(current_app.config["AUTH_DB"]) as conn: - the_client = client(conn, client_id).maybe( - None, lambda clt: clt) # type: ignore[misc] - if bool(the_client): - return the_client - raise InvalidClientError( - "No client found for the given CLIENT_ID and CLIENT_SECRET.") - - return __query_client__ - -def create_save_token_func(token_model: type) -> Callable: - """Create the function that saves the token.""" - def __save_token__(token, request): - with db.connection(current_app.config["AUTH_DB"]) as conn: - save_token( - conn, token_model( - token_id=uuid.uuid4(), client=request.client, - user=request.user, - **{ - "refresh_token": None, "revoked": False, - "issued_at": datetime.datetime.now(), - **token - })) - - return __save_token__ - -def setup_oauth2_server(app: Flask) -> None: - """Set's up the oauth2 server for the flask application.""" - server = AuthorizationServer() - server.register_grant(PasswordGrant) - - # Figure out a common `code_verifier` for GN2 and GN3 and set - # server.register_grant(AuthorisationCodeGrant, [CodeChallenge(required=False)]) - # below - server.register_grant(AuthorisationCodeGrant) - - # register endpoints - server.register_endpoint(RevocationEndpoint) - server.register_endpoint(IntrospectionEndpoint) - - # init server - server.init_app( - app, - query_client=create_query_client_func(), - save_token=create_save_token_func(OAuth2Token)) - app.config["OAUTH2_SERVER"] = server |