aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gn3/app.py2
-rw-r--r--gn3/auth/authentication/oauth2/views.py15
-rw-r--r--gn3/auth/authorisation/views.py17
3 files changed, 19 insertions, 15 deletions
diff --git a/gn3/app.py b/gn3/app.py
index b776351..cf88b2e 100644
--- a/gn3/app.py
+++ b/gn3/app.py
@@ -19,7 +19,7 @@ from gn3.api.async_commands import async_commands
from gn3.api.menu import menu
from gn3.api.search import search
from gn3.api.metadata import metadata
-from gn3.auth.authentication.oauth2.views import oauth2
+from gn3.auth.authorisation.views import oauth2
from gn3.auth.authentication.oauth2.server import setup_oauth2_server
diff --git a/gn3/auth/authentication/oauth2/views.py b/gn3/auth/authentication/oauth2/views.py
index 7d0d7dd..58fa6d4 100644
--- a/gn3/auth/authentication/oauth2/views.py
+++ b/gn3/auth/authentication/oauth2/views.py
@@ -1,9 +1,8 @@
"""Endpoints for the oauth2 server"""
import uuid
-from flask import jsonify, Blueprint, current_app as app
+from flask import Blueprint, current_app as app
-from .resource_server import require_oauth
from .endpoints.revocation import RevocationEndpoint
from .endpoints.introspection import IntrospectionEndpoint
@@ -41,15 +40,3 @@ def introspect_token():
"""Provide introspection information for the token."""
return app.config["OAUTH2_SERVER"].create_endpoint_response(
IntrospectionEndpoint.ENDPOINT_NAME)
-
-@oauth2.route("/user")
-@require_oauth("profile")
-def user_details():
- """Return user's details."""
- with require_oauth.acquire("profile") as the_token:
- user = the_token.user
- return jsonify({
- "user_id": user.user_id,
- "email": user.email,
- "name": user.name
- })
diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py
index 2a419af..3e9d9b9 100644
--- a/gn3/auth/authorisation/views.py
+++ b/gn3/auth/authorisation/views.py
@@ -2,10 +2,27 @@
from flask import jsonify, current_app
from gn3.auth import db
+from .groups import user_group
from .roles import user_roles as _user_roles
from ..authentication.oauth2.views import oauth2
from ..authentication.oauth2.resource_server import require_oauth
+@oauth2.route("/user")
+@require_oauth("profile")
+def user_details():
+ """Return user's details."""
+ with require_oauth.acquire("profile") as the_token:
+ user = the_token.user
+ with db.connection(current_app.config["AUTH_DB"]) as conn, db.cursor(conn) as cursor:
+ group = user_group(cursor, user)
+
+ return jsonify({
+ "user_id": user.user_id,
+ "email": user.email,
+ "name": user.name,
+ "group": group.maybe(False, lambda grp: grp)
+ })
+
@oauth2.route("/user-roles")
@require_oauth
def user_roles():