diff options
| -rw-r--r-- | gn3/auth/authorisation/users/admin/views.py | 43 | ||||
| -rw-r--r-- | gn3/templates/admin/list-oauth2-clients.html | 4 | ||||
| -rw-r--r-- | gn3/templates/admin/view-oauth2-client.html | 75 |
3 files changed, 119 insertions, 3 deletions
diff --git a/gn3/auth/authorisation/users/admin/views.py b/gn3/auth/authorisation/users/admin/views.py index 11152d2..c199b9f 100644 --- a/gn3/auth/authorisation/users/admin/views.py +++ b/gn3/auth/authorisation/users/admin/views.py @@ -24,7 +24,8 @@ from gn3.auth.db_utils import with_db_connection from gn3.auth.authentication.oauth2.models.oauth2client import ( save_client, OAuth2Client, - oauth2_clients) + oauth2_clients, + client as oauth2_client) from gn3.auth.authentication.users import ( User, user_by_id, @@ -169,3 +170,43 @@ def list_clients(): return render_template( "admin/list-oauth2-clients.html", clients=with_db_connection(oauth2_clients)) + +@admin.route("/view-client/<uuid:client_id>", methods=["GET"]) +@is_admin +def view_client(client_id: uuid.UUID): + """View details of OAuth2 client with given `client_id`.""" + return render_template( + "admin/view-oauth2-client.html", + client=with_db_connection(partial(oauth2_client, client_id=client_id)), + scope=current_app.config["OAUTH2_SCOPE"]) + +@admin.route("/edit-client", methods=["POST"]) +@is_admin +def edit_client(): + """Edit the details of the given client.""" + form = request.form + the_client = with_db_connection(partial( + oauth2_client, client_id=uuid.UUID(form["client_id"]))) + if the_client.is_nothing(): + flash("No such client.", "alert-error") + return redirect(url_for("oauth2.admin.list_clients")) + the_client = the_client.value + client_metadata = { + **the_client.client_metadata, + "default_redirect_uri": form["default_redirect_uri"], + "redirect_uris": list(set( + [form["default_redirect_uri"]] + + form["other_redirect_uris"].split("\r\n"))), + "grants": form.getlist("grants[]"), + "scope": form.getlist("scope[]") + } + with_db_connection(partial(save_client, the_client=OAuth2Client( + the_client.client_id, + the_client.client_secret, + the_client.client_id_issued_at, + the_client.client_secret_expires_at, + client_metadata, + the_client.user))) + flash("Client updated.", "alert-success") + return redirect(url_for("oauth2.admin.view_client", + client_id=the_client.client_id)) diff --git a/gn3/templates/admin/list-oauth2-clients.html b/gn3/templates/admin/list-oauth2-clients.html index f6bbcb2..02f73d4 100644 --- a/gn3/templates/admin/list-oauth2-clients.html +++ b/gn3/templates/admin/list-oauth2-clients.html @@ -8,7 +8,7 @@ <h1>Genenetwork3: OAuth2 Clients</h1> <table> - <legend>List of registered OAuth2 clients</legend> + <caption>List of registered OAuth2 clients</caption> <thead> <tr> <th>Client ID</th> @@ -27,7 +27,7 @@ <td>{{client.client_metadata.default_redirect_uri}}</td> <td>{{client.user.name}} ({{client.user.email}})</td> <td> - <a href="#{{client.client_id}}" + <a href="{{url_for('oauth2.admin.view_client', client_id=client.client_id)}}" title"View/Edit client {{client.client_metadata.client_name}}"> View/Edit </a> diff --git a/gn3/templates/admin/view-oauth2-client.html b/gn3/templates/admin/view-oauth2-client.html new file mode 100644 index 0000000..d5d4b2b --- /dev/null +++ b/gn3/templates/admin/view-oauth2-client.html @@ -0,0 +1,75 @@ +{%extends "base.html"%} + +{%block title%}Genenetwork3: View OAuth2 Client{%endblock%} + +{%block content%} +{{flash_messages()}} + +<h1>Genenetwork3: View OAuth2 Client</h1> + +{%if client.is_nothing()%} +<p>No such client</p> +{%else%} +{%set client = client.value%} +<form method="POST" action="{{url_for('oauth2.admin.edit_client')}}"> + <legend>View/Edit Oauth2 Client</legend> + <input type="hidden" name="client_id" value="{{client.client_id}}" /> + <div> + <p><strong>Client ID: <strong> {{client.client_id}}</p> + <p><strong>Client Name: <strong> {{client.client_metadata.client_name}}</p> + </div> + <fieldset> + <legend>Scope</legend> + {%for scp in scope%} + <input name="scope[]" id="chk:{{scp}}" type="checkbox" value="{{scp}}" + {%if scp in client.client_metadata.scope%} + checked="checked" + {%endif%} /> + <label for="chk:{{scp}}">{{scp}}</label><br /> + {%endfor%} + </fieldset> + + <fieldset> + <legend>Redirect URIs</legend> + <label for="txt:default-redirect-uri">Default Redirect URI</label> + <br /> + <input type="text" name="default_redirect_uri" id="txt:default-redirect-uri" + value="{{client.client_metadata.default_redirect_uri}}" + required="required"> + <br /><br /> + + <label for="txta:other-redirect-uris">Other Redirect URIs</label> + <br /> + <textarea id="txta:other-redirect-uris" + name="other_redirect_uris" + cols="80" rows="10" + title="Enter one URI per line." + >{{"\r\n".join(client.client_metadata.redirect_uris)}}</textarea> + </fieldset> + + <fieldset> + <legend>Grants</legend> + <input name="grants[]" + type="checkbox" + value="authorization_code" + id="chk:authorization-code" + {%if "authorization_code" in client.client_metadata.grant_types%} + checked="checked" + {%endif%} /> + <label for="chk:authorization-code">Authorization Code</label> + <br /><br /> + + <input name="grants[]" + type="checkbox" + value="refresh_token" + id="chk:refresh-token" + {%if "refresh_token" in client.client_metadata.grant_types%} + checked="checked" + {%endif%} /> + <label for="chk:refresh-token">Refresh Token</label> + </fieldset> + + <input type="submit" value="update client" /> +</form> +{%endif%} +{%endblock%} |