diff options
Diffstat (limited to 'gn3')
| -rw-r--r-- | gn3/app.py | 2 | ||||
| -rw-r--r-- | gn3/auth/authentication/oauth2/views.py | 15 | ||||
| -rw-r--r-- | gn3/auth/authorisation/views.py | 17 |
3 files changed, 19 insertions, 15 deletions
@@ -19,7 +19,7 @@ from gn3.api.async_commands import async_commands from gn3.api.menu import menu from gn3.api.search import search from gn3.api.metadata import metadata -from gn3.auth.authentication.oauth2.views import oauth2 +from gn3.auth.authorisation.views import oauth2 from gn3.auth.authentication.oauth2.server import setup_oauth2_server diff --git a/gn3/auth/authentication/oauth2/views.py b/gn3/auth/authentication/oauth2/views.py index 7d0d7dd..58fa6d4 100644 --- a/gn3/auth/authentication/oauth2/views.py +++ b/gn3/auth/authentication/oauth2/views.py @@ -1,9 +1,8 @@ """Endpoints for the oauth2 server""" import uuid -from flask import jsonify, Blueprint, current_app as app +from flask import Blueprint, current_app as app -from .resource_server import require_oauth from .endpoints.revocation import RevocationEndpoint from .endpoints.introspection import IntrospectionEndpoint @@ -41,15 +40,3 @@ def introspect_token(): """Provide introspection information for the token.""" return app.config["OAUTH2_SERVER"].create_endpoint_response( IntrospectionEndpoint.ENDPOINT_NAME) - -@oauth2.route("/user") -@require_oauth("profile") -def user_details(): - """Return user's details.""" - with require_oauth.acquire("profile") as the_token: - user = the_token.user - return jsonify({ - "user_id": user.user_id, - "email": user.email, - "name": user.name - }) diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py index 2a419af..3e9d9b9 100644 --- a/gn3/auth/authorisation/views.py +++ b/gn3/auth/authorisation/views.py @@ -2,10 +2,27 @@ from flask import jsonify, current_app from gn3.auth import db +from .groups import user_group from .roles import user_roles as _user_roles from ..authentication.oauth2.views import oauth2 from ..authentication.oauth2.resource_server import require_oauth +@oauth2.route("/user") +@require_oauth("profile") +def user_details(): + """Return user's details.""" + with require_oauth.acquire("profile") as the_token: + user = the_token.user + with db.connection(current_app.config["AUTH_DB"]) as conn, db.cursor(conn) as cursor: + group = user_group(cursor, user) + + return jsonify({ + "user_id": user.user_id, + "email": user.email, + "name": user.name, + "group": group.maybe(False, lambda grp: grp) + }) + @oauth2.route("/user-roles") @require_oauth def user_roles(): |