diff options
| -rw-r--r-- | gn_auth/wsgi.py | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/gn_auth/wsgi.py b/gn_auth/wsgi.py index 7fa544c..bc90210 100644 --- a/gn_auth/wsgi.py +++ b/gn_auth/wsgi.py @@ -433,6 +433,35 @@ def create_test_oauth2_client(session_timestamp, users_file, owner_role, {"session_timestamp": session_timestamp, "client": record}, output_path) + +@app.cli.command() +@click.option("--credentials", "credentials_path", required=True, + type=click.Path(exists=True), + help="Credentials file produced by create-oauth2-client or " + "create-test-oauth2-client") +def delete_oauth2_client(credentials_path): + """Delete an OAuth2 client using a credentials file. + + Reads the client_id from the given credentials file and removes the + client and all associated tokens from the database. + """ + with open(credentials_path) as f: + data = json.load(f) + + client_id_str = data.get("client", {}).get("client_id") + if not client_id_str: + print("No client_id found in credentials file.", file=sys.stderr) + sys.exit(1) + + client_id = uuid.UUID(client_id_str) + with db.connection(app.config["AUTH_DB"]) as conn: + the_client = oauth2_client_by_id(conn, client_id) + if the_client.is_nothing(): + print(f"No client found with ID {client_id}", file=sys.stderr) + sys.exit(1) + delete_client(conn, the_client.value) + print(f"Deleted OAuth2 client {client_id}.") + ##### END: CLI Commands ##### if __name__ == '__main__': |